Privacy Policy

Last updated: 7 April 2026

1. Who we are

Wandle Labs Ltd is the data controller for personal data processed in connection with LogRhino. LogRhino is a product and brand of Wandle Labs Ltd.

Company details: Wandle Labs Ltd is registered in England and Wales (company number 17119126), incorporated on 26 March 2026. Registered office: 167-169 Great Portland Street, 5th Floor, London, United Kingdom, W1W 5PF.

In this policy, "LogRhino", "we", "us", and "our" mean Wandle Labs Ltd unless the context requires otherwise.

For questions about this policy or how we use personal data, contact us at hello@logrhino.com.

2. Scope of this policy

This policy explains how we collect, use, store, and share personal data when you use the LogRhino website, dashboard, public logging pages, and related services.

This policy applies to personal data relating to users of the platform, administrators, managers, workers, contractors, staff, and people who submit logs through public LogRhino pages.

3. Personal data we collect

We may collect the following categories of personal data:

Account and identity data

• Name
• Email address
• Phone number
• Country
• Language preference
• Authentication-related identifiers
• Organisation and role or membership details

Service and usage data

• Log entries submitted through the platform
• Notes, comments, responses, and status updates entered into the service
• Where your organisation enables it, photographs taken from the device when submitting a log (for example to show a completed task or an issue). These images are stored for authorised users in your organisation to view in the dashboard; they are not shown on the public logging page’s activity list
• Timestamps and activity history
• When someone submits a log via the public logging page, we store limited technical metadata derived from the request (approximate country and edge location code from our hosting provider, and a truncated web browser user-agent string) for abuse detection and security. We retain this on the log record for our internal investigations; it is not displayed in your organisation’s LogRhino dashboard.
• Broader technical and request metadata from use of our website, dashboard, and API (including for security, reliability, and rate limiting)
• Diagnostic, error, and performance data from our website, dashboard, and API (for example through Sentry), which may include technical metadata, application context, and in some cases limited personal data if it appears in an error or diagnostic payload

Billing and payment data

• Billing contact details and organisation name associated with a paying customer
• Subscription plan, billing history, and related records we hold for accounting and service access
• Payment card and payment method details as collected and processed by Stripe when you pay us; we use Stripe as our payment processor and do not store full payment card numbers on our own systems

Configuration and operational data

• Organisation settings
• Log point configuration
• Schedules, assignments, permissions, and related operational records

Support and communications data

• Messages you send to us
• Support requests and related correspondence
• Email delivery and communication records, such as whether a service email was sent or delivered

We do not intentionally collect special category personal data through LogRhino, and users should not upload or submit unnecessary sensitive personal information into the service.

Photos: Images submitted with logs may capture people, workplaces, or other identifiable details. Organisations choose whether to allow or require photos. If you submit a photo, you should assume your organisation will be able to see it. Only capture what is appropriate for your workplace and applicable law.

4. How we collect personal data

We collect personal data:

• Directly from you, for example when you create an account, sign in, submit a log, configure a log point, update your profile, or contact us
• From your organisation, where an administrator invites you to use LogRhino
• Automatically through your use of the service, such as service logs and technical request data
• From service providers we use to operate the platform, such as authentication, infrastructure, payment processing, error and performance monitoring, and email delivery providers

5. How we use personal data

We use personal data to:

• Provide, operate, and maintain LogRhino
• Create and manage user accounts, authentication, and access controls
• Record, display, and manage logs, checks, schedules, and related operational activity
• Provide customer support and respond to enquiries
• Monitor, secure, troubleshoot, and improve the platform (including through error and performance monitoring tools)
• Detect, investigate, and help prevent abuse, fraud, and security incidents affecting the service
• Process payments, manage subscriptions and billing, and meet related accounting and legal obligations
• Send service-related communications, such as account verification, invitations, passwordless sign-in, reminders, alerts, and operational notifications
• Store language and country preferences so we can tailor communications and service experience where relevant
• Comply with legal obligations and protect our rights, users, and service

6. Lawful bases for processing

Where UK GDPR applies, we rely on one or more of the following lawful bases:

• Contract: where processing is necessary to provide the service you or your organisation have requested
• Legitimate interests: where processing is necessary for running, securing, supporting, and improving LogRhino, provided those interests are not overridden by your rights
• Legal obligation: where processing is necessary for compliance with applicable law
• Consent: where we specifically ask for and rely on consent

7. Who we share personal data with

We may share personal data with:

• Your organisation and its authorised administrators, managers, and users, where relevant to the operation of the service
• Service providers who help us operate LogRhino
• Professional advisers, regulators, law enforcement, or courts where required or appropriate
• A buyer, investor, or successor in connection with a business transaction, subject to appropriate confidentiality protections

Some security and abuse-prevention metadata associated with public log submissions is used for LogRhino’s internal operations and is not exposed to customer organisations through the product interface (for example the dashboard).

Our current core service providers include:

• Clerk for authentication and user management
• Cloudflare for hosting, infrastructure, database, and (where used) object storage for log images
• Resend for transactional email delivery
• Stripe for payment processing and subscription billing (Stripe may process billing contact details and payment information in accordance with its terms and privacy policy)
• Sentry for error reporting, performance monitoring, and operational diagnostics (which may involve technical data and limited personal data in diagnostic payloads)

These providers process data on our behalf under their own terms and privacy policies, and (where applicable) data processing or sub-processor arrangements.

8. International transfers and data location

We use third-party infrastructure providers that may process or store personal data in the UK, EEA, United States, and other jurisdictions where they or their sub-processors operate.

We take reasonable steps to ensure that personal data transferred internationally is protected by appropriate safeguards where required by applicable law.

Unless we explicitly state otherwise in writing, LogRhino does not currently guarantee that all service data will be stored exclusively in the UK or exclusively in the EEA.

9. Cookies and similar technologies

To provide LogRhino, Wandle Labs Ltd uses cookies and similar technologies that are strictly necessary for the service to work, including authentication, sessions, security, and core site operations.

We may use similar technical measures in email and messaging workflows where needed for account access, invitations, verification, and other transactional notices.

We do not use advertising cookies today.

If we add analytics or other non-essential cookies that require consent under applicable law, we will update this policy and provide a clear way to manage consent.

10. Data retention

We keep personal data for as long as reasonably necessary for the purposes described in this policy, including to provide the service, maintain security, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention periods may vary depending on the type of data, the needs of the customer organisation, legal requirements, and operational necessity.

Log images are automatically deleted after a retention period chosen in the organisation’s settings (for example 7 to 365 days). After that, the image file is removed from storage and is no longer available in the dashboard.

When we no longer need personal data, we may delete it, anonymise it, or securely isolate it from active use where appropriate.

11. Security

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Your rights

Depending on your location and the law that applies, you may have rights including the right to:

• Request access to your personal data
• Request correction of inaccurate or incomplete personal data
• Request deletion of your personal data
• Request restriction of processing
• Object to certain processing
• Request transfer of your personal data in a portable format, where applicable
• Withdraw consent where we rely on consent

To exercise any of these rights, please contact hello@logrhino.com.

13. Complaints

If you have concerns about how we handle personal data, contact us at hello@logrhino.com first so we can try to put things right.

If you are in the UK, you may also complain to the Information Commissioner's Office (ICO). We will cooperate with the ICO where required.

14. Children's privacy

LogRhino is intended for business and organisational use and is not directed to children.

We do not knowingly collect personal data directly from children through the service.

15. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the "Last updated" date above.