Last updated: 7 March 2026
RLC Online Notary is operated by a qualified UK solicitor/notary. We are the Data Controller for the personal data you provide when using this service.
Contact: info@regallawcentre.com
We are registered with the Information Commissioner's Office (ICO) as required under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Notarisation requires us to verify your identity. During your video appointment, the notary will ask you to present:
We do not retain copies of your identity documents unless a specific notarial act requires it. The notary will record confirmation of identity verification in our secure system, but your ID image itself is not stored on our platform.
These are stored encrypted and outside our public web server.
Payments are processed by Stripe. We do not see or store your card number, CVV, or bank details. Stripe may retain payment data subject to their own privacy policy.
We retain: payment amount, date, and a transaction reference for accounting purposes.
| Processing Activity | Legal Basis (UK GDPR Article 6) |
|---|---|
| Creating and managing your account | Article 6(1)(b) — Performance of a contract |
| Processing your order and document | Article 6(1)(b) — Performance of a contract |
| Processing payment | Article 6(1)(b) — Performance of a contract |
| Verifying your identity (video appointment) | Article 6(1)(b) — Performance of a contract |
| Retaining records for legal/regulatory obligations | Article 6(1)(c) — Legal obligation |
| Security audit logs (fraud prevention, security) | Article 6(1)(f) — Legitimate interests |
Special category data (identity document review): processed under Article 9(2)(g) — substantial public interest (notarial acts have legal effect) and with your explicit consent.
We will never sell your personal data to third parties.
We share the minimum necessary data with the following trusted processors. All processors are contractually bound to process data only on our instructions.
| Processor | Purpose | Location |
|---|---|---|
| Stripe, Inc. | Payment processing | US (adequacy / Standard Contractual Clauses) |
| Google LLC (Workspace) | Video appointments (Google Meet) and email | US (adequacy / Standard Contractual Clauses) |
| Hosting provider | Web server and file storage | UK/EU |
We do not transfer personal data to any other third parties unless required by law (e.g. a court order or regulatory investigation).
Some of our processors (Stripe, Google) are based in the United States. Transfers to these organisations are protected by the UK-US Data Bridge and/or Standard Contractual Clauses (SCCs) approved under UK GDPR.
| Data Type | Retention Period | Reason |
|---|---|---|
| Notarised documents and order records | 2 years from completion | Legal requirement for notarial records |
| Payment records | 7 years | UK tax and accounting obligations |
| Security audit logs | 2 years | Fraud prevention / legitimate interests |
| Account data (inactive accounts) | 3 years after last activity | Legitimate interests (reactivation / dispute resolution) |
After the relevant retention period, your data is securely and permanently deleted from our systems.
You have the following rights regarding your personal data:
You can request a copy of the personal data we hold about you (a Subject Access Request). We will respond within one calendar month.
If any data we hold about you is inaccurate or incomplete, you can ask us to correct it.
You can ask us to delete your personal data. We will honour this request except where we are required to retain data by law (e.g. notarial records for 2 years, financial records for 7 years).
To submit an erasure request, please use our Data Erasure Request page (requires login) or email info@regallawcentre.com.
You can ask us to temporarily restrict processing of your data in certain circumstances.
Where processing is based on your consent or a contract, and is carried out by automated means, you have the right to receive your data in a structured, machine-readable format.
You can object to processing based on legitimate interests. We will cease processing unless we have compelling legitimate grounds that override your interests.
We do not use automated decision-making or profiling that produces legal effects.
To exercise any of your rights, please contact us at: info@regallawcentre.com
We may need to verify your identity before fulfilling any request. We aim to respond to all legitimate requests within one calendar month. If a request is complex or numerous, we may extend this by a further two months and will notify you accordingly.
We do not charge a fee for exercising your rights unless a request is manifestly unfounded, excessive, or repetitive.
We use only strictly necessary cookies required to operate the service:
PHPSESSID) — keeps you logged in during
your session. Expires when you close your browser or after 30 minutes of inactivity.
HTTPOnly, Secure, SameSite=Lax (to support secure payment redirects).
We do not use advertising cookies, tracking cookies, or any third-party analytics that process personal data.
We take security seriously and have implemented appropriate technical and organisational measures to protect your personal data, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the ICO within 72 hours of becoming aware of it.
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
We would, however, welcome the opportunity to address your concerns directly before you approach the ICO. Please contact us first at info@regallawcentre.com.
We may update this Privacy Notice from time to time. When we make significant changes, we will notify registered users by email. The "Last updated" date at the top of this page will always reflect the most recent version.
RLC Online Notary — UK GDPR Compliant — info@regallawcentre.com