OREZIA PRIVACY POLICY

Last updated: [07/12/2025]


1. Introduction

Orezia (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect information when you:

  • visit our website (orezia.app)

  • create an account on the Orezia app

  • join our waitlist

  • complete surveys or forms

  • interact with our service (including bill management, switching suggestions, savings insights)

This Privacy Policy applies whether you are a website visitor, waitlist member, or registered app user.

By using Orezia, you agree to the practices described in this Privacy Policy.


2. Who We Are

Orezia Limited

(Awaiting incorporation.)

We operate as a UK data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

You may contact us at:

📧 hello@orezia.app


3. Personal Data We Collect

We collect personal data in several categories:

A. Information you provide to us

1. Account creation

  • Name

  • Email address

  • Password (encrypted & hashed)

  • Contact details

  • Address (for bill lookup accuracy)

2. Waitlist registration

  • Name

  • Email

  • Optional preferences

3. Survey responses

  • Household bill types

  • Switching habits

  • Demographic data (non-required)

  • Pain points and usage patterns

4. Customer support interactions

  • Emails

  • Messages

  • Feedback

B. Information collected automatically

When you visit the Orezia website or app, we automatically collect:

  • IP address

  • Device identifiers

  • Browser type

  • Operating system

  • Usage analytics

  • Cookies (functional, necessary, optional analytics)

We do not collect advertising cookies unless you explicitly opt in.

C. Information collected when using the Orezia app

1. Bills and tariffs (manual or automated entry)

  • Bill amounts

  • Provider names

  • Tariff details

  • Payment frequencies

  • Renewal dates

  • Switching history

  • Savings insights

2. Switching workflows

When you agree to switch providers using the Orezia app, we may process:

  • Your address

  • Meter information (if applicable)

  • Contract end dates

  • Provider preference metrics

3. Financial insight data

We may process non-sensitive financial behavioural data strictly for:

  • Spend forecasting

  • Bill predictability

  • Saving opportunities

We never access your bank account or payment methods unless you explicitly authorise a regulated Open Banking flow (future optional feature).


4. How We Use Your Data

We use your data to:

  • Provide and maintain the Orezia service

  • Manage your account and preferences

  • Offer personalised bill insights

  • Suggest switching opportunities

  • Forecast savings

  • Communicate service updates

  • Improve our algorithms, UX and offerings

  • Analyse aggregated usage trends

  • Perform fraud or misuse checks

Legal bases under UK GDPR:

  • Contract — providing the Orezia service you signed up for

  • Consent — waitlist, emails, surveys

  • Legitimate interests — product improvement, fraud prevention

  • Legal obligation — recordkeeping, tax, compliance

We do not use your data for automated decision-making that has legal effects.


5. Sharing Your Data

We may share your data with trusted third parties who help us operate Orezia:

Examples of processors

  • Cloud hosting providers

  • Email delivery services

  • Analytics tools (with anonymisation where possible)

  • Switching partners or API aggregators (e.g., energy or broadband switching platforms)

  • Form providers (e.g., Microsoft Forms, Typeform)

  • Customer support tools

They act solely under our instructions and cannot use your data for their own purposes.

We never sell your data.


6. International Data Transfers

If personal data is transferred outside the UK or EEA, we ensure adequate safeguards such as:

  • UK Addendum

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions


7. Data Retention

We retain personal data only for as long as needed for:

  • Providing services

  • Legal and regulatory obligations

  • Resolving disputes

  • Internal analytics

Typical retention periods:

  • Waitlist data: until unsubscribed

  • Account data: while account is active + up to 6 years

  • Survey data: aggregated indefinitely (personal identifiers removed when no longer needed)


8. Your Rights

Under UK GDPR, you may request:

  • Access to your data

  • Correction of inaccuracies

  • Erasure of data (“Right to be forgotten”)

  • Restriction of processing

  • Objection to processing

  • Withdrawal of consent

  • Portability (copy of your data)

To exercise these rights, contact:

📧 hello@orezia.app

We will respond within one calendar month.


9. Children’s Privacy

Orezia is not intended for users under the age of 16.

We do not knowingly collect data from children.

If we learn that data was collected from a minor, we will delete it promptly.


10. Security Measures

We use:

  • Encryption in transit (HTTPS)

  • Encrypted password storage

  • Access controls

  • Secure backups

  • Monitoring for misuse

  • Data minimisation practices

    No system is 100% secure, but we take industry-standard precautions.


11. Cookies

We use:

  • Essential cookies (required for the site to function)

  • Analytics cookies (with consent)

  • No advertising cookies by default


12. Updates to This Policy

This policy may be updated as Orezia evolves.

Significant changes will be communicated via email or the app.


13. Contact Us

If you have questions, concerns, or requests:


📧 hello@orezia.app

(Orezia Limited — full company address to be inserted post-incorporation)