Dappological Ltd Privacy Policy

Last updated: 14 February 2026

1. Introduction

Dappological Ltd (“we”, “us”, “our”) develops and publishes software for macOS and iOS.

This Privacy Policy explains what personal information we collect, how we use it, who we share it with, how long we keep it, and the rights you have.

2. What information we collect

We aim to collect as little personal information as possible.

• Support communications: if you contact us (for example by email), we will receive your email address and any information you include in your message.
• Fraud prevention data sent to HMRC: when our software calls HMRC’s APIs, we must send transaction monitoring / fraud prevention header data. This header data may include information that can be personal data (for example, device and network-related details). We send this data to HMRC as part of the API request, and we do not use it for marketing.
• Data you enter into the app: figures you enter or import (for example from a spreadsheet) are used to help you prepare submissions. Unless you use a feature that explicitly uploads data to our servers, this data remains on your device.
• Website usage and advertising data (cookies and similar technologies): when you visit our website, we (and our partners) may collect information such as the pages you view, the time and date of your visit, the URL you came from, your IP address, device and browser information, and cookie / advertising identifiers. This information may be collected using cookies, pixels, and similar technologies.

We do not intentionally collect special category data (such as health information) and we do not knowingly collect information from children.

3. How we use your information

• To provide the software and related functionality.
• To operate, maintain, and improve our website (for example, understanding which pages are visited and how the site is used).
• To measure the effectiveness of our advertising and, where you choose to allow it, to help show our ads to people who may be interested (for example, through retargeting / custom audiences).
• To respond to support requests and communicate with you about your query.
• To meet legal and regulatory requirements (including HMRC API requirements).
• To protect our users and our service (for example, to prevent abuse and keep the service secure).

4. Our legal bases for processing (UK GDPR)

• Performance of a contract: to provide the app’s functionality you request.
• Legal obligation: where we must process certain data to meet legal or regulatory requirements (for example, HMRC API requirements).
• Legitimate interests: to maintain the security and integrity of our software and to handle support efficiently (balanced against your rights).
• Consent (where applicable): for non-essential cookies and similar technologies used for website analytics and advertising (including the Meta Pixel), we rely on your consent where required. You can withdraw or change your choices at any time using our cookie settings (see section 13 below).

5. How we share your information

We do not sell your personal information.

• HMRC: fraud prevention header data is sent to HMRC as part of API calls. HMRC processes that data under its own privacy and security arrangements. HMRC has published information about its transaction monitoring / fraud prevention approach; see the HMRC DPIA document linked from this page.
• Service providers: we may use trusted service providers to operate our website and email. They process personal information only on our instructions and for the purposes described in this policy.
• Website partners (cookies / pixels): if you consent to non-essential cookies, our website may share limited information with providers such as Google (via Google Tag Manager) and Meta Platforms, Inc. (via the Meta Pixel) to help us measure website traffic and advertising effectiveness and (where enabled) build audiences for advertising. These providers may process information under their own privacy policies.
• Legal reasons: we may disclose information if required by law, or to protect our rights, users, or the public.

6. International transfers

Some of our service providers and website partners (for example, Google and Meta) may process personal information outside the UK. Where required, we use appropriate safeguards for international transfers (for example, the UK International Data Transfer Agreement / Addendum and appropriate technical and organisational measures).

7. Data retention

We keep personal information only for as long as necessary for the purposes described in this policy:

• Support emails: retained for as long as needed to deal with your request and for our records.
• Fraud prevention header data: transmitted to HMRC as part of the API call and not retained by us as part of our own records.
• Website analytics / advertising data: retained in aggregated or event form in our website partners’ systems for periods they control, and in our own records only as long as necessary for reporting and compliance. You can limit this by rejecting non-essential cookies.

8. Security

We use appropriate technical and organisational measures to protect information. No method of transmission or storage is 100% secure, but we work to protect data against unauthorised access, loss, or misuse.

9. Your rights

Depending on your circumstances, you may have rights to access, correct, delete, or restrict the use of your personal information, and to object to certain processing. You may also have the right to complain to the UK Information Commissioner’s Office (ICO).

10. Requests to delete your information

If you want us to delete personal information we hold about you (for example, support correspondence), email info@mtd.tax with “Privacy Request” in the subject line and enough detail for us to identify your request.

11. Changes to this policy

If we make material changes, we will update this page. Where appropriate, we may also provide notice within the app or on our website.

12. Contact us

If you have questions about this policy, contact us at info@mtd.tax.

13. Cookies, Google Tag Manager, and the Meta Pixel

Our website uses cookies and similar technologies. Some are strictly necessary for the site to work; others help us understand how the site is used and measure advertising.

• Google Tag Manager: we use Google Tag Manager to manage website tags. Tag Manager itself is a delivery mechanism; depending on your cookie choices it may load other tags.
• Meta Pixel: we use the Meta Pixel to measure the performance of our advertising and, where enabled and you consent, to build audiences (for example, retargeting). The Meta Pixel may set or read cookies and send information about your visit to Meta.

Your choices: you can accept or reject non-essential cookies when you first visit the site, and you can change your choices at any time by using our cookie settings link (if shown on the site) or by adjusting your browser settings to block or delete cookies. If you reject non-essential cookies, we will not use those cookies for analytics and advertising.

Do Not Track: some browsers offer a “Do Not Track” feature. There is no common industry standard for responding to DNT signals, so we do not respond to them in a uniform way.

HMRC transaction monitoring / fraud prevention DPIA: view document.