Privacy Policy for Web Cashflow Forecast

Last updated: March 2026

This Privacy Policy explains how Christopher J Bell (“I”, “me”, “my”) collects, uses, stores, and protects your personal data when you use the Web Cashflow Forecasting web application (“the Service”).

I am committed to ensuring that your privacy is protected and that your personal information is handled in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

Christopher J Bell
Yew Tree Barn,
Chilson, Chipping Norton,
OX7 3HU

2. Personal Data I Collect

2.1 Account Information

  • Email address (provided through Azure Entra External ID authentication)
  • Azure Entra External ID unique identifier (used as your account identifier)

2.1.1 Azure Entra External ID Authentication

Web Cashflow Forecast uses Azure Entra External ID to manage user authentication. This means that your login credentials and identity details are handled directly by Microsoft, and not stored by Web Cashflow Forecast itself. When you sign in, Microsoft provides a secure unique identifier and your email address so that I can create and maintain your user account. If you choose to close your Web Cashflow Forecast account, I delete all data associated with your Azure Entra ID within the 30–60 day retention window described in this policy. However, your Azure Entra ID remains part of Microsoft’s identity platform and is governed by Microsoft’s own terms and privacy policy. If you wish to delete or manage your Azure Entra ID, you must do so through your own Microsoft account settings, as Web Cashflow Forecast does not control the lifecycle of your Microsoft identity.

2.2 User-Entered Financial Data

  • Financial information that you enter into the Service (e.g., income, expenditure, scenarios, forecasts).

This data is only linked to your Azure Entra External ID and email address. You choose what data to enter.

2.3 No Additional Personal Information

I do not collect names, addresses, phone numbers, demographic information, or any unnecessary personal data.

3. How Your Data Is Used

I use your data only for the following lawful purposes:

3.1 To Provide the Service

  • Creating and managing your user account
  • Allowing you to access, store, and manage financial information within the app

Lawful basis: Performance of contract

3.2 To Communicate With You

Only functional (non‑marketing) messages:

  • Welcome messages
  • Account/security notifications
  • Subscription renewal reminders
  • Important service updates

Lawful basis: Legitimate interests and/or Performance of contract

3.3 Payments

Payments are processed by Stripe.

  • I do not receive or store any payment card information.
  • Stripe may collect billing details directly from you.

Lawful basis: Performance of contract

3.4 Security and Fraud Prevention

Azure Entra External ID authentication ensures secure access control.

Lawful basis: Legitimate interests

4. Cookies and Tracking Technologies

The Service uses only essential cookies required for:

  • Secure login
  • Maintaining your session
  • Protecting access to your account

I do not use:

  • Marketing cookies
  • Tracking cookies
  • Analytics cookies that identify users

A simple Cookie Policy will be provided explaining that only essential cookies are used.

5. Data Storage Location

Your data is stored on Microsoft Azure in the following regions:

  • UK South / UK West

No data is stored outside the UK unless explicitly migrated by Azure under UK‑GDPR‑approved safeguards (e.g., Standard Contractual Clauses).

6. How Your Data Is Protected

I use industry‑standard technical measures, including:

  • Azure Entra External ID for secure authentication
  • Encrypted storage for financial data
  • HTTPS for all data transfers
  • Microsoft Azure’s security infrastructure

Only minimal personal data is stored.

7. Payments via Stripe

Stripe acts as a separate Data Processor for handling your subscription payments.

I do not store:

  • Credit/debit card details
  • Billing addresses
  • Payment tokens

Stripe may store these according to its own Privacy Policy.
Your Web Cashflow Forecast account stores only a reference that a subscription exists.

8. Retention Policy

8.1 Data You Enter Into the Service

  • You may delete all your financial data yourself before closing your account.
  • After account closure, all remaining financial data will be automatically deleted within 30 to 60 days.

8.2 Account Information (Email + Entra ID)

Azure Entra External ID accounts are managed through Microsoft.

Your identifier may persist within Azure’s identity system, but:

  • Once your Web Cashflow Forecast account is deleted, your Entra ID is no longer linked to any financial data.
  • Your email is removed from Web Cashflow Forecast’s records during the 30–60 day deletion window.

I do not control or delete your Entra ID itself — it remains part of Azure’s identity platform unless you remove or update it in your own Microsoft account settings.

8.3 Payment Records

I maintain minimal Stripe subscription metadata solely for:

  • Accounting obligations
  • Fraud prevention
  • Legal compliance

These records do not include payment card details.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion (“right to erasure”)
  • Object to processing
  • Request data portability
  • Lodge a complaint with the ICO

To exercise any rights, contact:
contact@webcashflow.co.uk

10. Third-Party Service Providers

Your data may be processed by:

  • Microsoft Azure (hosting + authentication)
  • Stripe (payments)

All providers are contractually bound to comply with UK GDPR requirements. No other third parties receive your data

11. Changes to This Policy

If this Privacy Policy changes, I will update the date at the top of this page.
Important changes will be communicated via email or an in‑app notification.

12. Contact

If you have questions about privacy or data protection, please send a message via our Contact page.

Christopher J Bell
Yew Tree Barn, Chilson, Chipping Norton, OX7 3HU

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.