Retsu Certified
Need to verify a device? Use the button below to access the Retsu Certified search tool.
Access Retsu Certified Search© Dehhani Ltd 2026
v1.9.998
Need to verify a device? Use the button below to access the Retsu Certified search tool.
Access Retsu Certified Search© Dehhani Ltd 2026
v1.9.998
Dehhani Ltd — Retsu
Last Updated: June 21st, 2026
These Terms of Service ("Terms") govern your access to and use of the Retsu product suite and all related tools and services (collectively, the "Service"), operated by Dehhani Ltd, a company registered in England and Wales ("us," "we," or "our"). By accessing or using any part of the Service, you agree to be bound by these Terms. If you do not agree, you must not access or use the Service.
Retsu is the same product and service previously known as "Device Setup Utility" ("DSU"). Effective June 21st, 2026, the product suite, its component applications (Retsu — Portal, Retsu — Profiler, and Retsu — Erasure, formerly DSU — Portal, DSU — Profiler, and DSU — Erasure), and the web portal (now at portal.retsu.uk, formerly devicesetup.app) have been renamed and rebranded. The change is one of name and branding only.
This rebranding does not create a new product, a new legal entity, or a new agreement, and does not otherwise alter the substance of these Terms. In particular:
The legacy domain devicesetup.app and the "Device Setup Utility"/"DSU" naming may continue to appear on, or redirect from, certain historical materials, third-party listings, or previously issued certificates for a transitional period. Where you have any question about whether a record or reference under the former name relates to your account, contact us at support@dehhani.uk.
The Service comprises the following components:
References to the "Service" throughout these Terms include all of the above components unless otherwise specified.
The Service allows you to post, link, store, share, and otherwise make available certain information, text, graphics, images, or other material ("Content"). You are responsible for the Content that you post on or through the Service, including its legality, reliability, and appropriateness.
Users may purchase a profiling licence to access both Retsu — Profiler and Retsu — Erasure. Each licence permits a defined number of device submissions determined by the selected package. Licence consumption is recorded on a per-device basis; each device submission from either Retsu — Profiler or Retsu — Erasure decrements the available profiling allowance by one.
Erasure licences are purchased separately and are required in addition to a profiling licence to perform data erasure operations using the Retsu — Erasure module. Each erasure operation (one or more drives on a single device) consumes the number of erasure licence credits corresponding to the number of drives erased. Erasure licence credits are non-transferable between accounts.
Licence keys are issued to a single account and must not be shared, redistributed, sublicensed, or used by any party other than the licensed account holder and their authorised sub-users. We reserve the right to revoke any licence key found to be in breach of this restriction without refund.
The Service requires an active internet connection to authenticate licence keys, verify erasure credits, and submit device reports. The application communicates with our servers on each use for licence verification and report submission. You acknowledge that the Service cannot operate without connectivity to our servers.
If your licence allowance or erasure credits are exhausted during a session, you will be unable to submit further reports or perform additional erasures until additional credits are purchased. Partially completed operations at the point of exhaustion may not be recorded. It is your responsibility to maintain adequate licence credits for your intended workload.
Profiling licence subscriptions may be cancelled by the user at any time. Cancelled licences remain active until the end of the current billing period. Erasure licence credits do not expire but are non-refundable once purchased. All licence purchases are non-refundable.
Users receive a referral code that may be shared with others. When a referral code is used during a licence purchase, both the referrer and the referee will receive 100 additional device credits on a valid profiling licence. Referral credits: (a) are credited to a valid, active profiling licence only; (b) expire 12 months from the date of award if unused; (c) are non-transferable and have no cash value; (d) will be forfeited if the qualifying licence is cancelled or revoked; and (e) may be withdrawn or modified at any time if we have reasonable grounds to suspect abuse, fraudulent referrals, or self-referrals. We reserve the right to modify or discontinue the referral programme at any time on 30 days' notice.
We reserve the right to increase or otherwise modify the prices of all services, licence packages, erasure credits, and add-on subscriptions at any time. Users will be notified of any price modifications by email at least 30 days prior to such changes taking effect. Continued use of the Service after the effective date of a price change constitutes acceptance of the revised pricing. One-time purchases (including erasure credit packs) are charged at the price displayed at the time of purchase.
The Retsu — Erasure module generates erasure certificates that document the erasure method applied (e.g., NIST SP 800-88 Clear/Purge, DoD 5220.22-M, HMG IS5) and the verification outcome. Erasure certificates are a record of the process performed. They do not constitute a warranty, guarantee, or representation that data is irrecoverable under all circumstances, including advanced forensic recovery methods.
Retsu — Erasure performs media sanitisation in conformance with the National Institute of Standards and Technology Special Publication 800-88 Revision 2 (NIST SP 800-88 Rev. 2), Guidelines for Media Sanitization. Our NIST SP 800-88 conformance statement, which describes how the software meets these guidelines, is available at Retsu NIST SP 800-88 Conformance Statement (PDF).
Evidentiary retention. Erasure certificates and their associated submission records (including the erasure method, verification outcome, device identifiers, technician identifier, and timestamps) are evidentiary documents that may be relied upon for data-protection compliance and audit purposes. Dehhani Ltd retains these records for the lifetime of your account and for a minimum of six (6) years from the date of erasure, in order to support compliance audits and to enable verification via the Retsu Certified portal, after which they may be deleted. This retention period operates independently of, and survives, the deletion of other device data; you remain responsible for archiving copies of any certificates required to meet your own regulatory obligations.
Due to the architecture of solid-state storage devices — including wear-levelling, over-provisioning, and controller-managed block allocation — software-based overwrite methods may not sanitise all addressable and non-addressable storage areas. For SSDs and NVMe drives, the NIST SP 800-88 Purge method (which issues ATA Secure Erase or NVMe Format commands to the drive firmware) is strongly recommended. The selection of the appropriate erasure method for the storage media in use is solely the responsibility of the user. We do not warrant that any software-based erasure method will render data irrecoverable from solid-state media.
To the maximum extent permitted by applicable law, Dehhani Ltd shall not be liable for any data breach, data exposure, regulatory penalty, claim, loss, or damage arising from or in connection with residual data on storage media that has been processed by the Retsu — Erasure module, regardless of the erasure method selected. This limitation applies whether the claim arises in contract, tort (including negligence), strict liability, or any other legal theory.
You are solely responsible for: (a) selecting an erasure standard appropriate to the sensitivity classification of the data and the regulatory requirements applicable to your organisation; (b) verifying that the erasure method is compatible with the target storage media; (c) maintaining and archiving erasure certificates as required by your compliance obligations; and (d) physically destroying storage media where software-based erasure is insufficient for your security requirements.
Data erasure operations performed by the Retsu — Erasure module — including, without limitation, NIST SP 800-88 Purge, NIST SP 800-88 Clear, DoD 5220.22-M, HMG IS5, and Gutmann overwrite methods — are permanent and irreversible. Once an erasure operation has been initiated and completed, the data on the target storage medium cannot be recovered by any means. You acknowledge that you have sole responsibility for ensuring that all data on the target device has been backed up or is no longer required prior to initiating any erasure operation. Dehhani Ltd shall bear no liability whatsoever for data loss resulting from erasure operations initiated by you or any authorised user of your account.
The operating system deployment functionality within Retsu — Erasure installs an operating system image onto the target storage drive. This process partitions, formats, and overwrites the contents of the selected drive. All existing data on the target drive will be permanently destroyed as a consequence of operating system installation. It is your sole responsibility to ensure that the correct target drive is selected and that no data requiring preservation resides on that drive prior to initiating deployment.
Retsu — Erasure performs automated hardware diagnostic tests by interfacing with device components through the Linux kernel and available device drivers within the live operating environment. You acknowledge that: (a) certain hardware components may not be detected or may not be fully testable where the requisite Linux kernel drivers are not available or are not compatible with the specific hardware revision; (b) test results are generated programmatically and reflect the software's interpretation of hardware responses at the time of testing; and (c) hardware test results do not constitute a warranty or guarantee of device functionality and should be independently verified where they are material to any commercial, contractual, or regulatory decision.
The Retsu — Portal provides a remote command interface that permits authorised users to issue instructions to devices running Retsu — Erasure over an authenticated WebSocket connection. Available remote commands include, without limitation: initiating data erasure, running hardware tests, deploying operating systems, submitting device reports, and powering off or rebooting the device. You are solely responsible for: (a) controlling which individuals have access to your Retsu — Portal account and the ability to issue remote commands; (b) ensuring that sub-users granted access to the Portal are authorised to perform remote operations on connected devices; and (c) any and all consequences arising from remote commands issued from your account, whether authorised or resulting from a failure to secure your account credentials. Dehhani Ltd shall not be liable for any loss, damage, or data destruction resulting from remote commands issued by you, your sub-users, or any third party who obtains access to your account.
Retsu — Erasure operates within a custom Linux live environment with root-level (superuser) privileges on the target device. This level of access is necessary to perform low-level hardware interrogation, direct storage media access for data erasure, drive partitioning for operating system deployment, and hardware diagnostic operations. You acknowledge and accept that granting the software root-level access is an inherent requirement of its functionality, and that Dehhani Ltd shall not be liable for any unintended consequence arising from the software's operation at this privilege level, provided the software is used in accordance with these Terms and the accompanying documentation.
Retsu — Erasure may periodically retrieve and apply software updates from Dehhani Ltd's servers ("OTA Updates"). These updates may modify the live operating environment, application code, driver support, and erasure or testing capabilities. OTA Updates are delivered automatically when the device is connected to the internet and has verified its licence key. By using the Service, you consent to the automatic application of OTA Updates. Dehhani Ltd shall use reasonable efforts to ensure that updates do not adversely affect existing functionality; however, we do not warrant that any specific feature or behaviour will remain unchanged following an update.
Each Retsu — Erasure installation authenticates against Dehhani Ltd's servers using a licence key and an associated verification code embedded in the bootable media. The verification code uniquely identifies the installation medium and is used to validate the licence, synchronise account settings, and authorise erasure credit consumption. You must not tamper with, extract, reverse-engineer, or redistribute verification codes. Dehhani Ltd reserves the right to revoke any verification code or licence key that is found to be compromised, shared without authorisation, or used in violation of these Terms.
In the course of its operation, Retsu — Erasure collects and transmits the following categories of data to Dehhani Ltd's servers: (a) device hardware specifications, including serial numbers, manufacturer and model identifiers, processor, memory, storage, battery, and network adapter details; (b) hardware diagnostic test results and erasure verification outcomes; (c) erasure certificates and associated metadata; (d) device photographs captured during processing (where the Device Photo Capture feature is enabled); (e) Wi-Fi network credentials entered by the user for the purpose of establishing internet connectivity, which are encrypted in transit and at rest; (f) session metadata, including session duration, technician identifiers, and timestamps; and (g) application telemetry necessary for licence verification and service operation. This data is collected solely for the purposes set out in Section 6 (Data Collection & Privacy) and is processed in accordance with applicable data protection legislation.
To ensure that erasure certificates, hardware test results, and audit records carry an accurate and trustworthy timestamp — and to confirm that the device has working internet connectivity before licence verification and report submission — Retsu — Erasure performs a time-synchronisation and connectivity check during operation. As part of this check, the device's public IP address is transmitted to one or more independent third-party network services that return the current time, time zone, and/or approximate geographic location associated with that IP address. The third-party services that may be used for this purpose currently include ip-api.com (operated by Bürger & Riedel UG, Germany), ipwho.is (USA), ipapi.co (USA), and network endpoints operated by Cloudflare, Inc. (USA) and Google LLC (USA). The data transmitted to these services is limited to the device's public IP address and the technical parameters of the request; no device hardware data, erasure data, account credentials, or personal data held in your account is sent to these services. A public IP address may constitute personal data under the UK GDPR where it can be associated with an identifiable individual. These services act as sub-processors and are listed in our Privacy Policy and GDPR Policy, where the applicable transfer safeguards are described. Where you require a configuration in which these external time-synchronisation checks are disabled or restricted to a specific provider for your compliance posture, contact us at support@dehhani.uk.
Retsu — Profiler and Retsu — Erasure (collectively, the "Profiling Tools") retrieve hardware specification data, diagnostic telemetry, and test results by interrogating system firmware interfaces (including, without limitation, SMBIOS/DMI tables, ACPI data, WMI providers, PCI/USB descriptor fields, and manufacturer-specific APIs). The completeness, accuracy, and availability of such data are determined entirely by the device manufacturer, the firmware revision installed, and the operating environment in which the Profiling Tools execute. Dehhani Ltd does not control, author, or validate the data exposed by these hardware interfaces and makes no representation or warranty — express, implied, or statutory — as to the accuracy, completeness, reliability, or fitness for any particular purpose of any hardware specification data retrieved by the Profiling Tools.
You acknowledge and accept that the Profiling Tools may, under certain circumstances: (a) be unable to retrieve one or more hardware specifications where the device firmware does not expose the relevant data fields, or where the requisite kernel drivers or hardware abstraction layers are unavailable in the execution environment; (b) return data that is inaccurate, incomplete, truncated, or inconsistent with the physical hardware installed, due to firmware misreporting, OEM customisation, missing or outdated driver support, or hardware abstraction limitations; or (c) report nominal or default values where the underlying interface returns null, zero, or placeholder responses. These limitations are inherent to software-based hardware interrogation and are not defects in the Service.
You are solely and exclusively responsible for: (a) reviewing all hardware specification data, diagnostic results, and device reports generated by the Profiling Tools before relying upon, publishing, or distributing such data; (b) exercising reasonable due diligence to identify and correct any errors, omissions, or anomalies in the reported data; (c) independently verifying any data point that is material to a commercial transaction, regulatory obligation, warranty claim, or compliance requirement; and (d) ensuring that any data exported, shared, or used in downstream systems (including, without limitation, marketplace listings, invoices, certificates, and inventory records) has been validated for accuracy. Failure to exercise such due diligence shall not give rise to any claim against Dehhani Ltd.
To the maximum extent permitted by applicable law, Dehhani Ltd shall not be liable for any loss, damage, cost, expense, claim, or liability (whether direct, indirect, incidental, consequential, special, or exemplary) arising from or in connection with: (a) inaccurate, incomplete, or missing hardware specification data reported by the Profiling Tools; (b) any decision, transaction, or action taken in reliance upon data generated by the Profiling Tools without independent verification; or (c) any regulatory penalty, contractual dispute, customer complaint, or reputational harm resulting from the publication or distribution of unverified device data. This exclusion applies whether the claim arises in contract, tort (including negligence), strict liability, misrepresentation, or any other legal or equitable theory.
We offer add-on packages that provide additional features. These add-ons are available on a subscription basis (yearly or monthly).
Add-ons may be cancelled at any time. Access will expire at the end of the current payment cycle.
Add-ons may rely on third-party APIs. Customer data may be shared with third parties solely to the extent necessary to provide the functionality of the relevant add-on. For details on specific marketplace integrations, see Section 12. Where a third-party provider acts as a data processor of personal data on our behalf or yours, we enter into or rely upon appropriate data processing agreements or standard contractual clauses with that provider. A current list of sub-processors is available upon request at support@dehhani.uk and is set out in our GDPR Policy.
The Eris AI Assistant is an optional add-on feature (the "Eris Add-On") that, when activated on your account, provides an artificial intelligence-powered assistant interface within the Retsu — Portal. The Eris Add-On is powered by the OpenAI API, operated by OpenAI, L.L.C. and its affiliates ("OpenAI"). By activating and using the Eris Add-On, you acknowledge and agree that certain data from your account will be transmitted to OpenAI's servers for the purpose of generating the assistant's responses.
Agentic functionality. The Eris Add-On is not limited to answering questions. On your instruction, it can read your account data, generate analysis, predictions, and recommendations, and perform actions on your records on your behalf, including (without limitation) creating, editing, moving, recycling (soft-deleting), and permanently removing or consuming clients, devices, batches, and sales, inbound, and outbound orders, and sharing or broadcasting batch and listing information. Actions that are irreversible (such as permanently consuming an item) require your explicit confirmation before Eris will carry them out. You acknowledge and agree that any action performed by the Eris Add-On at your or your sub-user's instruction is treated as an action taken by you, is your sole responsibility, and is subject to the same Account Holder and sub-user responsibilities set out elsewhere in these Terms. Dehhani Ltd shall not be liable for any loss, deletion, modification, disclosure, or other consequence arising from instructions you or your sub-users give to the Eris Add-On, or from your reliance on its analysis, predictions, valuations, or recommendations, which do not constitute professional, financial, or legal advice and should be independently verified where material.
External market data. To generate pricing and disposition insight, the Eris Add-On may retrieve publicly available third-party market information (for example sold-item comparables from eBay and trade listings from TheBrokerSite). Such information is provided by third parties, may be inaccurate, incomplete, or out of date, and is offered for indicative purposes only; Dehhani Ltd does not warrant it and accepts no liability for decisions made in reliance on it.
Specifically, each request made to the Eris Add-On transmits the following categories of data to OpenAI:
The foregoing data is transmitted to OpenAI solely for the purpose of generating a response to your query and is not used by Dehhani Ltd for any other purpose. Dehhani Ltd does not transmit account passwords, payment card data, full database exports, or unrelated account records as part of any Eris Add-On request.
OpenAI processes the transmitted data in accordance with its own privacy policy and data processing terms. Transfers of data to OpenAI are made on the basis of appropriate safeguards in accordance with UK GDPR Chapter V, including OpenAI's standard contractual clauses or applicable adequacy arrangements. You are advised to review OpenAI's privacy policy and data processing addendum prior to enabling the Eris Add-On, particularly if your account holds personal data relating to third parties (including client contacts, sub-users, or individuals identifiable from device photographs).
As Account Holder, you accept sole responsibility for ensuring that your use of the Eris Add-On — including the transmission of any personal data within your account to OpenAI — complies with all applicable data protection legislation, including the UK GDPR and the Data Protection Act 2018, and with any obligations owed by you to the individuals whose data is held within your account. Dehhani Ltd shall not be liable for any regulatory penalty, claim, or loss arising from your use of the Eris Add-On in connection with personal data for which you are the data controller.
Retention and audit. To provide, support, secure, and improve the Eris Add-On, Dehhani Ltd retains on its servers a transcript of your Eris conversations, any feedback you provide on its responses, and derived quality and diagnostic records. Actions performed by the Eris Add-On are recorded in the account audit trail (Section 13) in the same manner as actions taken manually, attributed to the assistant acting on your behalf. This data is used only for the operation, security, and improvement of the feature and is processed in accordance with our Privacy Policy and GDPR Policy; you may request its deletion. The Eris Add-On may be deactivated at any time, which will prevent further data transmission to OpenAI in connection with the assistant feature.
In the course of providing the Service, we collect and process the following categories of data:
All data is transmitted to and stored on servers operated by or on behalf of Dehhani Ltd via the portal.retsu.uk (formerly devicesetup.app) portal.
Users may upload images of devices to the Portal for record-keeping and inventory management purposes. Such images are stored on our servers and associated with the relevant device record.
The Service includes an optional "Device Photo Capture" feature, which is disabled by default and may be enabled or disabled at any time by the account administrator via the settings menu on the Retsu — Portal. When enabled, this feature instructs Retsu — Profiler and Retsu — Erasure to capture photographs using the device's built-in webcam during the diagnostic or erasure process. Captured images are automatically uploaded to and stored on our servers alongside the corresponding device report.
The purpose of Device Photo Capture is to provide users with a visual record of webcam functionality and an opportunity to assess the physical condition of the device at the time of processing. You acknowledge that images captured by this feature may incidentally contain identifiable individuals or surroundings within the webcam's field of view, and that such images may, depending on their content, constitute personal data — and in some circumstances special-category data — under the UK GDPR and the Data Protection Act 2018.
Account Holder responsibility and lawful basis. Device Photo Capture is a feature you elect to enable. By enabling it, you, as Account Holder and data controller for your account, acknowledge and agree that: (a) you are solely responsible for establishing a valid lawful basis under UK/EU GDPR for the capture (which will typically require the explicit consent of, or a documented legitimate-interest assessment in respect of, any operator or other individual who may be captured); (b) you are responsible for informing your operators, technicians, and any other affected individuals that webcam images are captured during device processing, and for obtaining any consents required; (c) where required by applicable law, you are responsible for conducting a Data Protection Impact Assessment (DPIA) prior to enabling the feature; and (d) Dehhani Ltd acts only as a processor in storing these images on your instruction and shall not be liable for any claim, regulatory penalty, or loss arising from your enabling or use of the feature without an appropriate lawful basis or required notifications. It remains your responsibility to ensure that the use of this feature complies with all applicable privacy and data protection laws in your jurisdiction.
Images captured via Device Photo Capture are not exposed to non-authenticated users at any point. They are excluded from publicly accessible certificate verification pages, broadcast communications, shared batches, and all other externally visible features of the Service. Captured images are accessible only to authenticated users on the Account Holder's account, solely within the corresponding device report on the Retsu — Portal.
Data is collected for the purposes of: licence verification, device report generation, erasure certification, audit trail maintenance, device image storage, and the general operation of the Service.
Where the Service processes personal data of individuals located in the United Kingdom, such processing is subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Details of our data processing practices, lawful bases, data subject rights, and contact information for our data protection enquiries are set out in our GDPR Policy and Privacy Policy.
Device reports, erasure certificates, and associated data are retained for as long as your account remains active. Billing and transactional records are retained for a minimum of 6 years from the date of transaction in compliance with HMRC requirements. You may request deletion of your data in accordance with our Privacy Policy.
You may export your device data, order records, and erasure certificates from the Platform at any time in CSV, XLSX, or PDF format using the built-in export functions. You may also exercise your right to data portability under UK GDPR by contacting us at support@dehhani.uk.
If your account has had no login activity for a continuous period of 24 months, we may notify you by email at your registered address that your account is considered inactive. If no response is received within 30 days of that notification, we reserve the right to deactivate the account. Deactivation does not constitute deletion; your data will be retained in accordance with our Privacy Policy until you request deletion or your account is closed. We will provide a further 30 days' notice before any permanent deletion of inactive account data.
Dehhani Ltd operates the Service as a multi-tenant platform serving many independent customers, some of whom may be competitors. We treat the data within your account — including your device inventory, pricing, client and buyer contacts, inbound and outbound order records, manifests, container references, and erasure records — as your confidential information. We implement logical access controls designed to ensure that data belonging to one customer's account is not accessible to, or visible to, any other customer. Data from one customer's manifests, inbound orders, container references, or inventory is never deliberately disclosed to, or made visible to, another customer through the Service. We will not use your confidential account data except as necessary to provide, secure, support, and improve the Service, to comply with a legal obligation, or as otherwise permitted in these Terms and our Privacy Policy. This obligation does not apply to information that is or becomes publicly available other than through our breach, or to data you elect to expose through the Service's public-sharing features (such as public batch share links or the Retsu Certified verification portal), the operation of which is described in Section 11 and our Privacy Policy.
The Service is provided on an "as available" basis. While we use commercially reasonable efforts to maintain availability, we do not guarantee uninterrupted or error-free access to the Service. The Service may be temporarily unavailable due to maintenance, updates, or circumstances beyond our reasonable control.
The Service requires an active internet connection for licence authentication, erasure credit verification, and report submission. If our servers are unreachable, you will be unable to authenticate, perform licensed operations, or submit reports until connectivity is restored. We shall not be liable for any loss or inconvenience arising from service unavailability.
Certain components of the Service may queue reports locally when connectivity is temporarily interrupted. Queued reports will be submitted automatically when connectivity is restored. We do not guarantee the integrity or delivery of locally queued data and accept no liability for reports that fail to submit due to local storage failure, device shutdown, or other causes.
The Retsu — Erasure module and associated tools may facilitate the deployment of operating system images (including Microsoft Windows) to target devices. You are solely responsible for ensuring that you hold valid licences for any operating system deployed using the Service. Dehhani Ltd does not provide, supply, or sublicence any Microsoft Windows licences or any other third-party operating system licences. Use of operating system deployment features constitutes your representation that you are appropriately licensed for such deployment.
The Service, including but not limited to the Portal, Retsu — Profiler, the Retsu — Erasure live environment, the user interface, all source code, object code, documentation, graphics, and design elements, is and remains the exclusive property of Dehhani Ltd. All rights not expressly granted herein are reserved.
Subject to your compliance with these Terms and payment of applicable fees, we grant you a limited, non-exclusive, non-transferable, revocable licence to use the Service for your internal business purposes. You may not copy, modify, distribute, reverse-engineer, decompile, disassemble, or create derivative works from any part of the Service.
Any suggestions, ideas, or feedback you provide regarding the Service may be used by us without obligation or compensation to you.
Retsu is a trademark of Dehhani Ltd. The Retsu name, the Retsu logo, and related marks, brand features, and product names used in connection with the Service are trademarks of Dehhani Ltd. Nothing in these Terms grants you any right or licence to use any Dehhani Ltd trademark without our prior written consent. Third-party names and marks referenced in the Service (for example eBay, Shopify, WooCommerce, Stripe, Blancco, and OpenAI) are the property of their respective owners and are used for identification purposes only.
The account administrator ("Account Holder") may create sub-user accounts and assign roles (including but not limited to Admin, Technician, Salesman, Storeman, and General) via the Retsu — Portal. Each sub-user is authenticated by their own credentials and, where applicable, a unique five-digit PIN for Retsu — Erasure operations.
The Account Holder is solely responsible for: (a) the creation, management, and supervision of all sub-user accounts under their organisation; (b) ensuring that sub-users are appropriately trained and authorised to perform the operations permitted by their assigned roles; and (c) all actions taken by sub-users under the Account Holder's account, including but not limited to device submissions, data erasure operations, and the generation of reports and certificates. Dehhani Ltd shall not be liable for any loss, damage, or regulatory consequence arising from the actions or omissions of sub-users.
Where PINs are used to authenticate sub-users for erasure operations, the Account Holder is responsible for ensuring that PINs are kept confidential, assigned uniquely to individual sub-users, and changed promptly if compromised. Dehhani Ltd shall not be liable for any unauthorised erasure operations performed using valid PIN credentials.
Device reports and erasure certificates generated by the Service are assigned a unique identifier (UID). Certificate data — including device specifications, test results, grading assessments, and erasure outcomes — may be publicly queried by any party in possession of the UID via the certificate verification portal at portal.retsu.uk/cert/search (formerly devicesetup.app/cert/search). This public verification functionality is a core feature of the Service designed to enable third-party verification of device history and certification status.
You acknowledge that any party to whom you disclose a device UID (whether directly, via printed labels, QR codes, or otherwise) will be able to access the associated certificate data. It is your responsibility to control the distribution of UIDs in accordance with your confidentiality requirements. Dehhani Ltd shall not be liable for any disclosure of device information resulting from the sharing of UIDs by you or your sub-users.
The Service offers integration with third-party marketplace platforms, including but not limited to eBay, Shopify, and WooCommerce (collectively, "Marketplace Integrations"). Marketplace Integrations enable the synchronisation of device data, images, pricing, and inventory information between the Retsu — Portal and the connected third-party platform.
When you enable a Marketplace Integration, you authorise the transfer of relevant device data and images to the connected third-party platform. Once data has been transmitted to a third-party platform, it is governed by that platform's own terms of service and privacy policy. Dehhani Ltd has no control over and accepts no responsibility for the handling, storage, or processing of data by third-party platforms.
Marketplace Integrations depend on the availability and continued operation of third-party APIs. We do not warrant the availability, reliability, or performance of any third-party platform or API. Changes to third-party APIs may affect the functionality of Marketplace Integrations without prior notice.
The Service maintains a comprehensive audit trail that records significant account and device events, including but not limited to: device submissions, modifications, and deletions; erasure operations; user account changes; sub-user actions; and actions performed by the Eris AI Assistant on your behalf (see Section 5.4). Audit trail records are maintained for the duration of your account and may be retained thereafter as required by law. Audit trail data is immutable and may be relied upon by Dehhani Ltd in the investigation and resolution of disputes, compliance enquiries, or suspected violations of these Terms.
The Service may assign or record cosmetic and functional grades to devices (including display, casing, keyboard, and final grading assessments). Grading is based on criteria applied by the user, automated diagnostic results, or a combination thereof. Device grades do not constitute a professional valuation, warranty of condition, or guarantee of fitness for any particular purpose. Grading is provided as a record-keeping and classification tool only. Dehhani Ltd shall not be liable for any loss arising from reliance on device grades by you or any third party.
By using the Service, you consent to receiving transactional and operational emails, including but not limited to: account notifications, sub-user credential communications, licence and billing alerts, service announcements, and system notifications. These communications are integral to the operation of the Service and cannot be opted out of while your account remains active.
The Service enables Account Holders to send broadcast communications to their clients. You are solely responsible for the content of any broadcast communications you send via the Service and for ensuring compliance with all applicable email marketing and privacy regulations (including the Privacy and Electronic Communications Regulations 2003 and, where applicable, the EU ePrivacy Directive).
The modification, falsification, forgery, or misrepresentation of any certificate, report, or document generated by the Service — including but not limited to erasure certificates, device reports, grading assessments, and PAT test records — is strictly prohibited. Any such activity may result in the immediate and permanent termination of your account without refund, and Dehhani Ltd reserves the right to pursue all available legal remedies, including reporting such conduct to relevant regulatory and law enforcement authorities.
All purchases are processed through the payment provider Stripe. No customer credit or debit card data is stored on our servers.
Payments are processed securely through Stripe in compliance with PCI-DSS standards.
The Service may contain links to third-party websites or services not owned or controlled by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. You acknowledge and agree that we are not responsible or liable for any damage or loss caused or alleged to be caused by the use of or reliance on any content, goods, or services available on or through such websites or services.
Nothing in these Terms excludes or limits our liability for: (a) death or personal injury caused by our negligence; (b) fraud or fraudulent misrepresentation; or (c) any other liability that cannot be excluded or limited by applicable law.
Subject to the foregoing, to the maximum extent permitted by applicable law, Dehhani Ltd, its directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, revenue, data, or business opportunity, arising out of or in connection with your use of the Service, whether based on contract, tort, negligence, strict liability, or any other legal theory, even if we have been advised of the possibility of such damages.
Our total aggregate liability to you for all claims arising out of or relating to the Service shall not exceed the total amount paid by you to us in the twelve (12) months immediately preceding the event giving rise to the claim.
You agree to indemnify, defend, and hold harmless Dehhani Ltd and its directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in connection with: (a) your use of the Service; (b) your breach of these Terms; (c) your selection of erasure methods and reliance on erasure certificates; (d) actions taken by your sub-users; (e) broadcast communications sent via the Service; or (f) your violation of any applicable law or regulation.
We reserve the right to modify or replace these Terms at our sole discretion. If a revision is material, we will provide at least 30 days' notice prior to any new terms taking effect. Continued use of the Service after such notice constitutes acceptance of the revised Terms.
We reserve the right, at our sole discretion, to suspend or terminate any licence, or to suspend, terminate, or revoke your user account and access to the Service, with or without prior notice, if we suspect abuse, misuse, fraudulent activity, tampering, certificate falsification, or any violation of these Terms. Upon suspension or termination, all rights granted to you under these Terms will immediately cease. No refunds or credits will be provided for any unused portion of a licence or erasure credits.
If you have a complaint or dispute arising out of or in connection with the Service or these Terms, we encourage you to contact us first at support@dehhani.uk to seek an informal resolution. We will use reasonable efforts to resolve any dispute within 14 days of receipt of a written complaint. If a dispute cannot be resolved informally within 30 days of the initial complaint, either party may escalate the matter in accordance with the dispute resolution process below.
For disputes involving amounts up to the small claims limit, you may use the UK small claims court process without prior notice to us. For disputes above this threshold, both parties agree to attempt in good faith to resolve the dispute through mediation administered by a mutually agreed mediator before commencing formal legal proceedings. The costs of mediation shall be borne equally unless otherwise agreed. Nothing in this clause prevents either party from seeking urgent injunctive relief.
These Terms shall be governed by and construed in accordance with the laws of England and Wales. Subject to the dispute resolution process in Section 23, any disputes arising out of or in connection with these Terms that cannot be resolved by mediation shall be subject to the exclusive jurisdiction of the courts of England and Wales.
If any provision of these Terms is held to be invalid or unenforceable, such provision shall be struck and the remaining provisions shall remain in full force and effect.
Dehhani Ltd shall not be liable for any failure or delay in performing its obligations under these Terms where such failure or delay results from circumstances beyond our reasonable control, including but not limited to: acts of God, natural disasters, epidemics or pandemics, fire, flood, war, terrorism, civil unrest, government actions or sanctions, power outages, internet service provider failures, cyberattacks (including distributed denial-of-service attacks), failure of third-party infrastructure or hosting providers, and industrial disputes. During any period of force majeure, our obligations under these Terms shall be suspended to the extent affected, and the time for performance shall be extended accordingly.
No failure or delay by Dehhani Ltd in exercising any right, power, or remedy under these Terms shall operate as a waiver of that right, power, or remedy. No single or partial exercise of any right, power, or remedy shall preclude any other or further exercise thereof or the exercise of any other right, power, or remedy. The rights and remedies provided in these Terms are cumulative and not exclusive of any rights or remedies provided by law.
These Terms, together with our Privacy Policy, GDPR Policy, Cookies Policy, and any other policies referenced herein, constitute the entire agreement between you and Dehhani Ltd with respect to the Service and supersede all prior or contemporaneous communications, proposals, and agreements, whether oral or written, between you and Dehhani Ltd relating to the Service.
You must be at least 18 years of age to create an account and use the Service. By creating an account, you represent and warrant that you are at least 18 years old. If we become aware that an account has been created by a person under the age of 18, we reserve the right to terminate that account immediately without notice.
By creating an account and using the Service, you confirm that you have read, understood, and agree to be bound by these Terms. If you are agreeing to these Terms on behalf of a company or other legal entity, you represent that you have authority to bind that entity to these Terms.
If you have any questions about these Terms, please contact us at support@dehhani.uk.
Dehhani Ltd — Retsu
Last Updated: June 14th, 2026
This Privacy Policy describes how Dehhani Ltd ("we", "us", or "our") collects, uses, shares, and protects personal information in connection with Retsu (formerly "Device Setup Utility" / "DSU") at portal.retsu.uk (formerly devicesetup.app) (the "Platform"). Retsu is the same product and service formerly known as "Device Setup Utility" ("DSU"); the change is one of name and branding only and does not affect your rights, our obligations, or the validity of any records or certificates issued under the former name.
We collect the following categories of personal data:
The IP-based time-synchronisation and connectivity providers above (ip-api.com, ipwho.is, ipapi.co, Cloudflare, and Google) receive only the device's public IP address and the technical parameters of the request. No device hardware data, erasure data, account credentials, or other personal data held in your account is transmitted to them. See our Terms of Service §3.13 for further detail.
We do not sell, trade, or rent your personal data to any third party.
The Eris AI Assistant ("Eris") is an optional, separately licensed add-on powered by the OpenAI API. Eris is not merely a question-and-answer tool: it is an agentic assistant that, on your instruction, can read your account data, generate analysis and recommendations, and carry out actions on your records — for example creating, editing, moving, recycling, or permanently removing clients, devices, batches, and sales, inbound, or outbound orders. When active, each interaction transmits data to OpenAI's servers solely to generate the assistant's response, and any actions Eris performs are executed on our servers within your account.
Data transmitted to OpenAI per request:
Not transmitted: passwords, payment card data, full database exports, or records unrelated to your request.
External market data. To produce pricing and disposition insight, Eris may also retrieve publicly available market information (for example sold-item comparables from eBay and trade listings from TheBrokerSite). These lookups send only the relevant search terms (such as a device make and model), not your personal data.
Actions taken by Eris. Where you instruct Eris to change data, the resulting create, edit, move, or delete operations are recorded in the account audit log in the same way as actions taken manually, attributed to the assistant acting on your (or your sub-user's) behalf. Irreversible actions (such as permanently consuming an item) require your explicit confirmation before Eris will proceed.
What we retain on our servers. To operate, secure, and improve the assistant, Dehhani Ltd retains on its own servers: (a) a transcript of your Eris conversations; (b) any feedback you give on a response (for example marking it helpful or incorrect); and (c) derived diagnostic and quality records (such as anonymisable test cases and learned operating context) used to improve Eris's accuracy. Audit-log entries for actions Eris performs are retained as part of the account audit trail. This data is used only to provide, support, secure, and improve the Eris feature and is not sold or used for advertising. (This corrects earlier versions of this policy, which stated that no conversation data was retained on our servers.)
OpenAI's retention. Data transmitted to OpenAI is processed under OpenAI's API data-usage terms. OpenAI does not use data submitted via its API to train its models by default, and applies its own limited retention for abuse monitoring. OpenAI's own terms govern data held on its infrastructure.
The lawful basis is contract performance (UK GDPR Art 6(1)(b)) for delivery of the add-on, and legitimate interests (Art 6(1)(f)) to enable contextually accurate responses and to secure and improve the feature. As Account Holder, you remain the data controller for personal data in your account and are responsible for ensuring your use of Eris — including any action you instruct it to take and any personal data thereby transmitted to OpenAI — complies with applicable data protection law. Eris may be deactivated at any time, which prevents further transmission to OpenAI. You may request deletion of your Eris conversation transcripts and feedback records by contacting us.
Retsu includes features that may expose information to third parties without requiring them to log in:
/cert/search. The information exposed may include device specifications, test results, grading assessments, and erasure outcomes linked to that UID.You have the right to access, rectify, erase, restrict, port, or object to the processing of your personal data, and to withdraw consent at any time. Contact us at support@dehhani.uk. We will respond within one calendar month.
Dehhani Ltd has determined that a formal Data Protection Officer is not required under UK GDPR Article 37 at this time. Data protection enquiries: support@dehhani.uk. Registered office: 124 City Road, Dehhani Ltd, London, England, EC1V 2NX. Dehhani Ltd is registered with the ICO as a data controller; our registration number is available on request. Public listing on the ICO register may not reflect the most recent registration status immediately.
We may update this Privacy Policy at any time. Material changes will be notified by updating the "Last Updated" date above.
Contact: support@dehhani.uk
Dehhani Ltd — Retsu
Last Updated: June 14th, 2026
This policy describes how Dehhani Ltd complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 in connection with Retsu at portal.retsu.uk (formerly devicesetup.app). Retsu is the same product and service formerly known as "Device Setup Utility" ("DSU"); the change is one of name and branding only and does not affect your rights or our obligations under this policy. The UK GDPR is retained EU GDPR law under the European Union (Withdrawal) Act 2018. The supervisory authority is the Information Commissioner's Office (ICO).
Dehhani Ltd — support@dehhani.uk
Registered office: 124 City Road, Dehhani Ltd, London, England, EC1V 2NX.
Registered with the ICO as a data controller. Registration number available on request. Public listing on the ICO register may not reflect the most recent registration status immediately. A formal Data Protection Officer is not required under UK GDPR Article 37 at this time.
The IP-based time-synchronisation and connectivity providers listed above (ip-api.com, ipwho.is, ipapi.co, Cloudflare, and Google) are engaged only by the Retsu — Erasure software and receive only the device's public IP address and request parameters — no device, erasure, account, or other personal data is transmitted to them. A public IP address may constitute personal data under UK GDPR; the lawful basis for this limited processing is legitimate interests (Art 6(1)(f)) in ensuring accurate, trustworthy timestamps on erasure and audit records and confirming connectivity.
Eris is an agentic AI assistant: on your instruction it can read account data, produce analysis and recommendations, and perform actions on your records (creating, editing, moving, recycling, or permanently removing clients, devices, batches, and sales, inbound, or outbound orders). Where the Eris add-on is active, the following additional processing applies:
Primary data is stored in UK Azure regions. Third-party transfers are covered by UK adequacy regulations, IDTAs, or Standard Contractual Clauses (SCCs) as applicable. This includes transfers to OpenAI, L.L.C. in the USA where the Eris add-on is active, made on the basis of OpenAI's SCCs or applicable UK adequacy arrangements.
The IP-based time-synchronisation lookups performed by Retsu — Erasure may transmit the device's public IP address to providers in the EU (ip-api.com / Bürger & Riedel UG, Germany — covered by UK–EU adequacy) and in the USA (ipwho.is, ipapi.co, Cloudflare, and Google — covered by SCCs or applicable adequacy arrangements). These transfers are limited to the device's public IP address and request parameters. Where your compliance posture requires it, contact us at support@dehhani.uk to discuss restricting or disabling these external checks or to obtain the relevant provider data processing agreements.
We respond within one calendar month. Contact: support@dehhani.uk
ICO notification within 72 hours of becoming aware (UK GDPR Art 33). Affected individuals notified without undue delay where high risk, including: nature of breach, categories affected, likely consequences, and remedial measures taken.
Contact us first at support@dehhani.uk. You also have the right to complain to the ICO at any time:
We may update this policy to reflect changes in UK data protection law. Material changes will be notified by updating the "Last Updated" date above.
Dehhani Ltd — Retsu
Last Updated: June 6th, 2026
This Cookies Policy explains how Dehhani Ltd ("we", "us", or "our") uses cookies and similar technologies on Retsu (formerly "Device Setup Utility" / "DSU") at portal.retsu.uk (formerly devicesetup.app). Retsu is the same product and service formerly known as "Device Setup Utility" ("DSU"); the change is one of name and branding only and does not affect your rights, our obligations, or the validity of any records or certificates issued under the former name.
Cookies are small text files placed on your device by a website when you visit it. They allow the website to recognise your device and remember information about your session. Cookies cannot execute code or deliver viruses, and they do not access other information on your device.
We use a single server-side session cookie, set when you log in. It keeps you authenticated, stores session preferences (theme, currency, language), and is required for the Platform to function. We do not use cookies for advertising, behavioural tracking, or analytics.
| Name | Type | Purpose | Expiry | Party |
|---|---|---|---|---|
| connect.sid | Strictly necessary | Maintains your authenticated session and stores preferences. Contains a session identifier only — no personal data stored in the cookie itself. | Session (on browser close or inactivity) | First-party |
We do not set third-party cookies, advertising cookies, or persistent tracking cookies of any kind.
If you opt in to browser push notifications, your browser generates a push subscription (a unique endpoint URL and encryption keys) which is stored in our database. This is not a cookie but functions as a persistent browser-level identifier. It remains active until you revoke it via your browser's notification settings or contact us to request deletion.
If your account has the optional Eris AI Assistant add-on active, Eris uses your browser's local storage (not cookies) to keep a short-lived record of the current conversation and a small set of "memory" entries, so it can maintain context as you move between pages. This data stays in your browser and is not a tracking technology. It is cleared when you clear the conversation within Eris or when you clear your browser's site data. (Conversation transcripts retained on our servers for the Eris feature are described in our Privacy Policy.)
Depending on the page or feature you use, Retsu may load third-party functional resources directly in your browser. These can include Google reCAPTCHA on registration pages, Stripe.js on checkout pages, Shopify App Bridge in embedded Shopify views, Google Fonts and Chart.js on certain portal pages, and CDN-hosted libraries such as Font Awesome. These are used for security, payments, embedded-app behaviour, chart rendering, typography, and interface display rather than advertising or behavioural analytics.
Where such resources are loaded, your browser connects directly to the relevant provider in the normal way for web content. Any cookies, local storage, or similar technologies used by those providers are governed by their own policies and browser behaviour, not by Retsu as first-party cookies. Retsu itself does not use third-party advertising cookies, social-media trackers, or analytics scripts.
You can control and delete cookies via your browser settings. Note: blocking the session cookie will prevent you from logging in to the Platform. As the Retsu cookies we set are strictly necessary, there is no in-app Retsu cookie preference centre.
We may update this policy from time to time. Material changes will be notified by updating the "Last Updated" date above.
Contact: support@dehhani.uk