Privacy Policy

Last updated: [Insert Date]

This Privacy Policy explains how [Insert Business Name] (“we”, “us”, “our”) collects, uses, and protects your personal information when you use our website and online booking services (the “Service”). We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect the following types of personal information when you use our Service:

  • Contact details: name, phone number, email address, and postal address
  • Booking details: vehicle registration, make, model, MOT expiry date, and service history
  • Payment information: processed securely via our payment provider (we do not store any card details)
  • Communications: email or SMS messages related to bookings, reminders, or support
  • Technical information: browser type, IP address, and device information for security and analytics purposes

2. How We Use Your Information

We use your personal data for the following purposes:

  • To manage and confirm your bookings and appointments
  • To communicate with you regarding your booking, service updates, or changes
  • To send booking confirmations, reminders, and MOT expiry notifications
  • To process payments and issue refunds through Mollie Payments
  • To maintain accurate records for accounting and legal compliance
  • To improve our website, services, and customer experience
  • To send marketing communications (only if you have opted in)

3. Legal Basis for Processing

We process your personal data under one or more of the following legal bases:

  • Contractual necessity: to provide the services you have booked
  • Legitimate interests: to manage bookings, maintain records, and send service reminders
  • Legal obligation: to comply with financial, tax, and consumer protection laws
  • Consent: for optional marketing communications or notifications

4. Sharing Your Information

We only share your information with trusted third parties necessary to deliver our services, including:

  • Mollie Payments: for secure payment processing
  • Brevo (Sendinblue): for sending booking confirmations, reminders, and SMS notifications
  • IT and hosting providers that support our website and systems
  • Regulatory or legal authorities, if required by law

All third-party providers are required to keep your data secure and only use it for the specific purpose we authorise.

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, including for legal, accounting, or reporting requirements. Typically:

  • Booking and payment records are retained for up to 6 years for tax and legal compliance
  • Marketing data is retained until you withdraw your consent
  • Inactive customer data may be anonymised or deleted after a reasonable period

6. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or alteration. These include encrypted communications (SSL), secure hosting, and role-based access controls for staff.

7. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • The right to access your data and request a copy
  • The right to correct inaccurate or incomplete data
  • The right to request deletion of your data and/or your account (“right to be forgotten”). If you request deletion, we will remove your personal information from our systems, including your account details, bookings, and contact information, unless retention is required for legal or regulatory purposes.
  • The right to restrict or object to processing
  • The right to data portability (transfer to another provider)
  • The right to withdraw consent at any time, where applicable

To exercise any of these rights, including account deletion, please contact us using the details on our website.

8. Cookies and Analytics

Our website may use cookies and similar technologies to improve your browsing experience, track performance, and help us understand how visitors use our site. You can manage or disable cookies through your browser settings. For more information, please see our Cookie Policy.

9. International Data Transfers

All data is primarily processed within the United Kingdom or the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place in compliance with UK data protection law.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on this website and will take effect immediately upon publication.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, including requesting deletion of your account, please contact us using the contact details provided on our website.