Privacy Policy – Drivetrack

This Privacy Policy explains how Drivetrack ("Drivetrack", "we", "our", or "us") collects, uses, and protects personal data in connection with our software-as-a-service platform for vehicle logistics. We are committed to ensuring your privacy is protected and handling your data in compliance with the UK General Data Protection Regulation (UK GDPR).

1. Data Controller & Processor Roles

Drivetrack acts as a data processor on behalf of its clients (the data controllers). Our clients determine the purposes and means of processing personal data entered into their Drivetrack instance.

2. Data We Collect

We may process the following personal data as part of our services:

  • Names
  • Email addresses
  • Phone numbers
  • Home and business addresses
  • GPS data from drivers
  • Vehicle registration numbers and make/models
  • Driver licence numbers
  • Invoicing and billing address details
  • Images and signatures related to job documentation

3. How We Collect Data

Data is collected through:

  • User account registration (name, email, password)
  • Manual input by client administrators
  • Uploaded media (e.g., vehicle photos, driver signatures)

4. Purpose of Processing

We process personal data solely for the provision of Drivetrack's services, including:

  • Managing vehicle logistics
  • Driver tracking and billing
  • Invoicing and reporting
  • Secure access to the platform
  • Customer support and product updates

5. Legal Basis for Processing

Processing is carried out under the instruction of our clients and in line with Article 6(1)(b) and 6(1)(f) of the UK GDPR, where processing is necessary for the performance of a contract or legitimate interests of our clients.

6. Data Storage & Security

All data is stored in secure, dedicated Google Firebase instances located in the UK or Western EU. The platform is hosted on Vercel. We use HTTPS encryption, Firebase Authentication, and role-based access control to ensure security.

7. Data Sharing

We do not sell or share your personal data with third parties, except:

  • To facilitate services such as sending emails via Vercel/Nodemailer
  • As required by law or regulation

8. Data Retention

We retain data according to the following schedule:

  • Job records: 3 years
  • Invoices and driver billing records: 6 years

Upon account closure, users may request to download all collection and delivery data.

9. Your Rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Correct inaccuracies
  • Request deletion
  • Object to processing
  • Data portability

To exercise any of these rights, please contact support@drivetrack.co.uk.

10. Communications

We may email you with product updates or important service changes. We do not send promotional marketing unless explicitly opted into.

11. Minors

If a client adds a staff member under 18, their data will be treated with the same protection as any other user. We do not knowingly collect data directly from minors.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be communicated through our platform or via email.

13. Contact

If you have any questions or concerns about this policy or your data, please contact:

support@drivetrack.co.uk