Home
Drivers
Businesses
How it works?
Contact Us
Privacy Policy
Terms of Service
Home
Drivers
Businesses
How it works?
Contact Us
Privacy Policy
Terms of Service
More
  • Home
  • Drivers
  • Businesses
  • How it works?
  • Contact Us
  • Privacy Policy
  • Terms of Service
  • Home
  • Drivers
  • Businesses
  • How it works?
  • Contact Us
  • Privacy Policy
  • Terms of Service

Privacy Policy

 

 

Last Updated: March 10, 2025

At Carvert, we are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our website (carvert.co.uk), sign up as a driver or business, or use our services. By using Carvert, you agree to the practices outlined below.

1. Information We Collect

We collect the following personal data:

  • From Drivers:
    • Contact Information: Email address (collected via our Subscribe form and Jotform).
    • Personal Details: Full address (for marketing purposes), car registration number, and a photo of the bumper sticker on your vehicle alongside the connected car registration (for verification—see Terms of Service).
    • Consent: Explicit agreement to display bumper stickers for 30 days, share your address with businesses for marketing, and upload the verification photo (collected via Jotform checkbox).
  • From Businesses:
    • Contact Information: Email address, phone number (collected via Subscribe form and Jotform).
    • Business Details: Business name and uploaded logo files.
    • Consent: Agreement to Carvert’s terms for advertising campaigns (collected via Jotform checkbox).
  • From Contact Us Form:
    • Name, email address, subject, and message content.
  • Automatically Collected Data:
    • IP address, browser type, and visit duration (via website analytics, if enabled).

2. How We Use Your Information

We process your personal data based on the following lawful bases under UK GDPR Article 6:

  • Consent: For sharing driver addresses with businesses and processing verification photos (you can withdraw consent—see Section 5).
  • Contract: To manage your sign-up, match drivers with businesses, and fulfill 30-day advertising campaigns, including verification.
  • Legitimate Interests: To respond to Contact Us inquiries and improve our website/services.

3. How We Share Your Information

  • With Businesses: We share driver addresses with partnered businesses for targeted marketing, as consented during sign-up.
  • With Third-Party Processors: We use Jotform (for forms, including photo uploads) and GoDaddy (for website hosting), who process data on our behalf under confidentiality agreements compliant with UK GDPR.
  • Legal Requirements: We may disclose data if required by UK law, the ICO, or to protect Carvert’s rights.
  • No Other Sharing: We do not sell your personal data to third parties.

4. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Secure storage of submissions (including photos) via Jotform with encryption.
  • HTTPS encryption on our website (provided by GoDaddy).
  • Access restricted to authorised personnel with strong passwords and two-factor authentication (2FA). While we strive to secure your data, no system is entirely immune to breaches.

5. Your Rights and Choices

Under UK GDPR, you have the following rights regarding your personal data. To exercise these, email privacy@carvert.co.uk within 30 days:

  • Access: Request a copy of your data, including verification photos.
  • Rectification: Correct inaccurate data.
  • Erasure: Request deletion (where lawful, e.g., after retention periods).
  • Restriction: Limit how we use your data.
  • Objection: Object to processing (e.g., marketing or photo use).
  • Portability: Receive your data in a structured format.
  • Withdraw Consent: Opt out of address-sharing or photo use by contacting us.
  • Cookies: Our site may use cookies for analytics. You can disable them via your browser settings.

6. Data Retention

  • Driver data (email, address, car registration, verification photos) is retained for 1 year after your last assignment, then securely deleted.
  • Business data (email, phone, business name, logo) is retained for 2 years after your last campaign, then securely deleted.
  • Contact Us form data is kept for 6 months, then deleted unless needed for ongoing support.

7. International Data Transfers

Your data may be transferred to and processed in the United States (e.g., by Jotform). We ensure compliance with UK GDPR by using Standard Contractual Clauses (SCCs) approved by the ICO. You can request details of these safeguards by emailing privacy@carvert.co.uk.

8. Data Breach Notification

In the event of a data breach, we will notify the Information Commissioner’s Office (ICO) within 72 hours and affected individuals without undue delay, per UK GDPR requirements.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted here with a revised “Last Updated” date. We encourage you to review it periodically.

10. Contact Us

For questions, concerns, or to exercise your rights, contact us at:

  • Email: privacy@carvert.co.uk
  • Phone: 07865597189
  • Address: 52 Lingfield Avenue, Neath Port Talbot, UK, SA126NX
  • Data Protection Contact: Mr. Joe Short at privacy@carvert.co.uk.

You can also contact the ICO for complaints: ico.org.uk, 0303 123 1113.

Copyright © 2025 Carvert - All Rights Reserved.

  • Privacy Policy

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept