Privacy Policy
How lorry-driver.com uses your data
Introduction
At lorry-driver.com (the Company) I am absolutely committed to adhering to the laws, regulations and guidance laid out in UK law under The Data Protection Act 2018 (DPA 2018), which is the UK’s commitment to personal data protection, security, management and privacy, originally facilitated by the EU Regulation known as GDPR (2016). As the owner and ultimate authority of lorry-driver.com, I, Luke Vernon, am the Company’s Data Protection designate, consequently any queries relating to your data or its usage, please email them to me at luke@lorry-driver.com under the heading “Data Protection and Management”.
1. Scope and Application
This Privacy Policy covers the Company’s commitments to the DPA 2018. It is regularly reviewed and updated against any further legislative or other best practice guidance.
This version was approved on 09 November 2024.
The latest version is always live on the company’s website at www.lorry-driver.com/privacypolicy and always supersedes any and all previous policy declarations notwithstanding automatic protection of statutory right and/or obligation.
It sets out how the Company collects, uses and stores personal data.
If you do not agree with the terms of this Privacy Policy, the Company requests that you do not engage with its products or services and email as noted in the Introduction.
2. How information is collected by lorry-driver.com
The Company collects and receives customer (individuals) and client (organisations) data and other information from a number of sources:
-
Website
-
Social Media
-
Marketing landing pages
-
Events
-
Personal interactions
-
Information in the public domain
The Company does not use any third-party purveyors of customer or client data.
3. What information is collected by lorry-driver.com
The Company requests particular information from customers and clients in order to adequately provide its products and services. All information gained by the company is voluntarily provided explicitly in order to fulfil direct requests for information or implicitly through engagement with the Company’s website, social media and services.
This includes but may not be limited to:
-
Names, addresses and phone numbers
-
Email and social media accounts
-
Financial Details
-
Identification Documents
-
Metadata e.g. how the website or media platforms are used
-
Log data e.g. location and IP addresses
4. What information is stored and/or retained by lorry-driver.com
4.1 Financial Information
The Company rarely engages directly with financial information, although on occasion may take card payments over the phone. Unilaterally and without exception it never stores any financial information after a transaction is closed, i.e. products and/or services have been paid for, provided and accepted. In the case of refunded payments, all transactions are run through by means of purchase i.e. however an item was purchased it is, if ever necessary, refunded in the same way. The Company is therefore not usually directly involved in the storage of financial information, hence generally the policies of its providers apply to financial information. The Company uses only excellent and high transparency providers: Monzo, Sumup, Wix, Mailchimp and Amazon. Their policies are totally and wholly independent of the Company, but for your convenience can be found in Appendix 1.
In the case of recurring or subscription payments, for example the Lorry Driver Club, the transaction closure is deemed to be the final payment, however as before details are maintained and hosted by the above providers and not the Company directly.
4.2 Personal Information and Identification Documents
The personal information stored by the Company includes names, addresses, phone numbers, email addresses, employer/employee details, driver licence details, and occasionally other forms of identification e.g. passports.
Due to the nature of the Company’s business, course attendee data is held for a minimum of five years, the CPC cycle, after which point it may be destroyed by the Company in its annual data clean-up. The Company requires the right to hold the data for this period due to the nature of the CPC cycle, similarly where other data provided by customers or clients has a statutory record requirement the Company will always adhere to such obligations.
When an individual signs up for or attends one of the Company’s training courses, the Company requires the right to contact that attendee both prior to and post completion of the course in order to fulfil the course requirements. All attendees are offered the right to opt-out of future communications that are not directly related to their attended course.
4.3 Metadata and Log Data
Metadata and Log Data is created when customers or clients use or interact with the website and/or social media platforms of the Company. The Company undertakes no direct monitoring or harnessing of your metadata, although it does make use of reports provided by the platform hosts. The Company only uses standard and trusted web-hosting and social media platforms which are Google Analytics, Wix, Sumup, Facebook, Instagram, YouTube, TikTok, LinkedIn and X. As in s4.1, their policies are totally and wholly independent of the Company, but for your convenience can be found in Appendix 2.
If you become a member of the website or the Lorry Driver Club, your log in details are never directly accessible to the Company, and are provided, maintained and managed through Wix.
5. How data is stored by lorry-driver.com
The Company is wholly cloud-based. Data is stored on behalf of the company by the providers listed in s4. All Customer Relationship Management (CRM) is undertaken through their applications.
No hard drive data is maintained on the premises of the company, or elsewhere, and all data is managed within the software application to which it pertains.
Software applications on Company laptops and/or devices are required to be logged out unless in active use and Company laptops and/or devices are only ever transported in this status.
6. Where lorry-driver.com shares data with third parties
6.1 Financial Information
Is never held directly by the Company and therefore cannot be shared. See 4.1
6.2 Personal Information
The Company does not share customer or client information with any third party or agents with the following (a), (b), (c), (d), (e) exceptions and notwithstanding the permissions set out in s6.3.
6.2 (a) The National Logistics Training Consortium (NLTC) - see Appendix 3. Due to the nature of the Company’s business it is required by law to share the following information with NLTC who in turn share with the DVSA:
-
Name
-
Address
-
Phone number
-
Driving Licence
-
Course Date attendance
-
Employer (where relevant)
6.2 (b) Where an employer has wholly or partly subsidised the attendance of an employee on one of the Company’s training courses, the Company retains the right to affirm the status of the employee’s attendance and/or completion of training.
6.2 (c) DVSA - In exceptional circumstances the Company may be contacted directly by the DVSA to confirm an individual’s attendance and/or completion of the training to which the company is obligated to respond.
6.2 (d) The Company will always comply with any Police investigation.
6.2 (e) CRM database information may be made available to a supplier to the Company engaged or employed for marketing and/or communication management utilising the Company’s customer and client information. No data is transferred outside of the software applications in which it resides, i.e. where such disclosure is required the third party is considered an agent of the Company, given access to the applications explained herein, prohibited from downloading any customer information and thus constrained by the entirety of the Company’s policy. The Company does not not permit wholesale or otherwise transfer or sale of its data under any circumstance.
6.3 Metadata and Log Data
This is received by the Company from its platform providers as listed in s4.1 and 4.3. The Company’s reactions to the metadata reports from its providers are based upon the holistic trends established through such data as opposed to individual, personalised response reports (see s7). Such trends may be disclosed to a supplier to the Company engaged or employed for marketing and/or communication management whereby utilising the company’s CRM databases is also a necessary condition.
No data is transferred outside of the software applications in which it resides, i.e. where such disclosure is required the third party is considered an agent of the Company, given access to the applications explained herein with the Company’s access details, contractually prohibited from downloading any customer information and thus constrained by the entirety of the Company’s policy.
7. How lorry-driver.com uses customer and client information
The Company uses such information to determine strategy and appropriate mechanisms for advertising and promoting its products and/or services, inviting customers or clients to review its products and/or services, adapting the nature of its products and/or services and legitimate furthering of the Company’s business interests.
Customer and client data will be used by the Company in accordance with customer and client instructions, including any applicable terms in the customer or client contractual agreements and/or as required by applicable law.
Customer and client data is used to provide, update, maintain and protect services, websites, and business, prevent or address service errors, security, or technical issues, analyse and monitor usage, trends, and other activities. It is also used to provide search, learning and productivity tools and additional features.
Customer and client data data is used to communicate with you by sending emails or other communications and by responding to your requests, comments, and questions. Where you contact the Company, it may use your other information to respond.
The Company may send you service, technical and other administrative emails, messages, and other types of communications. Wherein these communications relate to billing issues, fraud or legal obligations such communications are therefore considered essential, you may not opt-out of them.
The Company may send you details about forthcoming products and/or services. Wherein these communications relate to marketing campaigns or other promotional activities, you may always opt-out of them.
Appendix 1
Monzo - https://monzo.com/legal/business-account-privacy-notice/version-1-3/
Sumup - https://www.sumup.com/en-gb/general-privacy-policy/
Wix - https://www.wix.com/about/privacy
Mailchimp - https://mailchimp.com/legal/
Amazon - https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ
Appendix 2
Google Analytics - https://support.google.com/analytics/answer/7318509?hl=en
Facebook - https://www.facebook.com/privacy/policy/
Instagram - https://help.instagram.com/155833707900388
YouTube - https://www.youtube.com/intl/ALL_uk/howyoutubeworks/our-commitments/protecting-user-data/
TikTok - https://www.tiktok.com/legal/page/eea/privacy-policy/en
LinkedIn - https://www.linkedin.com/legal/privacy-policy
Appendix 3
The National Logistics Training Consortium - https://www.nltc.co.uk and https://nltc.co.uk/privacy-policy/