Skip to main content

Privacy Policy

1. Introduction & Data Controller

1.1. ITIRR Ltd (“ITIRR”, “we”, “us”, “our”) is a company registered in England & Wales (Company No. [PENDING]). Our registered address is [PENDING].

1.2. ITIRR is the data controller for personal data collected through our Platform (itirr.com) for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1.3. Our Data Protection Officer can be contacted at privacy@itirr.com.

1.4. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and what rights you have in relation to your data.

2. What Personal Data We Collect

2.1. From Renters — at sign-up: Email address, username, password (stored as a secure hash — we never store your plaintext password), full name, phone number, and date of birth.

2.1. From Renters — after identity verification (via Stripe Identity): Full name, date of birth, driving licence number, driving licence expiry date, and verification result (verified / not verified) and the date of verification. We do not receive, store, or retain: document photographs, selfie images, facial biometric data, penalty points, endorsements, or any other data from your driving record.

2.1. From Renters — during a booking: DVLA check code (generated by the Renter at gov.uk). This code and the last 8 digits of the Renter’s driving licence number are transmitted to the Provider immediately after payment and then permanently deleted from ITIRR’s systems. We do not access, query, or retain the Renter’s driving record through this process. At checkout, we also record a generic eligibility confirmation (a simple yes/no indicating that the Renter has confirmed they meet the Provider’s displayed driver eligibility requirements). This confirmation does not contain any specific information about the Renter’s penalty points, endorsements, or driving history — it records only that the Renter affirmed eligibility. This data is processed under Article 6(1)(b) UK GDPR (performance of contract) and is retained for the duration of the booking record. If a Renter cancels a booking, we also collect and store the cancellation reason selected by the Renter (for example: “no longer needed” or “does not meet driver eligibility requirements”). This data is used to calculate the correct refund amount, to determine whether a £50 processing fee applies under clause 8.3(h) of the Terms of Service, and for internal analytics to improve the Platform.

2.1. From Renters — ongoing: Payment card information (processed by Stripe — ITIRR does not store full card numbers), booking history, vehicle reviews, and messages sent through the Platform.

2.2. From Providers: Contact name, email address, phone number; business type (limited company or sole trader); for limited companies: company name, Companies House registration number, and registered address; for sole traders: trading name and trading address; VAT number (if applicable); insurance certificates and policy details per vehicle listed; vehicle information (make, model, year, registration, photographs, specifications, pricing, and cancellation policy); bank/payment account details (processed by Stripe Connect); booking records; and messages sent through the Platform.

2.3. From all users automatically: IP address, browser type and version, device type and operating system, pages visited, time and date of visits, referring URL, and cookie data (see section 10).

2.4. Special category data: We do not intentionally collect special category data (e.g. health data, religious beliefs). Identity verification involves your driving licence or passport being presented to Stripe Identity’s systems, which may process facial biometric data as part of their document-liveness check. ITIRR does not receive, hold, or retain any facial biometric data — only the verification outcome is returned to us. We do not store images of any identity document.

2.5. What we never store: Photographs of driving licences or passports; selfie or facial biometric data; penalty points, endorsements, or any other driving history; the Renter’s residential address; full payment card numbers; DVLA check codes (deleted immediately after transmission to the Provider).

2.6. Driving endorsements and penalty points — Article 10 UK GDPR: ITIRR does not collect, store, or process data relating to driving endorsements (including endorsement codes) or penalty points. These categories of data may constitute criminal offence data for the purposes of Article 10 UK GDPR. Driver eligibility verification is carried out exclusively by the vehicle Provider using the DVLA check code system. ITIRR facilitates the submission of DVLA check codes from Renters to Providers but does not query the DVLA, does not receive any data returned by the DVLA in response to a check code query, and has no access to the driving licence information revealed by those codes. Providers who receive driving record data through the DVLA check code system are independently responsible for ensuring their processing of that data complies with UK GDPR Article 10 and the Data Protection Act 2018. The endorsement group categories and penalty point thresholds displayed on vehicle listings are Provider-set informational labels describing the Provider’s own requirements — they are not derived from, and do not contain, any Renter’s personal data.

3. How and Why We Use Your Data (Purposes of Processing)

3.1. We process personal data for the following purposes:

(a) Facilitating bookings: Connecting Renters with Providers, processing reservations, transmitting booking details.

(b) Identity verification: Verifying the identity of Renters and Providers during registration and booking.

(c) Insurance verification: Transmitting Renter driving licence details to the Provider after payment, solely to enable the Provider to add the Renter to their insurance policy.

(d) Payment processing: Processing booking payments, the ITIRR Booking Service Fee, security deposits, refunds, and Provider payouts via Stripe Connect. The Booking Service Fee is a 10% fee charged to the Renter and included in the daily price shown on all listings. ITIRR does not directly hold, control, or have access to deposit or payment funds at any point. All funds are processed and held by Stripe Connect, a regulated payment institution authorised by the FCA under the UK Payment Services Regulations 2017. ITIRR instructs Stripe to release or capture security deposits based on the Provider’s damage assessment and any applicable dispute outcome. Where a booking is cancelled pre-confirmation because the Renter does not meet driver eligibility requirements — whether by Renter self-cancellation or by Provider decline following DVLA check code review — a £50 administration fee may be retained from the Booking Service Fee refund (see clauses 4.6 and 8.3(h) of the Terms of Service). The Renter’s cancellation reason is processed for this purpose under Article 6(1)(b) UK GDPR (performance of contract).

(e) Communication: Sending booking confirmations, reminders, status updates, insurance verification notices, and Platform notifications.

(f) Dispute resolution: Investigating and mediating disputes between Renters and Providers where requested.

(g) Fraud prevention: Detecting and preventing fraudulent activity, identity fraud, and misuse of the Platform.

(h) Legal compliance: Complying with tax, regulatory, anti-money laundering, and law enforcement requirements.

(i) Platform improvement: Analysing usage patterns to improve Platform functionality, user experience, and security.

(j) Marketing (with consent only): Sending promotional emails about new features, offers, or services. You can opt out at any time.

4. Legal Basis for Processing

4.1. Under UK GDPR, we must have a lawful basis for processing your personal data. The bases we rely on are:

(a) Contract (Article 6(1)(b)): Processing necessary to perform our contract with you, including facilitating bookings, processing payments, transmitting licence data to Providers, and providing the Platform service.

(b) Consent (Article 6(1)(a)): We obtain your explicit consent before: sharing your licence details with Providers; sending marketing communications; and using non-essential cookies.

(c) Legitimate interest (Article 6(1)(f)): Processing necessary for our legitimate interests, including fraud prevention, Platform security, improving the user experience, and enforcing our Terms of Service. We have carried out a legitimate interest assessment for each of these purposes.

(d) Legal obligation (Article 6(1)(c)): Processing necessary to comply with our legal obligations, including tax reporting (HMRC), anti-money laundering regulations, and responding to law enforcement requests.

5. Who We Share Your Data With

5.1. We only share your personal data with third parties where necessary and lawful. Our data sharing arrangements are:

(a) Vehicle Providers: After payment is processed, we transmit the Renter’s DVLA check code and the last 8 digits of the Renter’s driving licence number to the Provider. The code allows the Provider to query the Renter’s driving licence details directly via the DVLA’s own systems. ITIRR does not transmit licence photographs, endorsement data, or penalty point information. Both the DVLA check code and the licence digits are deleted from ITIRR’s systems immediately after transmission. We do not share the Renter’s phone number, email address, home address, or payment details with the Provider. The Provider may see the Renter’s first name (as verified via DVLA) in the messaging system only.

(a.1) Provider anonymity: ITIRR operates an anonymous provider model. No Provider identity information — including business name, trading name, personal name, phone number, email address, or contact details — is shared with Renters at any stage of the booking process. Vehicle listings are identified by a unique listing code (e.g. IT00001). The exact pickup address is only revealed to the Renter after the booking is fully confirmed. In the messaging system, Provider messages are labelled “Provider” only.

(b) Stripe Identity: Identity document images and selfie/video data submitted during registration are processed by Stripe Identity Ltd, a regulated identity verification provider. Stripe Identity acts as a data processor under ITIRR’s instructions. ITIRR receives from Stripe Identity: full name, date of birth, driving licence number, licence expiry date, and verification result (verified / not verified). Document photographs, selfie images, and any facial biometric data are not returned to or retained by ITIRR.

(c) Stripe, Inc.: Our payment processor. All payments and security deposits are processed via Stripe Connect. Stripe processes and stores payment card details, bank account details, and transaction data in accordance with PCI DSS Level 1. ITIRR does not directly hold, control, or have access to deposit or payment funds at any point. Stripe is authorised by the FCA under the Payment Services Regulations 2017 and Electronic Money Regulations 2011. Stripe’s privacy policy is available at stripe.com/privacy.

(d) Cloudinary: Vehicle images uploaded by Providers are stored and served via Cloudinary’s cloud infrastructure.

(e) Vercel: Our hosting provider. Vercel hosts the Platform infrastructure and may process server logs containing IP addresses.

(f) Supabase: Our database provider. User account data, booking records, and messages are stored in Supabase’s managed database infrastructure.

(g) Law enforcement and regulators: We may disclose personal data if required by law, court order, or regulatory authority, or where we reasonably believe disclosure is necessary to prevent fraud, protect safety, or comply with legal obligations.

5.2. We do not sell, rent, licence, or trade your personal data to any third party for marketing or commercial purposes.

6. International Data Transfers

6.1. Some of our service providers (Stripe Identity, Stripe, Cloudinary, Vercel, Supabase) may process data outside the United Kingdom.

6.2. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including: (a) transfers to countries with UK adequacy decisions; (b) International Data Transfer Agreements (IDTAs); or (c) Standard Contractual Clauses (SCCs) approved by the ICO.

6.3. You may request details of the safeguards in place for any specific transfer by contacting privacy@itirr.com.

7. Data Retention

7.1. We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

(a) Active accounts: Data retained while the account remains active and for 30 days after account closure (to allow for reactivation).

(b) Closed accounts: Core account data (name, email, transaction history) retained for 6 years after closure to comply with HMRC tax record requirements and the Limitation Act 1980.

(c) DVLA check codes: Deleted immediately after transmission to the Provider. Not retained by ITIRR.

(d) Identity verification data (name, DOB, licence number, expiry, verification result): Retained for the duration of the account. Deleted within 30 days of account closure, unless required for ongoing dispute resolution or legal proceedings.

(e) Provider insurance certificates: Retained for 12 months after the certificate expiry date, then permanently deleted.

(f) Platform messages: Retained for 6 years after the associated booking is completed, then permanently deleted. All messages are logged and may be reviewed for dispute resolution, safety, and compliance purposes.

(g) Payment records: Transaction records (including deposit authorisations, captures, refunds, and dispute outcomes) retained for 6 years in accordance with HMRC requirements and the Limitation Act 1980.

(g.1) Cancellation reason data: The cancellation reason recorded when a Renter cancels a booking is retained for 6 years after the booking is cancelled, in accordance with the Limitation Act 1980, to support any potential dispute regarding refund amounts or the retention of the processing fee under clause 8.3(h) of the Terms of Service.

(h) Vehicle condition reports: Check-in and check-out photographs (16 guided photos per report plus any additional damage photographs), odometer readings, fuel levels, notes, and digital sign-offs are retained for 6 years after the associated booking is completed, in accordance with the Limitation Act 1980. These records form the primary evidence base for any damage claim or dispute and may be shared with the other party and, if required, with courts or alternative dispute resolution providers.

(i) Damage evidence: Photographs, repair quotes, written descriptions, and correspondence submitted through the damage claim and dispute resolution process are retained for 6 years after the associated booking is completed, in accordance with the Limitation Act 1980, to support potential legal proceedings. This data may be shared with the other party to the dispute and, if required, with courts or alternative dispute resolution providers.

(j) Website analytics and logs: Anonymised or deleted after 26 months.

8. Your Rights Under UK GDPR

8.1. Under UK GDPR and the Data Protection Act 2018, you have the following rights:

(a) Right of access (Article 15): You have the right to request a copy of all personal data we hold about you (a Subject Access Request or SAR). We will respond within 30 days.

(b) Right to rectification (Article 16): You have the right to request correction of inaccurate or incomplete personal data.

(c) Right to erasure (Article 17): You have the right to request deletion of your personal data (“right to be forgotten”), subject to legal retention requirements (e.g. HMRC tax records).

(d) Right to restrict processing (Article 18): You have the right to request that we restrict processing of your data in certain circumstances, for example while we verify its accuracy.

(e) Right to data portability (Article 20): You have the right to receive your personal data in a structured, commonly used, machine-readable format (e.g. CSV or JSON) and to transmit it to another controller.

(f) Right to object (Article 21): You have the right to object to processing based on legitimate interest. Where you object, we will cease processing unless we can demonstrate compelling legitimate grounds.

(g) Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

(h) Right not to be subject to automated decision-making (Article 22): ITIRR does not make any decisions based solely on automated processing that have a legal or similarly significant effect on you.

8.2. To exercise any of these rights, contact us at privacy@itirr.com. We will respond within 30 days. We may ask you to verify your identity before processing your request.

9. Data Security

9.1. We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, including:

(a) Encryption in transit using TLS 1.2+ (SSL) for all Platform communications.

(b) Encryption at rest for stored personal data.

(c) Secure authentication via NextAuth with industry-standard password hashing.

(d) Payment data handled exclusively by Stripe (PCI DSS Level 1 compliant). ITIRR never stores full card numbers.

(e) Role-based access controls limiting data access to authorised personnel only.

(f) Regular security reviews and vulnerability assessments.

9.2. In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you and the ICO within 72 hours in accordance with UK GDPR Article 33.

10. Cookies

10.1. Essential cookies: Required for the Platform to function correctly (authentication, session management, security). These cannot be disabled.

10.2. Analytics cookies: Used to understand how users interact with the Platform (page views, traffic sources). We use anonymised analytics data. These cookies are only set with your consent.

10.3. Marketing cookies: Currently not used. If we introduce marketing cookies in the future, we will update this policy and obtain your consent.

10.4. You can manage cookie preferences through your browser settings or through the cookie consent banner displayed on first visit. Disabling essential cookies may prevent the Platform from functioning correctly.

10.5. For more information about cookies, visit allaboutcookies.org.

11. Children’s Privacy

11.1. The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

11.2. If we become aware that we have collected personal data from a child under 18, we will take steps to delete it as soon as possible.

12. Third-Party Links

12.1. The Platform may contain links to third-party websites or services. ITIRR is not responsible for the privacy practices or content of those sites. We recommend you read the privacy policy of any third-party site you visit.

13. Changes to This Policy

13.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

13.2. We will notify registered users of material changes via email at least 30 days before the changes take effect.

13.3. The latest version will always be available at itirr.com/privacy.

14. Contact & Complaints

14.1. For privacy-related questions, Subject Access Requests, or to exercise any of your rights, contact our Data Protection Officer at privacy@itirr.com.

14.2. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

14.3. ITIRR Ltd, registered in England & Wales. Company No. [PENDING]. Registered address: [PENDING].