Client/Chauffeur GDPR

Executive Travel, Airport Transfers, Chauffeuring and Private Security Services

GDPR Data Protection Policy for Customer and Chauffeur Data

1. Introduction

Ashbrook Executive Travel is committed to protecting the privacy and security of personal data relating to our customers and chauffeurs. This policy explains what we collect, why we collect it, how we use it, who we share it with, how long we keep it, and the rights available to individuals under UK GDPR and the Data Protection Act 2018.

2. Data Controller, ICO registration, and contact

Data Controller: Ashbrook Executive Travel

ICO registration number: ZB661308

Email: info@ashbrookexecutivetravel.co.uk

Phone: 01892 710 720

If you have any questions, requests, or concerns about this policy or your personal data, please contact us using the details above.

3. Definitions

  • Customer Data: information relating to an identified or identifiable individual who engages our services, including contact details and booking information.
  • Chauffeur Data: information relating to an identified or identifiable individual who provides chauffeur services for, or in connection with, Ashbrook Executive Travel, including licensing and compliance information.
  • Personal Data: any information that relates to an identified or identifiable natural person.

4. Types of data we collect

4.1 Customer Data

We may collect and process the following categories of Customer Data:

  • Name
  • Email address
  • Phone number
  • Pickup and drop off details, including addresses and timings
  • Booking information, itinerary, and special requests
  • Communications with our office, including emails and call records where applicable

4.2 Chauffeur Data

We may collect and process the following categories of Chauffeur Data:

  • Name and contact details
  • Driving licence information and licence status checks
  • Private hire licensing information, including badge and vehicle licensing details, expiry dates, and supporting documents
  • Insurance details and compliance information
  • Vetting information relevant to the role, including verification checks and outcomes
  • Work allocation, dispatch, operational notes, and performance feedback
  • Payment administration information, including payslip related data where applicable

Important note on sensitive data: where required for compliance and vetting, we may need to process information relating to criminal convictions and offences, for example DBS related information, and driving record related checks. Access to this information is restricted and handled with appropriate safeguards.

5. How we collect data

We collect personal data directly from you, from booking requests, from communications with our team, and from documents you provide. We may also receive data from third parties where necessary, for example corporate bookers, licensing authorities, insurers, and compliance providers, where this is relevant to providing the service or meeting our legal and licensing obligations.

6. Purposes of processing

6.1 Customer Data

We process Customer Data to:

  • Provide and deliver bookings and customer support
  • Communicate booking confirmations, updates, and operational messages
  • Administer payments, invoicing, receipts, and audit records
  • Maintain service quality, training, and monitoring, including call logging and recording where applicable
  • Handle complaints, queries, and dispute resolution
  • Send promotional materials only where required permissions or lawful bases apply

6.2 Chauffeur Data

We process Chauffeur Data to:

  • Vet, assess, onboard, and manage chauffeurs and owner drivers within our network
  • Schedule, dispatch, and administer bookings and service delivery
  • Meet our obligations under licensing, safeguarding, and compliance requirements, including verifying licence and insurance status
  • Conduct checks and periodic re checks where appropriate, including enquiries with licensing authorities, insurers, and DVLA related checks, to validate continued compliance
  • Maintain operational records, training standards, and service consistency

7. Legal basis for processing

We process personal data under one or more of the following lawful bases, depending on the context:

  • Contract: to perform a booking, manage a service request, or to take steps prior to entering into a contract
  • Legal obligation: to meet legal duties, including licensing and record keeping requirements
  • Legitimate interests: to operate, manage, and protect our business, deliver a high standard of service, prevent fraud, and maintain safety and compliance, balanced against your rights and expectations
  • Consent: where you have given consent for specific purposes, which you may withdraw at any time (where consent is the applicable basis)

8. Sharing and disclosure of data

We may share personal data where necessary for service delivery, compliance, and administration. This may include:

  • Our dispatch and booking systems providers and service partners acting as data processors under contract
  • Payment providers and billing support services
  • Licensing authorities, enforcement officers, police, or other authorities where required by law or licensing rules, or where we reasonably believe disclosure is necessary
  • Insurers and compliance related organisations where relevant to validating cover, handling incidents, or meeting compliance duties

We do not sell personal data.

9. International transfers

Where any supplier or system we use processes personal data outside the UK, we take steps to ensure appropriate safeguards are in place, such as contractual protections and, where required, appropriate transfer mechanisms.

10. Data security and call recording

We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, alteration, loss, or destruction. Access is restricted to authorised personnel, and we use access controls and security practices appropriate to the nature of the data.

Our phone system may log and record calls for training, monitoring, and service quality purposes.

11. Data retention

We keep personal data only for as long as necessary for the purposes set out in this policy. Retention periods may be determined by legal requirements, tax and accounting rules, and licensing authority requirements. We retain booking and operational records, and chauffeur licensing and compliance records, for the period required by law and by our relevant licensing authorities, and then securely delete or anonymise data where appropriate. Where multiple retention requirements apply, we apply the longer period.

12. Your rights

Under UK GDPR, you may have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request erasure of your personal data (in certain circumstances)
  • Restrict processing (in certain circumstances)
  • Object to processing (in certain circumstances)
  • Data portability (in certain circumstances)

To exercise any rights, please contact us using the email or phone number above. We may need to verify identity before responding.

13. Complaints

If you have concerns about how we handle personal data, please contact us first so we can investigate and respond.

14. Changes to this policy

We may update this policy from time to time. We will publish updates on our website and amend the Last Updated date above.

Last Updated: 20 December 2025

© 2025 Ashbrook Executive Travel. All Rights Reserved.
Terms and Conditions | Privacy Policy | GDPR | FAQ's | Drive for us
Authorised and Regulated by the British Chauffeurs Guild - Commercial Regulation: 4004-COMM, Corporate Regulation: 4004-CORP