FleetPilotBack to Home

Privacy Policy

Last updated: 3 March 2026

FleetPilot ("we", "us", or "our") operates the FleetPilot platform, including the website at www.fleetpilot.co.uk and the FleetPilot mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Personal Information

When you register for an account or use our Service, we may collect the following personal information:

  • Account Information: Name, email address, phone number, and company name.
  • Driver Information: Driver profiles, licence details, and availability status.
  • Payment Information: Billing details processed securely through Stripe. We do not store full card numbers on our servers.
  • Customer Information: Passenger names, contact details, and booking preferences provided by fleet operators.

1.2 Location Data

With your explicit consent, we collect precise GPS location data from drivers using the mobile application. This data is used to:

  • Track driver positions during active bookings.
  • Provide real-time fleet visibility to fleet operators.
  • Calculate accurate journey distances and durations.
  • Optimise driver dispatch and routing.

Location tracking is only active when the driver has an active booking or has explicitly enabled tracking. You can disable location access at any time through your device settings.

1.3 Usage Data

We automatically collect certain information when you use the Service:

  • Device type, operating system, and browser information.
  • IP address and approximate location derived from IP.
  • Pages visited, features used, and interaction patterns.
  • Error logs and performance metrics.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Process bookings and manage fleet operations.
  • Send booking confirmations, updates, and notifications.
  • Process payments and generate invoices.
  • Provide customer support and respond to enquiries.
  • Monitor and analyse usage trends to improve user experience.
  • Detect, prevent, and address technical issues or fraudulent activity.
  • Comply with legal obligations and enforce our terms.

3. Third-Party Services

We use the following third-party services to operate the platform. Each has its own privacy policy governing how they process data:

  • Supabase: Database hosting, user authentication, and real-time data services (EU-hosted).
  • Stripe: Payment processing. Stripe handles all sensitive payment data in compliance with PCI DSS standards.
  • Google Maps Platform: Mapping, geocoding, and distance calculation services.
  • MailerSend: Transactional email delivery for booking confirmations and notifications.
  • Vercel: Application hosting and content delivery.
  • Vercel Speed Insights: Anonymous performance monitoring that collects Core Web Vitals metrics. No personal data or identifiers are collected.
  • Meta (WhatsApp Business API): Optional messaging integration for booking notifications.

4. Data Storage and Security

Your data is stored securely using Supabase's managed PostgreSQL database infrastructure. We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS) for all data transfers.
  • Encryption at rest for stored data.
  • Row Level Security (RLS) policies ensuring users can only access their own data.
  • Regular security audits and monitoring.
  • Secure authentication with email verification.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained until you request account deletion.
  • Booking records: Retained for 7 years for financial and regulatory compliance.
  • Location data: GPS tracking data is retained for 90 days, then automatically deleted.
  • Payment records: Retained as required by financial regulations (typically 7 years).

6. Your Rights (GDPR)

If you are located in the United Kingdom or European Economic Area, you have the following rights under data protection law:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Data Portability: Request your data in a structured, machine-readable format.
  • Right to Object: Object to processing of your personal data for certain purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at the details provided below.

7. Cookies

We use essential cookies and local storage to maintain your authentication session and remember your preferences. We do not use third-party advertising or tracking cookies.

8. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

  • Email: support@fleetpilot.co.uk
  • Website: www.fleetpilot.co.uk