1. Introduction
LockSafe UK ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using our services, you consent to the data practices described in this policy.
Data Controller: LockSafe UK
Contact: support@locksafe.co.uk
2. Information We Collect
2.1 Information You Provide
We collect information you voluntarily provide, including:
- Account Information: Name, email address, phone number, password
- Location Data: Postcode and address for service requests
- Payment Information: Processed securely by Stripe (we don't store card details)
- Job Details: Description of lock problems, photos you upload
- Communications: Messages and support requests
2.2 Information Collected Automatically
When you use our services, we automatically collect:
- Device Information: Browser type, operating system, device identifiers
- Usage Data: Pages visited, features used, time spent
- GPS/Location Data: For locksmiths (arrival verification) and customers (service location)
- Cookies: See our Cookie Policy
2.3 Information From Third Parties
We may receive information from:
- Payment Processors: Transaction confirmations from Stripe
- Verification Services: DBS check results for locksmiths
- Mapping Services: Location data from Mapbox
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Delivery (Legal Basis: Contract)
- Connect customers with locksmiths
- Process payments and refunds
- Generate job reports and documentation
- Verify locksmith arrival using GPS
- Send job-related notifications
3.2 Platform Safety (Legal Basis: Legitimate Interest)
- Verify locksmith credentials and background
- Detect and prevent fraud
- Resolve disputes using documented evidence
- Maintain platform security
3.3 Improvement (Legal Basis: Legitimate Interest)
- Analyse usage to improve our services
- Develop new features
- Conduct research and analytics
3.4 Marketing (Legal Basis: Consent)
- Send promotional emails (only with your opt-in consent)
- Show relevant advertisements
You can opt out of marketing communications at any time.
4. GPS and Location Data
Our anti-fraud protection relies on GPS data. This is a core feature that protects both customers and locksmiths:
- For Customers: Your address is used to match you with nearby locksmiths and appears on job documentation.
- For Locksmiths: GPS coordinates are captured when you mark arrival and completion. This proves you attended the job location.
GPS data is stored as part of the job record and included in PDF reports. It is retained for 7 years for legal and dispute resolution purposes.
5. Who We Share Your Data With
We share your information with:
- Customers and Locksmiths: Job-related information is shared between parties to complete services (name, phone, address, job details).
- Stripe: For secure payment processing.
- Mapbox: For mapping and location services.
- Resend: For sending transactional emails.
- Vercel: For hosting our services.
- Legal Authorities: If required by law or to protect rights.
We do not sell your personal data to third parties. We do not share your data for third-party marketing without your explicit consent.
6. Data Retention
We retain your data for the following periods:
- Account Data: Until you delete your account
- Job Records: 7 years (for legal and tax compliance)
- Payment Records: 7 years (as required by financial regulations)
- Marketing Preferences: Until you withdraw consent
- Support Communications: 3 years
7. Your Rights Under GDPR
You have the following rights regarding your personal data:
Right to Access
Request a copy of all personal data we hold about you.
Right to Rectification
Request correction of inaccurate personal data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a machine-readable format.
Right to Object
Object to processing based on legitimate interests.
Right to Restrict
Request restriction of processing in certain circumstances.
To exercise any of these rights, contact us at support@locksafe.co.uk. We will respond within 30 days.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption of data in transit (HTTPS/TLS)
- Secure database storage with encryption at rest
- Regular security assessments
- Access controls and authentication
- Employee training on data protection
Payment information is processed by Stripe, which is PCI DSS compliant. We never store your full card details on our servers.
9. International Data Transfers
Some of our service providers may process data outside the UK/EEA. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
10. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Platform. The date of the last update is shown at the top of this page.
12. Complaints
If you have concerns about how we handle your data, please contact us first. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Website: ico.org.uk
Phone: 0303 123 1113
13. Contact Us
For any privacy-related questions or to exercise your rights: