This policy describes how FleetEase handles personal data in line with UK GDPR and the Data Protection Act 2018. If you have any questions or wish to exercise your data rights, email privacy@fleetease.co.uk.
1. Who we are
FleetEase is a UK-based fleet management software product. For the purposes of UK GDPR, we act as the data controller when you interact with our website (fleetease.co.uk) and as a data processor when you use the FleetEase application to manage your fleet data.
Contact: privacy@fleetease.co.uk
2. What data we collect
When you visit our website
- Contact details you voluntarily submit via our contact form (name, email, company name, phone number, fleet size)
- Basic analytics data such as pages visited, browser type, device type, and approximate location (country/city) — used solely to understand how people use the site
When you use the FleetEase application
- Account information: name, email, role within your company, password (stored as an encrypted hash — we never see your actual password)
- Company and fleet data: information you enter about your vehicles, drivers, inspections, maintenance, and related fleet operations
- Driver personal data: names, contact details, licence information, and compliance records you store about drivers in your fleet
- Usage data: login times, IP addresses, and activity logs for security and audit purposes
3. Why we collect it (lawful basis)
We only process your data when we have a lawful basis to do so under UK GDPR Article 6:
- Contract: to provide the FleetEase service you've signed up for
- Legitimate interest: to keep the service secure, investigate issues, and improve our product
- Consent: for optional communications such as newsletters or product updates (you can withdraw consent at any time)
- Legal obligation: where we're required by law to retain certain records (e.g. financial records)
4. How long we keep it
We retain your data only for as long as necessary:
- Active accounts: for the duration of your subscription and up to 90 days after cancellation to allow for account recovery
- Contact form submissions: up to 12 months unless you become a customer
- Financial records: 6 years, as required by UK law
- Security logs: up to 12 months for audit purposes
When no longer needed, data is securely deleted or anonymised.
5. Who we share it with
We do not sell your data. We share it only with trusted third parties who help us run the service:
- Hosting providers (Render, Netlify, Neon) — to host the application and marketing website
- Email service providers — to deliver transactional emails such as password resets and notifications
- Authentication providers — for multi-factor authentication codes
- UK authorities — only if legally required (court order, police investigation, tax authority request)
All third-party providers are contractually required to protect your data in line with UK GDPR.
6. Where your data is stored
Your data is primarily stored on servers within the United Kingdom and European Economic Area. Some of our service providers (such as Render) may process data in the United States under approved data transfer mechanisms including the UK-US Data Bridge and Standard Contractual Clauses. Appropriate safeguards are always in place.
7. How we protect your data
- All data is transmitted over encrypted HTTPS connections
- Passwords are stored as salted cryptographic hashes, never in plain text
- Database access is restricted to authorised personnel only
- Multi-factor authentication is available for all user accounts
- Regular security monitoring and updates are performed
8. Your rights under UK GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — ask us to delete your data (subject to legal retention requirements)
- Right to restriction — ask us to temporarily stop processing your data
- Right to data portability — request your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — where processing is based on consent
To exercise any of these rights, email privacy@fleetease.co.uk. We'll respond within 30 days.
9. Cookies
Our website uses minimal cookies for essential functionality and basic analytics. We don't use advertising trackers or sell data to third parties for marketing purposes.
10. Complaints
If you have concerns about how we handle your data, please contact us first at privacy@fleetease.co.uk. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
11. Changes to this policy
We may update this policy from time to time. Material changes will be notified to registered users by email and posted on this page. The effective date below will always reflect the latest revision.