8fe3461adf
- Add ICO registration reference (00014395133) to privacy policy, terms of service, and refund policy - Document search/query logging (hashed IP, location, fuel type, result count) with 24-month retention under legitimate interests - Add push notification data section (OneSignal endpoints, encryption keys, preferences) to privacy policy - Add new section on automated recommendations explaining fill-up timing algorithm is informational only without legal effects - Clarify IP address collection context: security/abuse/fraud only, not individual profiling - Update retention periods: security logs 12 months, query logs 24 months, push subscriptions until unsubscribe - Expand data processor descriptions (OneSignal push data, Umami cookieless commitment) - Add commercial use restrictions to terms: no scraping, mirroring, or republishing compiled data/rankings without permission - Clarify downstream data aggregator role and upstream data feed limitations - Add prohibition on using service while operating motor vehicle - Remove annual billing references (monthly only) - Add VAT status notice and downgrade-to-free-tier behavior on cancellation - Add data controller contact details to privacy policy footer
282 lines
18 KiB
PHP
282 lines
18 KiB
PHP
{{-- DRAFT: Generated {{ date('Y-m-d') }}. Review by UK-qualified solicitor recommended before launch. --}}
|
|
<x-layouts.legal
|
|
title="Privacy Policy"
|
|
heading="Privacy Policy"
|
|
lastUpdated="{{ now()->format('j F Y') }}"
|
|
metaDescription="How FuelAlert collects, uses and protects your personal data under UK GDPR.">
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">1. Who we are</h2>
|
|
<p>
|
|
FuelAlert is a trading name of <strong>Ovidiu Ungureanu</strong>, a sole trader based in
|
|
Peterborough, United Kingdom. For the purposes of UK data protection law, Ovidiu Ungureanu
|
|
is the <strong>data controller</strong> for personal data collected through this service.
|
|
</p>
|
|
<p>
|
|
Ovidiu Ungureanu is registered with the UK Information Commissioner's Office (ICO) as a
|
|
data controller. <strong>ICO registration reference: 00014395133.</strong>
|
|
</p>
|
|
<p>
|
|
If you have any questions about this policy or how we handle your personal data, contact us at
|
|
<a href="mailto:hello@fuel-alert.co.uk" class="text-accent underline">hello@fuel-alert.co.uk</a>.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">2. What data we collect</h2>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Account data</h3>
|
|
<p>Your email address, a hashed password, and the date you created your account.</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Contact data for alerts</h3>
|
|
<p>
|
|
If you opt in to WhatsApp or SMS alerts, your mobile phone number. We collect it only to
|
|
send the alerts you have requested, and only after you verify the number through a
|
|
one-time passcode (OTP) sent to that number.
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Location data</h3>
|
|
<p>
|
|
We use location only to show you fuel prices near you, and only when you ask us to. We
|
|
never track your location in the background. Location reaches us in the following ways:
|
|
</p>
|
|
<ul class="list-disc space-y-1 pl-6">
|
|
<li>
|
|
<strong>Searching nearby (everyone).</strong> When you use "find prices near me",
|
|
your browser asks your permission to share your device location. We use the
|
|
coordinates to find nearby stations. We do not store your precise coordinates. For
|
|
anonymous usage statistics (for example, "stations checked this week") we record
|
|
searches only at approximately 1 km precision, together with a one-way hashed
|
|
version of your IP address that cannot be reversed to identify you.
|
|
</li>
|
|
<li>
|
|
<strong>Shareable search links.</strong> Search results can be shared or bookmarked
|
|
as a web link. To make this work, your filters and an approximate location are
|
|
included in the link's web address. Location in links is rounded to roughly
|
|
street-level precision rather than your exact position. Anyone you share a link with
|
|
can see the approximate location it contains.
|
|
</li>
|
|
<li>
|
|
<strong>Saved location (registered users).</strong> If you provide a postcode, we
|
|
convert it to approximate coordinates and store this against your account so we can
|
|
show your local prices without you re-entering it. You can change or remove it in
|
|
your account settings, and it is deleted when you delete your account.
|
|
</li>
|
|
</ul>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Search and query logs</h3>
|
|
<p>
|
|
When you search for stations or prices, we log the approximate search location, fuel
|
|
type selected, result count, timestamp, a one-way hashed IP address, and basic device
|
|
information (browser type, device type). We use these logs for abuse prevention,
|
|
troubleshooting, and aggregate service statistics. We do not use them to build a profile
|
|
of your individual behaviour. Logs are retained for a maximum of 24 months.
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Payment data</h3>
|
|
<p>
|
|
Payment card details are collected and processed by <strong>Stripe</strong>, our payment
|
|
processor. FuelAlert does not see, store, or otherwise have access to your card numbers.
|
|
We retain only your Stripe customer ID and subscription metadata (plan, billing cycle,
|
|
renewal date).
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Push notification data</h3>
|
|
<p>
|
|
If you opt in to push notifications via OneSignal, we store your push subscription
|
|
endpoint (a browser-specific URL), the encryption keys needed for secure message
|
|
delivery, and your notification preferences. This data is retained until you unsubscribe,
|
|
revoke browser permission, or your subscription becomes stale.
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Usage data</h3>
|
|
<p>
|
|
Features you use and alerts you configure — used to deliver the service and improve it.
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Technical data</h3>
|
|
<p>
|
|
IP address, browser type and version, device type, and operating system. IP address is
|
|
collected alongside account actions and searches for security, abuse prevention, and
|
|
fraud detection (lawful basis: legitimate interests, Art. 6(1)(f)). We do not use IP
|
|
addresses to identify you as an individual in any other context.
|
|
</p>
|
|
|
|
<h3 class="font-semibold text-zinc-900">Marketing preferences</h3>
|
|
<p>Only collected if you opt in to marketing communications.</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">3. Lawful basis for processing</h2>
|
|
<p>We process your personal data under the following bases of UK GDPR Article 6:</p>
|
|
<ul class="list-disc space-y-1 pl-6">
|
|
<li><strong>Account creation and service delivery</strong> — contract (Art. 6(1)(b)).</li>
|
|
<li><strong>Sending the alerts you configure, including by email, WhatsApp, SMS or push</strong> — contract (Art. 6(1)(b)).</li>
|
|
<li><strong>Finding stations near you on request (device location)</strong> — consent (Art. 6(1)(a)), given through your browser's location permission and withdrawable at any time.</li>
|
|
<li><strong>Storing your saved location as a registered user</strong> — contract (Art. 6(1)(b)).</li>
|
|
<li><strong>Payment processing</strong> — contract (Art. 6(1)(b)).</li>
|
|
<li><strong>Security, abuse prevention, and fraud detection (including IP address logging)</strong> — legitimate interests (Art. 6(1)(f)).</li>
|
|
<li><strong>Search and query logging for aggregate statistics and troubleshooting</strong> — legitimate interests (Art. 6(1)(f)).</li>
|
|
<li><strong>Aggregated, non-identifying analytics and product improvement</strong> — legitimate interests (Art. 6(1)(f)).</li>
|
|
<li><strong>Marketing emails</strong> — consent (Art. 6(1)(a)). You can withdraw consent at any time.</li>
|
|
</ul>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">4. How we use your data</h2>
|
|
<ul class="list-disc space-y-1 pl-6">
|
|
<li>To create and operate your account (contract).</li>
|
|
<li>To deliver fuel price information and the alerts you have configured (contract).</li>
|
|
<li>To find fuel stations near you when you request it (consent).</li>
|
|
<li>To process subscription payments via Stripe (contract).</li>
|
|
<li>To keep our service secure and prevent abuse (legitimate interests).</li>
|
|
<li>To understand which features are used and improve the product, using aggregated, non-identifying data (legitimate interests).</li>
|
|
<li>To respond to your support enquiries (contract / legitimate interests).</li>
|
|
<li>To send marketing emails if you have opted in (consent).</li>
|
|
</ul>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">5. Automated recommendations</h2>
|
|
<p>
|
|
FuelAlert generates fill-up timing recommendations (for example, "fill up now" or "wait")
|
|
using an algorithm that analyses local price trends, historical patterns, and market
|
|
signals. These recommendations are <strong>informational only</strong> and are produced
|
|
automatically without human review. They do not have legal or similarly significant
|
|
effects on you, and we do not use them to make decisions that affect your rights or
|
|
interests in any material way.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">6. Who we share data with</h2>
|
|
<p>We use the following processors to deliver the service. We do not sell your data to anyone.</p>
|
|
<ul class="list-disc space-y-2 pl-6">
|
|
<li>
|
|
<strong>Stripe</strong> — payment processing. Card details, billing address,
|
|
and subscription events flow to Stripe. See
|
|
<a class="text-accent underline" href="https://stripe.com/privacy" target="_blank" rel="noopener">Stripe's privacy policy</a>.
|
|
</li>
|
|
<li><strong>Ionos</strong> — infrastructure where our application and database run, and the mail servers (SMTP) that send account, billing and alert emails on our behalf.</li>
|
|
<li>
|
|
<strong>Umami Analytics</strong> — we run our own self-hosted Umami instance to
|
|
collect aggregated, cookieless usage metrics (pages viewed, referrer, country, device
|
|
type). It does not store data that identifies you as an individual, and no analytics
|
|
data is shared with third parties. We periodically review our analytics setup to
|
|
confirm it remains cookieless; if this changes we will update our Cookie Policy and
|
|
request consent before setting any non-essential cookies.
|
|
</li>
|
|
<li><strong>Vonage</strong> — delivers WhatsApp and SMS alerts if you opt in to those channels. Your phone number is shared only to send messages you have requested. See <a class="text-accent underline" href="https://www.vonage.co.uk/legal/privacy-policy/" target="_blank" rel="noopener">Vonage's privacy policy</a>.</li>
|
|
<li><strong>OneSignal</strong> — delivers web push notifications if you opt in to push alerts. Push subscription data (endpoint, encryption keys, device type) is processed by OneSignal on our behalf. See <a class="text-accent underline" href="https://onesignal.com/privacy_policy" target="_blank" rel="noopener">OneSignal's privacy policy</a>.</li>
|
|
</ul>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">7. International transfers</h2>
|
|
<p>
|
|
Some of our processors — including Stripe, Vonage and OneSignal — operate
|
|
outside the UK and EEA, including in the United States. Where personal data is transferred
|
|
internationally, we rely on appropriate safeguards under UK GDPR: the UK International Data
|
|
Transfer Addendum to the EU Standard Contractual Clauses, the UK Extension to the EU-US
|
|
Data Privacy Framework, or an equivalent mechanism, depending on the processor.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">8. How long we keep data</h2>
|
|
<ul class="list-disc space-y-1 pl-6">
|
|
<li><strong>Active account data:</strong> for as long as your account is open, plus 12 months after closure.</li>
|
|
<li><strong>Saved location (registered users):</strong> while your account is active; deleted when you delete your account.</li>
|
|
<li><strong>Alert and notification preferences:</strong> while your account is active; deleted when you close your account or remove the preference.</li>
|
|
<li><strong>Push notification subscriptions:</strong> until you unsubscribe, revoke browser permission, or the subscription becomes stale.</li>
|
|
<li><strong>Payment records:</strong> 6 years, to meet HMRC requirements for self-employed traders.</li>
|
|
<li><strong>Marketing data:</strong> until you withdraw consent.</li>
|
|
<li><strong>Security and fraud logs (including IP records):</strong> a maximum of 12 months.</li>
|
|
<li><strong>Search and query logs:</strong> a maximum of 24 months.</li>
|
|
<li><strong>Aggregated analytics:</strong> retained indefinitely in anonymised, non-identifiable form only.</li>
|
|
</ul>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">9. Your rights under UK GDPR</h2>
|
|
<p>You have the following rights in relation to your personal data:</p>
|
|
<ul class="list-disc space-y-1 pl-6">
|
|
<li><strong>Right of access</strong> — ask for a copy of the data we hold about you.</li>
|
|
<li><strong>Right to rectification</strong> — ask us to correct inaccurate data.</li>
|
|
<li><strong>Right to erasure</strong> ("right to be forgotten") — ask us to delete your data.</li>
|
|
<li><strong>Right to restrict processing</strong> — ask us to pause processing in certain circumstances.</li>
|
|
<li><strong>Right to data portability</strong> — receive your data in a machine-readable format.</li>
|
|
<li><strong>Right to object</strong> — object to processing based on legitimate interests.</li>
|
|
<li><strong>Rights related to automated decision-making</strong> — our fill-up timing recommendations are generated algorithmically but are informational only and do not have legal or similarly significant effects on you.</li>
|
|
<li><strong>Right to withdraw consent</strong> — where we rely on consent (for example, device location or marketing).</li>
|
|
</ul>
|
|
<p>
|
|
To exercise any of these rights, email
|
|
<a href="mailto:hello@fuel-alert.co.uk" class="text-accent underline">hello@fuel-alert.co.uk</a>.
|
|
We will respond within one month.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">10. Cookies</h2>
|
|
<p>
|
|
We use only a small number of essential cookies to operate the service, and self-hosted,
|
|
cookieless analytics. Full details are in our
|
|
<a class="text-accent underline" href="{{ route('legal.cookies') }}">Cookie Policy</a>.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">11. Security</h2>
|
|
<p>
|
|
All traffic between your device and our service is encrypted with HTTPS. Passwords are
|
|
stored as one-way hashes — we never see your plaintext password. Sensitive fields in
|
|
our database are protected by access controls, and our infrastructure receives regular
|
|
security updates. No system is ever 100% secure; if a breach occurs that affects you, we
|
|
will notify you and the ICO as required by law.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">12. Children</h2>
|
|
<p>
|
|
FuelAlert is not directed at children. We do not knowingly collect data from anyone under
|
|
16. If you believe a child has provided us with personal data, contact us and we will
|
|
delete it.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">13. Complaints</h2>
|
|
<p>
|
|
We hope you'll contact us first if you have a complaint, so we can try to put it right.
|
|
You also have the right to lodge a complaint with the UK Information Commissioner's Office
|
|
at any time.
|
|
</p>
|
|
<p>
|
|
ICO website: <a class="text-accent underline" href="https://ico.org.uk" target="_blank" rel="noopener">ico.org.uk</a>
|
|
· ICO helpline: 0303 123 1113.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">14. Changes to this policy</h2>
|
|
<p>
|
|
We may update this policy from time to time. If we make material changes we will notify
|
|
registered users by email. Non-material changes will be shown by an updated "Last updated"
|
|
date at the top of this page.
|
|
</p>
|
|
</section>
|
|
|
|
<section class="space-y-3">
|
|
<h2 class="font-display text-2xl font-bold text-zinc-900">15. Contact</h2>
|
|
<p>
|
|
For any privacy or data protection queries, email
|
|
<a href="mailto:hello@fuel-alert.co.uk" class="text-accent underline">hello@fuel-alert.co.uk</a>.
|
|
</p>
|
|
<p class="text-sm text-zinc-600">
|
|
Data controller: Ovidiu Ungureanu trading as FuelAlert, Peterborough, United Kingdom.
|
|
ICO registration reference: 00014395133.
|
|
</p>
|
|
</section>
|
|
</x-layouts.legal> |