Privacy Policy

DAK Logistics Ltd ("we", "us", "our", or the "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website, mobile app, and courier services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using our Services, you consent to the practices described in this Policy.

If you have any questions about this Policy or your data rights, please contact us using the details at the end of this document.

1. Who We Are

2. What Data We Collect

We collect personal data that is necessary to provide our courier and logistics services. This includes:

• Identity and contact data: name, email address, telephone number, company name, and job title.
• Delivery data: collection and delivery addresses, recipient names and contact numbers, and delivery instructions.
• Account data: login credentials, account preferences, order history, and saved addresses.
• Payment data: billing address, card or bank details (processed securely via our payment provider; we do not store full card numbers).
• Technical data: IP address, browser type and version, device information, operating system, and cookie identifiers.
• Usage data: how you interact with our website and app, including pages visited, time spent, and features used.
• Marketing and communications data: your preferences for receiving marketing communications and correspondence history.

3. How We Collect Your Data

• Directly from you: when you register an account, place a booking, complete forms, contact our support team, or subscribe to our newsletter.
• Automatically: through cookies, server logs, and analytics tools when you browse our website or use our app.
• From third parties: payment providers confirming transaction status, or publicly available sources for business account verification.

4. Lawful Basis for Processing

Under UK GDPR, we process your personal data only where we have a lawful basis to do so:

• Contractual necessity: to fulfil our delivery contracts, process bookings, and manage your account.
• Legal obligation: to comply with tax, accounting, and regulatory requirements, including record-keeping under UK law.
• Legitimate interests: to improve our services, prevent fraud, maintain security, and manage our business operations.
• Consent: for marketing emails and non-essential cookies. You may withdraw consent at any time.
• Vital interests: in exceptional circumstances, such as emergency contact during a delivery incident.

5. How We Use Your Data

• To provide and manage our courier and logistics services, including booking, collection, delivery, tracking, and customer support.
• To process payments, issue invoices, and manage credit accounts.
• To communicate with you about your bookings, service updates, and account matters.
• To send marketing communications where you have consented, including newsletters, promotions, and service updates.
• To analyse usage patterns and improve our website, app, and service offerings.
• To detect, prevent, and investigate fraud, security breaches, and other unlawful activity.
• To comply with legal and regulatory obligations, including tax and customs requirements.

6. Data Sharing and Recipients

We do not sell your personal data. We share data only where necessary and with appropriate safeguards:

• Delivery partners and subcontractors: to fulfil deliveries, especially in remote or high-volume areas. All subcontractors are contractually bound to handle your data in accordance with this Policy.
• Payment processors: to securely handle card and bank transactions (e.g., Stripe, PayPal).
• IT and hosting providers: to store and manage data securely using cloud-based services within the UK and EEA.
• Analytics and marketing platforms: to understand website usage and deliver targeted marketing where consented.
• Regulatory and legal bodies: where required by law, court order, or to protect our legal rights.

7. International Data Transfers

We primarily store and process data within the United Kingdom and European Economic Area (EEA). Where we use service providers based outside the UK/EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved under UK GDPR, or reliance on adequacy decisions by the UK Secretary of State.

8. Data Retention

We retain your personal data only for as long as necessary:

• Booking and delivery records: 7 years from the date of the transaction (to comply with UK tax and accounting laws).
• Account data: for the duration of your active account plus 2 years after closure, unless you request deletion sooner.
• Marketing data: until you withdraw consent or unsubscribe, after which we retain only a suppression record.
• Technical and usage data: up to 26 months, after which it is anonymised or deleted.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyse traffic.

• Essential cookies: required for the website to function (e.g., login sessions, booking flow). These cannot be disabled.
• Analytics cookies: help us understand how visitors use our site (e.g., Google Analytics). These are set only with your consent.
• Marketing cookies: used to deliver relevant advertising and measure campaign effectiveness. These require your explicit consent.

You can manage your cookie preferences at any time via the cookie banner or your browser settings. For more information, please contact us.

10. Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right to access: request a copy of the personal data we hold about you.
• Right to rectification: request correction of inaccurate or incomplete data.
• Right to erasure ("right to be forgotten"): request deletion of your data where there is no compelling reason for us to keep it.
• Right to restrict processing: request that we limit how we use your data.
• Right to data portability: receive your data in a structured, machine-readable format and transfer it to another controller.
• Right to object: object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: withdraw consent at any time where we rely on it (this does not affect lawfulness of processing before withdrawal).
• Right to complain: lodge a complaint with the Information Commissioner's Office (ICO) if you believe your rights have been violated.

To exercise any of these rights, please contact us using the details below. We will respond within one month of receiving your request, which may be extended by two further months for complex requests.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (TLS/SSL), access controls, regular security assessments, and staff training. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy

Our Services are not directed at children under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review their privacy policies before providing any personal data.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. Material changes will be notified to you by email (where we have your contact details) or via a prominent notice on our website. The "Last updated" date at the top of this page indicates when the Policy was last revised.

15. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Officer: