Privacy Policy — Servizo Ltd
(Fully aligned with GDPR, UK Data Protection Act 2018, and your Cyber policy requirements)

Last Updated: 07 December 2025
Company: Servizo Ltd, 96 Melford Avenue, Barking, IG11 9HR, United Kingdom.

1. Overview
   Servizo is committed to protecting personal data. This Privacy Policy explains how we collect, use, store, and protect the data of Customers and Providers.

2. Data Controller
   Servizo Ltd is the Data Controller for the personal data processed via the Platform.

Contact: support@servizo.co

3. Data We Collect

3.1 Account Information

• Name, email, phone, address

• Password (encrypted)

• For Providers: ID verification documents, driver/vehicle documents, qualification evidence

3.2 Booking Information

• Service details

• Date, time, location

• Dietary, travel, or access information

3.3 Payment Information

• Payment method tokens

• Transaction identifiers
  (We do not store full card numbers)

3.4 Communications

• Support messages

• Customer–Provider chat

• Emails, logs, and time stamps

3.5 Technical & Usage Data

• Device identifiers

• IP address

• Cookies and analytics

• Crash logs

• Location data (only when permission is granted)

4. Legal Bases for Processing
   We use personal data under the following lawful bases:

• Contract (to facilitate bookings)

• Legitimate interest (fraud prevention, service improvements)

• Legal obligations (tax, safety, verification laws)

• Consent (for marketing and optional features)

5. How We Use Personal Data
   We use data to:

• Create accounts and manage bookings

• Process payments

• Verify Providers

• Provide customer support

• Prevent fraud or misuse

• Improve service quality

• Comply with legal and insurance requirements

6. Data Sharing
   We share personal data with:

• Providers — Customer details required for service delivery

• Customers — limited Provider information needed to complete a booking

• Payment processors

• Identity verification partners

• Insurers & Breach Response Counsel when necessary

• Regulators or law enforcement when required

• IT service providers under confidentiality agreements

We never sell personal data.

7. Cybersecurity Measures
   Servizo implements appropriate security controls including:

• MFA protection for privileged access

• Encrypted data in transit

• Access-based restrictions

• Regular security audits

• Monitoring tools for suspicious activity

These align with the requirements of our Cyber Insurance policy.

Users must maintain reasonable security practices, including securing their login credentials.

8. Data Retention
   We retain:

• Account data: while the account remains active

• Booking & transaction data: 6–7 years for audit & tax regulations

• Verification data: as long as required by law or as part of compliance checks

• Logs: for security and operational purposes

9. International Transfers
   If your data is processed outside the UK/EEA, we will ensure adequate safeguards such as Standard Contractual Clauses.

10. Your Rights
    You may request:

• Access to your data

• Correction of inaccurate information

• Erasure (“right to be forgotten”)

• Restriction or objection to processing

• Data portability

• Withdrawal of consent for marketing

Requests: support@servizo.co

You may also contact the Information Commissioner’s Office (ICO).

11. Cookies
    We use cookies for essential functions, analytics, and user preferences. Cookie preferences may be managed via your browser or our cookie banner.

12. Breach Notification
    If a data breach occurs that risks your rights or freedoms, we will notify you and the ICO according to legal obligations.

Servizo will engage its Cyber insurer’s Breach Response Counsel as part of its incident response plan.

13. Changes to This Policy
    We may update this Privacy Policy periodically. Updates will be posted with a revised “Last Updated” date.

Contact Us
For questions or concerns about these policies, please reach out to our support team at: support@servizo.co.uk