Privacy Policy

1. Who we are

Good To Go Travel is operated by its proprietors, Richard Mercer and Steven Mercer. For the purposes of data protection law, we are the data controller for personal data collected through our services.

Contact for privacy matters: info@goodtogotravel.co.uk

2. What data we collect

We collect the following categories of personal data:

• Identity and contact data: your name, email address, phone number;
• Booking data: pickup and drop-off addresses, journey date and time, passenger count, luggage details, special requirements, flight number for airport pickups;
• Payment data: payment card details are collected and processed directly by our payment processor, Stripe. We do not store full card numbers on our systems; we only receive a payment token and transaction reference;
• Technical data: IP address, browser type and version, device information and pages visited, collected via cookies and similar technologies;
• Communication data: records of emails, messages and calls between you and us;
• Location data: where you use features that rely on Google Maps (e.g. address autocomplete), your approximate location may be processed to provide accurate suggestions.

3. How we use your data and our legal basis

We process your data for the following purposes and on the following legal bases under UK GDPR:

• To provide the transport service you have booked, including passing essential journey details to the assigned driver (legal basis: performance of a contract);
• To process payments via Stripe and manage driver settlement (performance of a contract and legitimate interests);
• To communicate with you about your booking, including confirmations, changes and cancellations (performance of a contract);
• To comply with our legal obligations as a licensed PHV operator, including record-keeping requirements imposed by our licensing authority (legal obligation);
• To prevent fraud, investigate misuse and keep our platform secure (legitimate interests);
• To handle complaints and respond to enquiries (legitimate interests);
• To send service messages. We do not send marketing emails unless you have specifically opted in (consent where required).

4. Who we share your data with

We share personal data only with the following categories of recipient, and only to the extent necessary:

• The driver allocated to your journey, who receives your name, contact number, pickup and drop-off address, flight number (for airport pickups) and any access notes;
• Stripe Payments Europe, Ltd. for secure payment processing. Stripe is the data controller for payment data it collects directly from you;
• Supabase, our database and hosting provider, which stores booking and account data on our behalf;
• Resend, our transactional email provider, which sends booking confirmations and service emails on our behalf;
• Google Maps Platform, for address lookup, distance calculation and route planning;
• Our licensing authority, law enforcement or other public authorities where we are legally required to disclose data;
• Professional advisers (accountants, solicitors, insurers) where necessary, bound by duties of confidentiality.

We do not sell your personal data to third parties.

5. International transfers

Some of our service providers process data outside the UK. Where this happens, we rely on appropriate safeguards permitted by UK GDPR, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or a finding of adequacy by the UK Government.

6. How long we keep your data

We keep booking and journey records for six years after the end of the tax year in which the journey took place, in line with HMRC record-keeping requirements. We may keep some records longer where required to do so by our licensing authority, or where there is an ongoing complaint, dispute or legal claim. Marketing contact details are kept until you unsubscribe.

7. Your rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you;
• Ask us to correct inaccurate or incomplete data;
• Ask us to erase your data, where there is no overriding reason for us to keep it;
• Restrict or object to our processing of your data;
• Receive your data in a portable format;
• Withdraw consent at any time, where we rely on consent.

To exercise any of these rights, contact info@goodtogotravel.co.uk. We will respond within one month. You also have the right to complain to the Information Commissioner's Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.

8. Cookies

Our website uses a small number of cookies and similar technologies. Strictly necessary cookies are used to keep you signed in and to remember your booking in progress. Analytics and other non-essential cookies are only set with your consent, which you can give or withdraw via the cookie banner on first visit or in your browser settings.

9. Security

We use appropriate technical and organisational measures to protect your data, including encrypted connections (HTTPS), access controls on our systems, and partnering with providers (Stripe, Supabase, Resend) who are themselves certified to recognised security standards. No system is completely secure; we take reasonable steps to minimise risk.

10. Changes to this Policy

We may update this Policy from time to time. The latest version will always be available on our website, with the "Last updated" date amended accordingly. Material changes will be notified to you by email where we hold your contact details.

11. Contact

If you have any questions about this Policy or how we handle your data, please contact us at info@goodtogotravel.co.uk.