DMPDrivers
UK GDPR · Data Protection Act 2018

GDPR & Data Protection Notice

How DMP Drivers Ltd collects, processes, and protects your personal data in full compliance with UK law.

Last updated: 24/04/2026

ICO RegisteredUK GDPR CompliantData Protection Act 2018AES-256 EncryptedUK Data Centres

1. Introduction

DMP Drivers Ltd is committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This notice explains how we collect, process, store, and protect your information when you use our platform.

2. Data Controller

DMP Drivers Ltd

Acts as the data controller for all personal data collected through this website. As data controller, we determine the purposes and means by which personal data is processed.

Registered in England & Wales · ICO Registered

3. Categories of Data Processed

We may process the following categories of data:

  • Identity data name, date of birth, address
  • Contact data email address, phone number
  • Driving licence details category and type
  • Identity verification data images of driving licence (front & back) and liveness verification video
  • Technical data IP address, device type, browser information

4. Special Category Data (Biometric Data)

Special category data — processed only with your explicit consent

As part of our identity verification process, we may process biometric data derived from your liveness verification video. Under UK GDPR Article 9, this is classified as special category data and requires explicit consent.

This data is processed:

  • Only with your explicit consent
  • Solely for identity verification purposes
  • Without automated decision-making or profiling

5. Lawful Basis for Processing

We process personal data under the following lawful bases:

Consent

UK GDPR Art. 6(1)(a) & Art. 9(2)(a)

For identity verification and biometric data processing — you give explicit consent before we process this category of data.

Legitimate Interests

UK GDPR Art. 6(1)(f)

To connect verified drivers with partner companies and to protect platform security and integrity.

Legal Obligations

UK GDPR Art. 6(1)(c)

Where we are required to process or retain data to comply with applicable UK law.

6. Purpose of Processing

Your data is used to:

  • Verify your identity
  • Process your application
  • Match you with relevant partner companies
  • Ensure platform security and fraud prevention

7. Data Sharing

We may share your data with selected partner companies (e.g. Uber, Amazon, DHL, FedEx, UPS, Royal Mail) strictly for evaluation purposes, and only once your application is approved.

We do not sell your personal data — ever.

All partner companies receiving your data are contractually required to process it in accordance with applicable data protection laws.

8. International Data Transfers

Where third-party service providers (such as cloud storage or email delivery services) are used, data may be processed outside the UK.

In such cases, we ensure appropriate safeguards are in place — including Standard Contractual Clauses or equivalent mechanisms — in accordance with UK GDPR Chapter V.

9. Data Retention

Data categoryRetention period
Rejected applicationsDeleted within 90 days
Approved applicationsRetained for operational & compliance purposes
Biometric / verification videoDeleted upon application closure or earlier on request

You may request deletion of your data at any time via /privacy/delete or by emailing privacy@dmpdrivers.co.uk.

10. Security Measures

We implement strong technical and organisational security controls:

AES-256 encryption at rest
TLS 1.3 encryption in transit
Restricted access to authorised personnel only
Secure cloud storage in UK-based data centres (eu-west-2)

11. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict processing
  • Object to processing
  • Request data portability

Exercise your rights

Submit a data request at /privacy/delete or contact us at privacy@dmpdrivers.co.uk. We will respond within 30 days in accordance with UK GDPR Article 12.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.

12. Data Breach Procedures

In the event of a personal data breach, DMP Drivers Ltd will:

  • Take immediate containment and remediation action
  • Notify the ICO within 72 hours where the breach is likely to result in a risk to individuals' rights and freedoms (UK GDPR Article 33)
  • Notify affected individuals without undue delay where the breach is likely to result in a high risk (UK GDPR Article 34)
  • Maintain a record of all breaches regardless of whether notification is required

13. Contact

For all data protection enquiries, please contact our data protection contact:

DMP Drivers Ltd

United Kingdom

Email: privacy@dmpdrivers.co.uk

Privacy Policy

Full data handling details

Cookie Policy

Cookies & browser storage

Terms of Service

Platform terms & conditions