PRIVACY POLICY

Last updated: June 6, 2025

1. INTRODUCTION

This Privacy Policy explains how Jo Learn To Drive (“we”, “us”, or “our”) collects, uses, and protects your personal information when you use our website https://jolearntodrive.co.uk (the “Website”).

We take your privacy seriously. Our website is professionally designed and managed by DigiGrow, a UK-based website management company, who have implemented robust systems to ensure your personal data is handled securely and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For the purposes of data protection law, Jo Learn To Drive is the data controller, determining how and why personal data is processed. DigiGrow acts as our data processor, managing the technical infrastructure and systems on our behalf.

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

When you fill out forms on our website (implemented and managed by DigiGrow), we may collect:

  • First Name
  • Last Name
  • Email address
  • Phone number
  • Your area of interest (selected from dropdown)
  • Any additional information you choose to provide in your message

DigiGrow has configured these forms to securely transmit your information to us while maintaining a temporary copy on their secure systems for technical support purposes.

2.2 Information Automatically Collected

DigiGrow has implemented privacy-focused technologies that collect minimal technical information to help us understand website usage and maintain security:

Website Analytics (via privacy-respecting tools implemented by DigiGrow):

  • Pages you visit on our website
  • Time spent on different pages
  • General browser and device type
  • Operating system
  • Which website referred you to ours
  • Your approximate location (country/region only, not specific location)

This information is collected through:

  • Plausible Analytics: A cookieless analytics platform hosted on DigiGrow’s infrastructure that respects your privacy
  • Cloudflare Browser Insights: Performance monitoring to ensure our website loads quickly for all visitors

Security and Performance (via Cloudflare, implemented by DigiGrow):

  • Technical information needed to protect against cyber attacks
  • Performance data to ensure fast page loading
  • Security logs when potential threats are detected

3. HOW WE USE YOUR INFORMATION

3.1 Information from Forms

We use the contact information you provide to:

  • Respond to your enquiries
  • Provide the services or information you’ve requested
  • Keep records of our communications
  • Reply to enquirers and offer our driving instruction services

3.2 Analytics and Technical Data

The analytics tools DigiGrow has implemented help us to:

  • Understand which pages are most useful to our visitors
  • Improve our website’s performance and user experience
  • Identify and fix technical issues
  • Ensure our website remains secure from cyber threats

4. LEGAL BASIS FOR PROCESSING

We process your personal data based on:

  • Consent: When you voluntarily submit a form or contact us
  • Legitimate Interests: For website security, performance improvement, and understanding visitor preferences (always balanced against your rights)
  • Contract: When necessary to provide services you’ve requested
  • Legal Obligation: When required by law

5. WHO HAS ACCESS TO YOUR DATA

5.1 Our Website Management Partner

DigiGrow manages our website infrastructure and:

  • Temporarily stores form submissions on their secure UK servers (automatically deleted after 90 days)
  • Provides technical support and maintenance
  • Implements security measures and monitoring
  • Never uses your data for their own purposes
  • Acts strictly as our data processor under UK GDPR

5.2 Infrastructure Providers

DigiGrow has implemented the following services on our behalf:

Cloudflare (Security and Performance)

  • Provides protection against cyber attacks
  • Ensures fast website loading globally
  • May process data internationally with appropriate safeguards
  • Participates in the EU-US Data Privacy Framework

5.3 Other Disclosures

We will only share your personal information:

  • With your explicit consent
  • To comply with legal obligations
  • To protect rights, property, or safety
  • With professional advisers when necessary

We never sell your personal data to third parties.

6. WHERE YOUR DATA IS PROCESSED

Our website infrastructure is hosted on Cloudflare’s global network for optimal performance and security. However, all personal data from form submissions is processed and stored exclusively on DigiGrow’s secure servers in the United Kingdom.

When you access our website, some technical data may be processed internationally by Cloudflare for security and performance purposes. These international transfers are protected by:

  • The UK’s recognition of the EU-US Data Privacy Framework
  • Cloudflare’s certified participation in privacy frameworks
  • Strong technical security measures

Your personal information submitted through forms never leaves the UK and is processed solely on DigiGrow’s UK-based infrastructure.

7. HOW LONG WE KEEP YOUR DATA

DigiGrow has implemented automated systems to manage data retention:

  • Form submissions: Automatically deleted from DigiGrow’s systems after 90 days
  • Our records: We retain our copies of correspondence for as long as needed to provide our services
  • Analytics data: Aggregated and anonymous - cannot identify individuals
  • Security logs: Retained only as long as necessary for security monitoring

8. SECURITY OF YOUR DATA

DigiGrow has implemented comprehensive security measures on our behalf:

  • SSL/TLS encryption for all data transmission
  • Secure UK-based hosting infrastructure
  • Regular security updates and patches
  • 24/7 security monitoring via Cloudflare
  • Web application firewall protection
  • Daily automated backups (retained for 7 days)
  • Access controls and authentication systems

While these measures provide strong protection, no internet transmission is ever 100% secure. We work with DigiGrow to continuously review and improve our security practices.

9. YOUR RIGHTS

Under UK data protection law, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion of your data
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a portable format
  • Object: Object to certain processing
  • Withdraw Consent: Remove consent at any time

To exercise any of these rights, please contact us using the details in Section 13. We will coordinate with DigiGrow to fulfil your request where technical assistance is required.

10. COOKIES AND TRACKING

DigiGrow has specifically designed our website to minimise cookie usage and respect your privacy. We only use essential security cookies and cookieless analytics tools. For full details, please see our Cookie Policy.

11. CHILDREN’S PRIVACY

Our website is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such information, please contact us immediately.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. DigiGrow will help us post any changes on this page with a new “Last updated” date. We encourage you to review this policy regularly.

13. CONTACT INFORMATION

For questions about your personal data or this policy:

Data Controller:

Jo Learn To Drive

Email: jjflangford@gmail.com

Phone: 07955 268239

Technical Support:

For technical queries about how your data is processed on our website:

DigiGrow Support: support@digigrow.uk

14. COMPLAINTS

If you’re unhappy with how we handle your personal data, you can:

  1. Contact us directly using the details above
  2. Lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Phone: 0303 123 1113

Website: https://ico.org.uk/

This website’s privacy infrastructure is managed by DigiGrow, a UK-registered data processor committed to maintaining the highest standards of data protection and security.