Privacy Policy
Last updated: 28 February 2026
1. Who We Are
The Service Book (“we”, “us”, or “our”) operates the vehicle service history report service at theservicebook.co.uk. We are a United Kingdom-based company and we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data We Collect
2.1 Information You Provide
- Vehicle Registration (VRM) or VIN — used to retrieve service history data from manufacturer databases
- Email Address — used to deliver your purchased report and order confirmation
- Payment Details — processed securely by Stripe; we never see or store your full card number
2.2 Automatically Collected Data
- IP Address — used for fraud prevention and rate limiting
- Browser & Device Info — browser type, operating system, screen size
- Usage Data — pages viewed, time on site, referring URL
3. How We Use Your Data
3.1 Service Delivery (Legal Basis: Contract)
- To look up and generate your vehicle service history report
- To send your report via email
- To process your payment
- To provide order support
3.2 Legal Compliance (Legal Basis: Legal Obligation)
- To meet UK tax, accounting, and regulatory requirements
- To respond to lawful requests from authorities
- To prevent fraud and misuse of our service
3.3 Service Improvement (Legal Basis: Legitimate Interest)
- To monitor service performance and fix technical issues
- To understand usage patterns and improve the user experience
4. Third-Party Processors
We work with the following trusted service providers:
- Stripe — payment processing (PCI DSS Level 1 certified). Stripe Privacy Policy
- Authorised Data Providers — retrieve manufacturer service history using your VIN through secure, authorised channels
- SendGrid — email delivery of reports
- Microsoft Azure — secure cloud hosting within Europe
We never sell, rent, or trade your personal data to third parties for marketing or any other purpose.
5. Data Security
We take the security of your data seriously:
- All connections are encrypted using HTTPS (TLS 1.3)
- Payment data is handled entirely by Stripe — we never touch your card details
- Database storage is encrypted at rest
- Access to personal data is restricted to authorised personnel only
- IP addresses are stored as one-way hashes (cannot be reversed to your actual IP)
6. Data Retention
| Data | Retention Period |
|---|---|
| Email & VIN | Retained to provide report access and delivery |
| Service history cache | 48 hours (automatically deleted) |
| Payment records | 7 years (UK tax/accounting requirements) |
| IP hashes | 24 hours (for rate limiting) |
| Analytics data | Up to 14 months |
7. Your Rights
Under UK GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your personal data (subject to legal retention requirements)
- Portability — receive your data in a machine-readable format
- Object — object to processing based on legitimate interests
- Restrict Processing — request temporary suspension of data processing
To exercise any of these rights, email us at help@theservicebook.co.uk. We will respond within 30 days.
8. Cookies
We use only essential cookies required for the website to function:
- Session cookies — to maintain your browsing session
- Authentication cookies — to keep you signed in
- Anti-forgery cookies — to protect against cross-site request forgery
We do not use advertising or third-party tracking cookies.
9. Children
Our service is not intended for anyone under 16 years of age. We do not knowingly collect data from children. If you are under 16 years of age you must not use our service.
10. International Transfers
Your data is primarily stored within the UK and EEA (Microsoft Azure, West Europe). Where data is transferred outside the UK (e.g. Stripe’s US infrastructure), we ensure appropriate safeguards are in place before transfers take place.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date at the top of this page.
12. Complaints
If you have concerns about how we handle your data, you can:
- Contact us at help@theservicebook.co.uk
- Lodge a complaint with the Information Commissioner’s Office (ICO) — Helpline: 0303 123 1113
13. Contact
For any questions about this Privacy Policy or your personal data:
Email: help@theservicebook.co.uk
Website: theservicebook.co.uk