Privacy Policy

Last updated: 20 March 2026

NeedATyre is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

NeedATyre is the data controller for personal data collected through this website and our services. If you have any questions about this policy or wish to exercise your data rights, contact us at privacy@needatyre.com.

2. What Data We Collect

We may collect the following personal data:

  • Contact information: name, email address, phone number, business name
  • Order information: vehicle details, tyre sizes, service location, order history
  • Payment information: card details are processed securely by our payment provider and are not stored on our servers
  • Account information: login credentials (password stored in hashed form only)
  • Technical data: IP address, browser type, device information, pages visited
  • Communication data: messages sent via our contact form or email

3. How We Use Your Data

We use your personal data for the following purposes:

  • Processing and fulfilling tyre fitting, repair and breakdown orders
  • Communicating with you about your orders and account
  • Providing customer support and responding to enquiries
  • Sending service-related notifications (order confirmations, job updates)
  • Improving our website and services
  • Complying with legal and regulatory obligations

Our legal basis for processing is: performance of a contract (order fulfilment), legitimate interests (service improvement, fraud prevention), and consent (where applicable for marketing communications).

4. Data Sharing

We may share your data with:

  • Mobile tyre fitters: your name, contact details and location are shared with the fitter assigned to your job so they can carry out the service
  • Payment providers: to process your payment securely
  • Email service providers: to send transactional emails and notifications

We do not sell your personal data to third parties. We do not share your data for marketing purposes without your explicit consent.

5. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy. Specifically:

  • Order records: 7 years (for tax and accounting purposes)
  • Account data: until you request account deletion
  • Contact form messages: 2 years
  • Technical logs: 90 days

6. Your Rights

Under UK GDPR, you have the following rights:

  • Right of access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate data
  • Right to erasure: request deletion of your data (subject to legal retention requirements)
  • Right to restrict processing: request that we limit how we use your data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to processing based on legitimate interests

To exercise any of these rights, email privacy@needatyre.com. We will respond within 30 days.

7. Cookies

Our website uses essential cookies required for the site to function, including session cookies for login and CSRF protection. These cookies are strictly necessary and do not require consent. We do not use advertising or tracking cookies. If we introduce non-essential cookies in the future, we will update this policy and provide appropriate consent mechanisms.

8. Security

We take appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), secure password hashing, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this privacy policy from time to time. The updated version will be posted on this page with a revised date. We encourage you to review this policy periodically.

10. Contact

If you have questions about this privacy policy or wish to make a data subject request, contact us at:

Email: privacy@needatyre.com
Or use our contact form.

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.