DEVELOPMENT ENVIRONMENT - This is a testing environment. Data may be reset at any time.

Clone Check

Privacy Policy

Last updated: 17 December 2025

Your Privacy Matters

Clone Check is committed to protecting your privacy and handling your personal data transparently. This Privacy Policy explains how we collect, use, share, and protect your information when you use our services.

1. Information We Collect

1.1 Information You Provide

When you use our Service, you may provide us with:

  • Account Information: Email address, full name, password (encrypted)
  • Payment Information: Processed securely through Stripe (we do not store card details)
  • Vehicle Search Data: Registration numbers you search, user-claimed vehicle details
  • Communications: Messages, feedback, or support requests you send us

1.2 Information Collected Automatically

When you access our Service, we automatically collect:

  • Usage Data: Pages visited, features used, time spent, click patterns
  • Device Information: Browser type, operating system, device type, IP address
  • Technical Data: User agent, referring URL, language preferences
  • Cookies and Similar Technologies: See Section 5 for details

1.3 Third-Party Data

We obtain vehicle data from public sources:

  • DVLA (Driver and Vehicle Licensing Agency): Vehicle registration data
  • DVSA (Driver and Vehicle Standards Agency): MOT test history and results

Note: While vehicle history data is publicly available, we treat all data associated with your account with the same high standard of protection as personal data.

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Provision

  • Create and manage your account
  • Process vehicle checks and generate fraud detection reports
  • Send PDF reports via email
  • Process payments and maintain billing records
  • Provide customer support and respond to inquiries

2.2 Service Improvement

  • Analyze usage patterns to improve features and functionality
  • Develop and refine fraud detection algorithms
  • Test and optimize user experience
  • Understand customer needs and preferences

2.3 Communications

  • Send transactional emails (account verification, password resets, receipts)
  • Deliver vehicle check reports via email
  • Send important service updates and security notices
  • Respond to your requests and customer support needs

2.4 Legal and Security

  • Comply with legal obligations and regulatory requirements
  • Detect, prevent, and address fraud, security issues, or technical problems
  • Protect the rights, property, or safety of Clone Check, our users, or the public
  • Enforce our Terms and Conditions

2.5 Marketing Communications (Optional)

If you opt-in during registration or in your account settings, we may send you marketing emails about:

  • Special offers and promotional discounts
  • New features and product updates
  • News and announcements related to our services
  • Tips and best practices for vehicle checking

Your marketing consent is entirely optional. You can opt out at any time by:

  • Clicking the unsubscribe link in any marketing email
  • Updating your preferences in your account settings
  • Contacting us at privacy@clone-check.com

We will never sell, rent, or share your email address with third parties for their marketing purposes. Essential service emails (account security, payment confirmations, etc.) will still be sent regardless of your marketing preference.

3. Google Analytics and Third-Party Services

3.1 Google Analytics

We use Google Analytics to understand how users interact with our Service. Google Analytics is a web analytics service provided by Google LLC that uses cookies and similar technologies to collect and analyze information about Service usage.

Data Collected by Google Analytics:

  • Pages visited and navigation patterns
  • Time spent on pages and overall session duration
  • Demographic information (age range, gender, interests)
  • Geographic location (city/country level)
  • Device and browser information
  • Traffic sources and referral information
  • User engagement and retention metrics

3.2 Google Analytics Data Sharing

We have enabled the following Google Analytics data sharing settings:

  • Google Products & Services: Your aggregated data may be shared with Google to improve Google's products and services. Google will not use your data for ad personalization or ad targeting.
  • Modeling Contributions & Business Insights: We contribute aggregated, de-identified measurement data to enable predictions, modeled data, and benchmarking features.
  • Technical Support: Google technical support may access analytics data when necessary to resolve technical issues.
  • Business Recommendations: Google may access account usage and configuration data to provide optimization recommendations.

3.3 Data Processing and Protection

Google processes analytics data in accordance with:

  • Google Ads Data Processing Terms: Google processes data only as required to maintain and protect the Google Analytics service
  • GDPR Compliance: We have accepted Google's Data Processing Terms as required by GDPR
  • Controller-Controller Terms: We have entered into Google's Measurement Controller-Controller Data Protection Terms governing data sharing

3.4 Opting Out of Google Analytics

You can opt out of Google Analytics tracking by:

Learn more: How Google uses information from sites or apps that use our services

3.5 Other Third-Party Services

We also use:

  • Stripe: Payment processing (subject to Stripe's Privacy Policy)
  • Email Service Providers: For transactional email delivery

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing necessary to provide our services and fulfill our contract with you (account management, vehicle checks, report delivery)
  • Legitimate Interests: Processing necessary for our legitimate business interests (fraud detection, service improvement, security, analytics) provided such interests are not overridden by your rights
  • Legal Obligation: Processing necessary to comply with legal requirements (tax laws, financial regulations, law enforcement requests)
  • Consent: Where required by law, we obtain your explicit consent (e.g., marketing communications, optional data collection)

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and collect usage data.

5.1 Types of Cookies We Use

Essential Cookies (Required)

Authentication, session management, security. Cannot be disabled.

Analytics Cookies

Google Analytics tracking, usage statistics, performance monitoring.

Functional Cookies

Remember preferences, settings, user interface customization.

5.2 Managing Cookies

You can control cookies through:

  • Your browser settings (block all cookies, delete existing cookies)
  • Google Analytics Opt-out Add-on
  • Privacy-focused browser extensions

Note: Disabling cookies may limit functionality and prevent you from using certain features.

5.3 Cookie Consent (PECR Compliance)

In compliance with the UK Privacy and Electronic Communications Regulations (PECR), we obtain your explicit consent before placing non-essential cookies (such as Analytics and Functional cookies) on your device.

Important: When you first visit our website, you will be presented with a cookie consent banner. Analytics cookies (including Google Analytics) will not be activated until you click "Accept" or provide explicit consent. Essential cookies required for the website to function are exempt from this consent requirement.

6. Data Sharing and Disclosure

We may share your information in the following circumstances:

6.1 Service Providers

  • Payment processors (Stripe)
  • Email service providers
  • Cloud hosting providers
  • Analytics providers (Google Analytics)
  • These providers only process data on our behalf under strict confidentiality obligations

6.2 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or law enforcement requests
  • Protect our rights, property, or safety
  • Prevent fraud, security threats, or illegal activities
  • Enforce our Terms and Conditions

6.3 Business Transfers

If Clone Check is involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will notify you of any such change and your data will remain protected under this Privacy Policy.

6.4 What We Do NOT Do

  • We do NOT sell your personal data to third parties
  • We do NOT share your data with advertisers for marketing purposes
  • We do NOT use your data for purposes unrelated to our Service

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal, tax, and accounting obligations (typically 7 years for financial records)
  • Resolve disputes and enforce our agreements
  • Prevent fraud and abuse

When you delete your account: We will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal compliance.

8. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: Data in transit (TLS/SSL) and at rest
  • Access Controls: Role-based permissions, multi-factor authentication
  • Secure Infrastructure: Regular security audits, penetration testing
  • Password Security: Passwords are hashed using bcrypt (never stored in plain text)
  • Monitoring: Continuous threat detection and incident response procedures

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. Your Rights (GDPR & UK GDPR)

Under GDPR and UK GDPR, you have the following rights regarding your personal data:

✓ Right to Access

Request a copy of your personal data we hold

✓ Right to Rectification

Correct inaccurate or incomplete data

✓ Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data

✓ Right to Restrict Processing

Limit how we process your data

✓ Right to Data Portability

Receive your data in a structured, machine-readable format

✓ Right to Object

Object to processing based on legitimate interests

✓ Right to Withdraw Consent

Withdraw consent for processing based on consent

✓ Right to Lodge a Complaint

File a complaint with the Information Commissioner's Office (ICO) or your local data protection authority

How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: privacy@clone-check.com

We will respond within 30 days of your request.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the UK/EEA, including the United States (where services such as Google Analytics and Stripe are located).

We ensure appropriate safeguards are in place for international transfers:

  • UK Standard Contractual Clauses (UK Addendum): We use UK-specific contractual clauses approved by the ICO for data transfers to third countries
  • EU-U.S. Data Privacy Framework: Our US-based service providers (Google, Stripe) participate in the EU-U.S. and UK Extension to the Data Privacy Framework, providing adequacy for data transfers
  • Data Processing Agreements: We have accepted Google's and Stripe's Data Processing Terms compliant with UK GDPR
  • Controller-Controller Terms: Transfers are subject to Controller-Controller Data Protection Terms where applicable

These mechanisms ensure that your data receives the same level of protection when transferred outside the UK as it does within the UK, in compliance with the UK GDPR and Data Protection Act 2018.

11. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately and we will delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Updating the "Last Updated" date at the top of this page
  • Sending you an email notification (for significant changes)
  • Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Data Protection Officer

For questions about data protection or to exercise your rights, you may contact our Data Protection Officer:

Data Protection Officer

Email: dpo@clone-check.com

Website: https://clone-check.com

14. Supervisory Authority

If you are located in the UK/EEA and have concerns about how we process your data, you have the right to lodge a complaint with your local data protection authority:

Information Commissioner's Office (ICO)

Website: https://ico.org.uk

Telephone: 0303 123 1113

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Clone Check

Privacy Inquiries: privacy@clone-check.com

General Support: support@clone-check.com

Legal Matters: legal@clone-check.com

Website: https://clone-check.com

ICO Registration Number: ZC060502

Clone Check is registered with the UK Information Commissioner's Office

Acceptance of This Policy

By using Clone Check, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

← Back to Home