Legal
Privacy Policy
Last updated: 1 June 2026
AutoPilot Driving School ('we', 'us', 'our') is committed to protecting your privacy. This policy explains what personal data we collect, why we collect it, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
AutoPilot Driving School is a DVSA-approved driving school operating across East Berkshire, West London, and surrounding areas. Our registered business address is Slough, Berkshire, England. We are the data controller for the personal information you provide to us.
For data-related enquiries, contact us at contact@autopilotdrivingschool.co.uk.
2. Data We Collect
We may collect and process the following categories of personal data:
- Identity data: full name, date of birth, gender
- Contact data: email address, phone number, home address, postcode
- Account data: username, hashed password, account preferences
- Booking data: lesson type, dates, duration, instructor preference, transmission preference
- Payment data: billing information processed securely via Stripe (we do not store card details)
- Technical data: IP address, browser type, device information, cookies and usage data
- Communications: messages sent via our contact form or email
- Instructor data: driving licence number, ADI/PDI licence details, vehicle information, DBS check status
3. How We Use Your Data
We use your personal data for the following purposes:
- To create and manage your account
- To process lesson bookings and payments
- To match students with suitable instructors
- To send booking confirmations, reminders, and receipts
- To respond to enquiries submitted via our contact form
- To manage instructor applications and onboarding
- To improve our website and services through analytics
- To send promotional communications where you have given consent (you may opt out at any time)
- To comply with legal obligations
4. Legal Basis for Processing
We rely on the following lawful bases under UK GDPR:
- Contract: processing is necessary to fulfil your booking or account registration
- Legitimate interests: improving our services, preventing fraud, and communicating relevant updates
- Legal obligation: where we are required to retain data by law (e.g., financial records)
- Consent: for marketing communications and non-essential cookies
5. Cookies
Our website uses cookies to enhance your experience. Cookies are small text files stored on your device. We use:
- Essential cookies: required for the site to function (e.g., session management, authentication)
- Analytics cookies: help us understand how visitors use the site (requires consent)
- Preference cookies: remember your settings and choices (requires consent)
You can manage cookie preferences at any time via the cookie banner or your browser settings.
6. Third-Party Services
We share data with carefully selected third-party providers only where necessary to deliver our services. These include Stripe (payment processing), email delivery providers, and cloud hosting infrastructure. All third parties are required to handle your data securely and in accordance with UK GDPR. We do not sell your personal data to any third party.
7. Data Retention
We retain personal data only for as long as necessary. Account data is kept for the duration of your relationship with us plus 2 years. Financial and booking records are retained for 7 years to comply with HMRC requirements. Data submitted via the contact form is retained for 12 months. You may request deletion of your data at any time, subject to our legal obligations.
8. Your Rights
Under UK GDPR, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Erasure ("right to be forgotten") in certain circumstances
- Restrict processing of your data
- Data portability — receive your data in a structured, machine-readable format
- Object to processing based on legitimate interests or for direct marketing
- Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at contact@autopilotdrivingschool.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted connections (HTTPS), hashed password storage, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; however, we take all reasonable steps to protect your data.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will be posted on this page with a revised "last updated" date. We encourage you to review this page periodically. Where changes are material, we will notify registered users by email.
If you have any questions about this page, please contact us at contact@autopilotdrivingschool.co.uk or call 07450 556 963.