Privacy Policy

1. Introduction

This privacy notice explains how Piomes Ltd ("we", "us", or "our") collects, uses, and protects your personal information when you use our website and services. We are committed to protecting your privacy and ensuring transparency about how we handle your data.

Data Controller: Piomes Ltd
Registered Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Contact Email: [email protected]
Data Protection Registration Number: ZC035689

2. Information We Collect

We may collect and process the following categories of personal data about you:

2.1 Identity and Contact Information

  • Full name and title
  • Email address and telephone numbers
  • Billing information

2.2 Vehicle and Transaction Data

  • Vehicle registration numbers (VRM) you search for
  • Details of reports or guides you access
  • Payment and financial transaction information
  • Purchase history and service usage records

2.3 Technical and Usage Information

  • IP address and browser type
  • Device information and operating system
  • Pages visited and time spent on our website
  • Referral sources and click patterns
  • Cookies and similar tracking technologies

2.4 Marketing and Communication Preferences

  • Your preferences for receiving marketing materials
  • Communication history and correspondence
  • Feedback and survey responses

Special Categories of Data: We do not intentionally collect or process special categories of personal information such as details about your ethnicity, religious beliefs, health status, biometric data, or political affiliations.

3. How We Use Your Information

We process your personal data for the following purposes, based on specific legal grounds:

3.1 Service Delivery (Contractual Necessity)

  • To provide you with the information, guides, and reports you request
  • To create and maintain your account
  • To process payments and manage billing
  • To communicate about your orders or service-related matters

3.2 Service Improvement (Legitimate Interest)

  • To enhance and personalize your user experience
  • To analyze website performance and identify technical issues
  • To develop new features and services
  • To conduct research and data analysis

3.3 Marketing Communications (Consent)

  • To send you promotional materials about our services (only with your consent)
  • To provide information about relevant updates or new offerings
  • To contact you about special offers or features that may interest you

3.4 Legal Compliance (Legal Obligation)

  • To comply with applicable laws and regulations
  • To respond to legal requests or prevent fraud
  • To protect our rights and those of our users
  • To maintain appropriate business records

4. Data Sharing and Disclosure

We may share your personal information with the following categories of recipients:

4.1 Service Providers and Processors

We work with carefully selected third-party service providers who process data on our behalf, including:

  • Payment Processors: To securely handle transaction processing and financial services
  • Cloud Hosting Providers: To store and manage our databases and application infrastructure
  • Email Service Providers: To send transactional and marketing communications
  • Analytics Providers: To understand website usage and user behavior
  • Content Delivery Networks: To improve website performance and security

4.2 Legal and Regulatory Authorities

We may disclose your information when required by law, court order, or to protect legal rights, prevent fraud, or ensure public safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the new organization, subject to the same privacy protections.

5. International Data Transfers

Your information may be transferred to and processed in countries outside the United Kingdom. When we transfer data internationally, we implement appropriate safeguards including:

  • Standard Contractual Clauses approved by regulatory authorities
  • Adequacy decisions confirming equivalent data protection standards
  • Binding corporate rules and certification schemes
  • Specific consent where legally required

6. Data Security

We implement robust security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

  • Encryption: Payment information and sensitive data are encrypted using industry-standard protocols
  • Access Controls: Strict authentication and authorization procedures limit data access to authorized personnel only
  • Network Security: Firewalls, intrusion detection systems, and regular security audits protect our infrastructure
  • Physical Security: Data centers maintain controlled access and environmental protections
  • Employee Training: Staff receive regular training on data protection and security best practices

While we strive to protect your personal data, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but continuously work to enhance our protective measures.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy policy:

  • Active Accounts: Data is retained throughout our business relationship with you
  • After Service Termination: Information may be kept for up to seven years following the end of our relationship to meet legal obligations, resolve disputes, and maintain business records
  • Marketing Data: Retained until you withdraw consent or request deletion
  • Legal Requirements: Some data may be retained longer where required by law or regulation

When personal data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule.

8. Your Rights and Choices

Under UK data protection legislation, you have the following rights regarding your personal information:

8.1 Right of Access

You can request confirmation of whether we process your personal data and obtain a copy of that information.

8.2 Right to Rectification

You may request correction of inaccurate or incomplete personal information we hold about you.

8.3 Right to Erasure

You can request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the original purpose or you withdraw consent.

8.4 Right to Restriction

You may request that we limit the processing of your personal information in specific situations, such as while we verify its accuracy.

8.5 Right to Data Portability

You can request a copy of your personal data in a structured, commonly used, machine-readable format for transfer to another service provider.

8.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

8.7 Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.

8.8 Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

Exercising Your Rights: To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, though this may be extended in complex cases.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyze usage patterns: See our cookie policy for details

10. Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these external sites. We recommend reviewing the privacy policies of any third-party websites you visit.

11. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete it.

12. Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated through:

  • Posting an updated version on our website with a revised "Last Updated" date

We encourage you to review this privacy policy regularly to stay informed about how we protect your information.

13. Contact Us and Complaints

If you have questions, concerns, or wish to exercise your data protection rights, please contact us:

Email: [email protected]
Postal Address: Piomes Ltd, 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

13.1 Right to Complain

You have the right to lodge a complaint with the UK supervisory authority if you believe we have not handled your personal data appropriately:

Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Telephone: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We encourage you to contact us first so we can address your concerns directly before escalating to the regulatory authority.

14. Legal Basis for Processing

We process your personal data under the following legal bases as defined by UK GDPR:

  • Contractual Necessity: Processing is essential to fulfill our contractual obligations to you when providing services
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving services, preventing fraud, and maintaining security
  • Legal Obligation: Processing is required to comply with applicable laws and regulations
  • Consent: You have given explicit permission for specific processing activities, such as marketing communications

Note: This privacy policy applies to personal information collected through our website and services. By using our services, you acknowledge that you have read and understood this privacy policy.

Last updated: December 2025