Privacy Policy

Privacy Policy

This privacy policy sets out how we collect and use your personal information and what your individual data protection and privacy rights are.

Effective from 25th May 2018. This Privacy Policy was last updated on 24th May 2018 (Version 1.0)

SRC Ltd is the data controller. This is the legal entity responsible for how your personal data is collected, stored and processed.

At SRC Ltd, we are committed to protecting the privacy and security of all of our customers. This policy explains:

  • What information we collect and why
  • How long we keep your information
  • How we protect your information
  • Disclosure of your information
  • What your individual data protection rights are

When you share your personal information with us, it will be treated with complete confidentiality. Therefore, it is our responsibility to manage your personal data that you provide to us, in accordance with all data protection legislation and industry best practice.

What information we collect and why

SRC Maintenance Services

Personal contact details including; full name, telephone number, address, vehicle registration number, billing details, VAT numbers (where applicable). At your request, we are also able to collect service and MOT information. These details are held electronically on our secure database and in paper form in our secure offices.

The vehicle registration is obtained in order to identify make/ model and to provide accurate quotations. In order to give accurate quotations, registration numbers are shared with third party parts suppliers but please note, that this is only done with your consent. For our haulage customers, we also collect service information in order to enable us to collate service schedules.

We collect your name, telephone number and address for invoice/ billing purposes only.

SRC Driver Training

Personal contact details including; full name, telephone number, address, driver’s license number (obtained by presentation of; Driver Qualification Card (DQC), digital tachograph card or driver’s licence), course attendance date/s, job role, employer details. These details are held electronically on our secure database and in paper form in our secure offices.

In compliance with the DVSA government portal for uploading CPC course attendance and the CPC course regulations, we must obtain proof of identification and proof of driver’s licence (this can be obtained by presentation of; Driver Qualification Card (DQC), digital tachograph card and/or driver’s licence). In the exceptional circumstance that it may be necessary to take a copy of a form of identification, the reasons for this will be explained clearly and consent obtained. The licence numbers are uploaded onto the secure DVSA government portal; the paper copies are stored in a locked cabinet within a secure room. This is the only third party that we will share your data with, your license details are not used for any other purposes.

Your attendance on the course is also recorded on a secure SRC Ltd database in order to provide a collaborative record of the courses attended. Please note, only your name and employer’s name are used to provide this data.

In line with JAUPT guidance, we request course evaluations at the end of each of our CPC courses. The evaluations provide statistical analyses to help us improve our courses and services. As part of the evaluation we do ask you to provide your job title/ employer. This is not compulsory, nor is this data passed on to any third parties. Our reason for asking for job title/ employer is to allow us to assess the relevance of each course in relation to various job titles and to explore ways in which we may further tailor our courses.

In addition to proof of identification, your name, telephone number and address are also collected for invoice/ billing purposes.

Regardless of how you have supplied us with your personal data, we will never use them without a lawful reason to do so. We will only use your personal data for the purposes for which they were initially requested.

It is your responsibility to ensure that your personal data supplied to us is accurate and up to date. You can update your personal details by contacting the SRC office (either via email or telephone).

How long we may keep your information

We will retain the personal data you have shared with us no longer than is necessary to satisfy any legal, accounting or reporting requirements.

The longest we will hold any personal data is 6 years plus the current financial year. Once this data is no longer required, it is shredded and disposed of securely.

How we protect your information

We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorised access to systems where we store personal data.

Access to personal information is restricted to SRC Ltd employees. SRC Ltd employees are bound by confidentiality obligations and may be subject to discipline; including termination and criminal prosecution, should the fail to meet these obligations.

Disclosure of your information

We will only use your personal data for the purposes in which it was initially requested. We will not share, sell or distribute any of the information you provide to us without your consent, except where disclosure is:

  • Necessary to enforce our rights, including under the SRC Ltd terms and conditions.
  • Necessary to enforce our rights under any other terms and conditions.
  • Required or permitted by Law.

Your individual data protection rights

You have the right to:

  • Ask for access to, rectification or erasure of your data.
  • Restrict processing (pending correction or deletion).
  • Object to communications or direct marketing.

Should you wish to do any of the above, requests are to be directed to the Data Compliance Officer for SRC Ltd, Stephen Curtis. Please note that the above requests will be subject to verified identity, something which we must do to ensure that we disclose your personal data to the correct person.

Making a complaint

If you think that your data right have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at:

Information Commissioner’s Office,

Wyecliffe House,

Water Lane,




Tel: 0303 123 1113

Data Compliance Officer

Our appointed compliance officer in respect of our data protection activities is:

Stephen Curtis,

Unit 3, Medway Park,




Tel: 0773 332 8007

Loading... Updating page...