Menu

Book Courier

Privacy Policy

24th January 2025

1) Who we are (Data Controller)

Couriers Today
Email: hello@courierstoday.co.uk
Website: courierstoday.co.uk

2) What data we collect

A) Account and profile data

  • Name

  • Email address

  • Phone number (if provided)

  • Profile photo (if uploaded)

  • Login identifiers (e.g., Google/Apple unique user ID)

B) Delivery / service data (if you place or carry jobs)

  • Pickup and drop-off addresses

  • Recipient/sender name and phone number (if provided)

  • Delivery notes and item description (as entered by users)

  • Order status updates and timestamps

  • Proof of delivery (e.g., signature/photo) only if your app collects it

C) Location data

If you enable location permissions:

  • Precise GPS location (for live tracking, routing, pickup/drop-off accuracy, safety and fraud prevention)

You can disable location access in device settings, but some features may not work.

D) Payment data (Stripe)

Payments are processed by Stripe. We may receive:

  • Payment status (success/failure), transaction IDs, and limited billing info
    We do not store full card details. Card details are handled directly by Stripe.

E) Advertising data (Google Ads)

If the app shows ads, we may collect or receive:

  • Advertising identifiers (e.g., device advertising ID)

  • Approximate location (where enabled/available)

  • Ad interaction data (impressions, clicks)
    This is used to display and measure ads, and (where permitted) to personalise ads.

F) Device, analytics, and diagnostics data (Firebase)

We may collect:

  • Device type, OS version, app version

  • IP address (website/server logs)

  • App events/usage data (analytics)

  • Crash reports and performance diagnostics

G) Cookies (website)

Our website may use cookies or similar technologies for:

  • login/session management

  • remembering preferences

  • analytics/performance measurement

You can control cookies in your browser settings.

3) Google user data (Google Login / OAuth)

If you choose Sign in with Google, we may request access to:

Data accessed (Google)

Typically:

  • Email address

  • Basic profile (name, profile picture)

  • OpenID identifier (unique ID used to confirm your identity)

(These commonly correspond to OAuth scopes such as openid, email, profile.)

How we use Google user data

We use this data only to:

  • create/login to your Couriers Today account

  • display your name/email/photo in your profile (optional)

  • secure authentication and prevent fraud

Storage and sharing (Google user data)

  • We store your email and basic profile details so your account works.

  • We do not store your Google password.

  • We do not access Gmail content, Google Drive files, contacts, calendars, or other Google services unless explicitly requested and disclosed in this policy.

  • We do not sell Google user data.

  • We share Google user data only as needed to operate the Service (see Section 7).

Google Limited Use statement

Couriers Today’s use of information received from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use requirements.

4) Apple user data (Sign in with Apple)

If you choose Sign in with Apple, Apple may provide:

  • A unique Apple user identifier

  • Your name (sometimes, first time only)

  • Your email address (either your real email or Apple’s private relay email, depending on your Apple settings)

We use this data only to create/login to your account and maintain authentication. We do not access your Apple password.

5) How we use your data (purposes)

We use your personal data to:

  • create and manage accounts

  • provide courier/delivery services (bookings, dispatch, tracking, delivery updates)

  • communicate with you about service matters (receipts, updates, security alerts)

  • provide customer support and resolve issues

  • improve app stability and performance (analytics, crash reporting)

  • show and measure ads (where ads are enabled)

  • prevent fraud, abuse, and unauthorised access

  • comply with legal obligations

6) Legal bases (UK GDPR)

We process personal data under one or more of these bases:

  • Contract: to provide the Service you request

  • Legitimate interests: to secure and improve the Service, prevent fraud, and provide support

  • Consent: for optional features like precise location (where required) and certain advertising preferences

  • Legal obligation: where we must comply with laws and regulations

7) Who we share data with (processors / partners)

We share data only as needed to run the Service, including with:

Firebase / Google (app infrastructure)

We use Firebase (Google) services such as:

  • Authentication (login)

  • Database/storage (e.g., Firestore/Storage) for app data you create

  • Cloud Messaging (notifications)

  • Analytics / Crash reporting (e.g., Firebase Analytics, Crashlytics) to improve reliability

Stripe (payments)

Stripe processes payments and may process personal/payment data as needed to complete transactions.

Google Ads (advertising)

We may use Google advertising services (e.g., Google Ads/AdMob) to:

  • display ads

  • measure performance

  • (where permitted) personalise ads

Other service providers

Hosting, email delivery, notifications, analytics, and security providers—only with the minimum data needed.

Legal and safety

We may disclose information if required by law, court order, or to protect rights, safety, and prevent fraud.

We do not sell your personal data.

8) Data retention (how long we keep it)

We keep data only as long as necessary for:

  • providing the Service

  • legal/accounting obligations

  • dispute resolution and fraud prevention

Typical approach:

  • Account data: kept while your account is active and a reasonable period after closure

  • Order/job records: kept for operational and legal purposes

  • Crash/analytics data: retained as needed to monitor and improve app performance

You can request deletion (see Section 11).

9) Advertising choices (Google Ads)

Depending on your device and region, you may be able to:

  • reset/limit your device advertising ID in device settings

  • opt out of ad personalisation (device or Google settings where available)

If you disable ad personalisation, you may still see ads, but they may be less relevant.

10) Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit (HTTPS) and access controls. No method of transmission or storage is 100% secure, but we work to protect your information.

11) Your rights (UK/EEA)

You may have the right to:

  • access your data

  • correct inaccurate data

  • request deletion (subject to legal obligations)

  • object to or restrict certain processing

  • data portability

  • withdraw consent (where consent applies)

To make a request: email hello@courierstoday.co.uk
Subject suggestion: “Privacy Request” or “Data Deletion Request”.

We may ask you to verify your identity before completing a request.

12) Children’s privacy

The Service is not intended for children under 13 (or the minimum age required by law). We do not knowingly collect data from children.

13) International transfers

Your data may be processed outside the UK/EEA depending on where our service providers operate (e.g., Google/Firebase/Stripe). Where required, we use appropriate safeguards to protect personal data.

14) Changes to this policy

We may update this Privacy Policy occasionally. We will post updates here and revise the “Last updated” date.

15) Contact

Email: hello@courierstoday.co.uk
Website: courierstoday.co.uk

Quick “Google Verification” summary (Data Accessed / Data Usage)

Data Accessed: Google Sign-In basic profile (name/photo), email, OpenID identifier.
Data Usage: authentication, account creation/login, profile display (optional), security/fraud prevention.
Data Storage: stored in our user database for account operation; no Google passwords stored.
Sharing: not sold; shared only with providers needed to run the Service (Firebase infrastructure), and only as necessary.