Privacy Policy

Giant Van is a trading name of Future Syncs Limited, a company registered in England and Wales. Our registered office is 71-75 Shelton Street, London, WC2H 9JQ.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Future Syncs Limited is the data controller responsible for your personal data.

If you have questions about this policy or your personal data, contact us at privacy@giantvan.com.

We collect personal data that you provide directly and data generated automatically when you use our website or services.

Information you give us: - Full name, email address, phone number, and postal addresses (pickup and delivery) - Booking details: dates, times, service type, item descriptions, and special instructions - Payment information (processed securely by Stripe; we do not store full card numbers) - Account credentials if you create a Giant Van account - Communications you send us (emails, WhatsApp messages, support requests)

Information collected automatically: - Device type, browser, operating system, and screen resolution - IP address and approximate location (city level) - Pages visited, time spent, referring URL, and clicks - Cookies and similar identifiers (see Section 5)

We process your personal data only when we have a lawful basis under the UK GDPR. The bases we rely on are:

Contract performance — to fulfil your booking, process payments, send booking confirmations, and provide customer support.

Legitimate interests — to improve our website and services, detect fraud, enforce our terms, and send occasional service updates. We balance these interests against your rights and only process data where the impact on you is minimal.

Legal obligation — to comply with tax, accounting, and regulatory requirements.

Consent — where you opt in to marketing emails or non-essential cookies. You can withdraw consent at any time.

We never sell your personal data to third parties.

We share personal data only where necessary to deliver our services or meet legal obligations.

Stripe — our payment processor. Stripe receives your payment card details to process transactions securely under PCI-DSS Level 1 compliance. See Stripe's privacy policy at stripe.com/privacy.

Analytics providers — we use privacy-focused analytics to understand how visitors use our website. Data is aggregated and does not identify you personally.

Drivers and service partners — when you book a move, we share your name, contact details, and addresses with the assigned driver or crew so they can complete your job.

Legal and regulatory bodies — we may disclose data to HMRC, the ICO, law enforcement, or courts when required by law.

All third-party processors are bound by data processing agreements that require them to protect your data to UK GDPR standards.

Our website uses cookies to function properly and to understand how visitors interact with it.

Strictly necessary cookies — required for the website to work (e.g. session management, security tokens). These cannot be disabled.

Analytics cookies — help us measure traffic and identify popular pages. Set only with your consent.

Marketing cookies — used to deliver relevant adverts if you have opted in. You can change your preferences at any time through our cookie banner or your browser settings.

You can block or delete cookies through your browser. Blocking strictly necessary cookies may affect website functionality.

We keep your personal data only as long as necessary for the purpose it was collected.

• Booking records and invoices: 7 years from the date of service (HMRC requirement)
• Account data: retained while your account is active, then deleted within 30 days of account closure
• Support correspondence: 2 years from resolution
• Analytics data: aggregated within 26 months; individual-level data deleted after that period
• Marketing consent records: retained for as long as you remain subscribed, plus 1 year after unsubscription for audit purposes

When retention periods expire, data is securely deleted or irreversibly anonymised.

Under the UK GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — ask us to correct inaccurate or incomplete data
• Right to erasure — ask us to delete your data where there is no compelling reason to keep it
• Right to restrict processing — ask us to limit how we use your data in certain circumstances
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests or for direct marketing
• Rights related to automated decision-making — we do not make solely automated decisions that significantly affect you

To exercise any of these rights, email privacy@giantvan.com. We will respond within one calendar month. If your request is complex, we may extend this by up to two additional months and will let you know.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse.

These measures include HTTPS encryption across our entire website, secure payment processing through Stripe (PCI-DSS Level 1), restricted access controls for staff, and regular security reviews.

No method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

Your data is primarily stored and processed in the United Kingdom and the European Economic Area.

Where data is transferred outside the UK (for example, to service providers based in the United States), we ensure appropriate safeguards are in place. These include UK International Data Transfer Agreements, Standard Contractual Clauses, or transfers to countries with an adequacy decision from the UK government.

Our services are not directed at children under 18. We do not knowingly collect personal data from anyone under 18 years of age. If you believe we have collected data from a child, please contact us at privacy@giantvan.com and we will delete it promptly.

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of our website and services after changes are posted constitutes acceptance of the updated policy.

If you have questions about this privacy policy or wish to exercise your data rights, contact us:

Email: privacy@giantvan.com Post: Future Syncs Limited, 71-75 Shelton Street, London, WC2H 9JQ

For complaints about how we handle your data, you can also contact the Information Commissioner's Office (ICO): - Website: ico.org.uk - Phone: 0303 123 1113