1. Who We Are
The Carrier Hub Ltd ("we", "us", "our") operates the online freight and logistics platform available at www.thecarrierhub.com (the "Platform"). We are the data controller for personal data processed through the Platform. To contact us about data protection matters, please email [email protected].
We are registered with the Information Commissioner's Office (ICO) under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our ICO registration number is ZC106770. ICO registration is a legal requirement for any UK organisation that processes personal data and is not exempt. Registration can be completed at ico.org.uk/registration.
2. What Personal Data We Collect
We collect the following categories of personal data:
| Category | Examples | Basis |
|---|---|---|
| Identity data | Full name, job title, company name | Contract performance |
| Contact data | Email address, phone number, postal address | Contract performance |
| Business data | Company registration number, VAT number, business type | Contract performance |
| Account data | Username, password hash, login history | Contract performance |
| Financial data | Stripe customer ID, transaction references (no card numbers stored) | Contract performance |
| Compliance documents | Driving licence, insurance certificates, proof of keepership | Legal obligation |
| Usage data | IP address, browser type, pages visited, session duration | Legitimate interests |
| Behaviour data | Mouse movements, clicks, scroll depth, session recordings (via Microsoft Clarity) | Consent |
| Communications | Messages sent through the Platform, support enquiries | Legitimate interests |
| Location data | Delivery addresses, collection points, route data | Contract performance |
| Biometric data | Live facial photograph (selfie) for identity verification | Explicit consent (Art. 9(2)(a)) |
We do not store payment card numbers, sort codes, or bank account numbers.
2a. Biometric Data -- Special Category Processing
We collect and process biometric data (facial images) from carriers and sub-carriers (drivers) for the purpose of identity verification and fraud prevention. This is a special category of personal data under UK GDPR Article 9.
What we collect: A live photograph (selfie) captured directly through your device's front-facing camera. We do not permit uploads from your camera roll or photo library -- the image must be taken live at the time of registration or profile setup.
Why we collect it: To verify that the person registering or operating on the Platform is a real, live individual and to prevent identity fraud, account takeovers, and misuse of the Platform by third parties.
How it is processed: Your facial image is analysed by an AI liveness detection system (powered by Google Gemini, a third-party AI service) to confirm that the image shows a real, live person (not a photograph of a photograph), only one face is visible, and the image is of sufficient quality for identity verification. The AI system does not perform facial recognition against any external database -- it performs a liveness check only. The result (pass/fail and any notes) is stored alongside your image and reviewed by our compliance team.
Legal basis: We rely on your explicit consent (UK GDPR Art. 6(1)(a) and Art. 9(2)(a)) to process your biometric data. You provide this consent by ticking the consent checkbox at the time of photo capture. You may withdraw your consent at any time by deleting your photo from your profile settings.
Consequences of not providing consent: Carriers who do not provide a verified selfie will be unable to bid on loads. Sub-carriers (drivers) who do not provide a verified selfie cannot be assigned to jobs. This gate exists to protect shippers and the integrity of the Platform.
Data retention: Your facial image is retained for as long as your account is active. If you delete your photo, it is permanently removed from our systems and from our cloud storage within 24 hours. If you close your account, your facial image is deleted within 30 days of account closure.
Third-party processing: Your facial image is transmitted to Google LLC (Gemini API) for liveness analysis. Google processes this data as a data processor acting on our instructions pursuant to a Data Processing Agreement (DPA) in accordance with UK GDPR Article 28. The DPA is incorporated into Google's Terms of Service for the Gemini API and includes the standard contractual clauses required for international transfers. Google does not retain your image after the analysis is complete and does not use your image to train its AI models. Data is transferred to the USA under Standard Contractual Clauses (SCCs) approved by the ICO. You can review Google's data processing terms at cloud.google.com/terms/data-processing-addendum.
Your rights regarding biometric data: You have the right to access your facial image (visible in your profile settings), delete your facial image at any time (use the "Delete Photo" button in your profile settings), withdraw consent at any time by deleting your photo, and object to this processing (note: this will prevent you from bidding on loads or being assigned to jobs). Contact us at [email protected] for any questions about biometric data processing.
We do not store payment card numbers, sort codes, or bank account numbers. All payment data is handled exclusively by Stripe Payments Europe Ltd, an FCA-authorised e-money institution.
3. How We Use Your Personal Data
We use your personal data to:
- Create and manage your account on the Platform
- Match loads with available carriers using automated systems (see our AI Transparency Statement)
- Process payments and manage the Proof of Delivery review period through Stripe
- Verify compliance documentation and business credentials
- Send transactional notifications (job assignments, delivery confirmations, document expiry alerts)
- Detect and prevent fraud, fake loads, and misuse of the Platform
- Monitor messages sent through the Platform's in-app messaging system using automated keyword detection to identify potential off-platform solicitation (see Section 3a below)
- Comply with legal obligations including tax, anti-money laundering, and road transport regulations
- Improve the Platform through aggregated, anonymised analytics
3a. Message Monitoring -- Anti-Poaching Policy
The Carrier Hub operates as a commercial marketplace. To protect the integrity of the Platform and the business relationships facilitated through it, messages sent through the Platform's in-app messaging system are subject to automated keyword scanning.
This monitoring is limited to the following categories of content:
- Phone numbers and personal contact details shared in messages (e.g. mobile numbers, personal email addresses)
- References to external communication channels (e.g. WhatsApp, Telegram, Signal, direct email)
- Phrases indicative of off-platform solicitation (e.g. "contact me directly", "outside the platform", "avoid the fee", "pay me directly", "off the books")
- References to external payment methods intended to circumvent the Platform's payment processing
This monitoring is performed by automated systems only -- no human reviews message content unless a message is first flagged by the automated system. Flagged messages are reviewed by authorised Platform administrators solely for the purpose of enforcing the anti-poaching policy.
Legal basis: Legitimate interests (UK GDPR Art. 6(1)(f)) -- The Carrier Hub has a legitimate interest in preventing the circumvention of its commercial model. This monitoring is proportionate, limited to the specific keywords and patterns described above, and does not involve profiling or any inference beyond detecting the listed patterns.
Consequences of violation: Sending messages that attempt to solicit off-platform business relationships may result in a formal warning, suspension, or permanent termination of your account, at our sole discretion.
Your rights: If you believe a message has been incorrectly flagged, you may contact us at [email protected] to request a review. You have the right to object to this processing under UK GDPR Art. 21; however, exercising this right may result in your account being restricted, as this monitoring is integral to the Platform's commercial integrity.
4. Legal Bases for Processing
We rely on the following lawful bases under UK GDPR Article 6:
- Contract performance (Art. 6(1)(b)): Processing necessary to provide the Platform services you have signed up for
- Legal obligation (Art. 6(1)(c)): Processing required by law, including compliance document verification and tax record-keeping
- Legitimate interests (Art. 6(1)(f)): Fraud prevention, platform security, service improvement, and analytics
- Consent (Art. 6(1)(a)): Marketing communications and non-essential cookies (you may withdraw consent at any time)
5. Data Sharing
We share personal data with the following categories of recipients:
| Recipient | Purpose | Location |
|---|---|---|
| Stripe Payments Europe Ltd | Payment processing, identity verification | EU/EEA |
| Amazon Web Services (S3) | Document and file storage | EU/EEA |
| Resend Inc | Transactional email delivery | USA (SCCs in place) |
| Microsoft Corporation (Clarity) | Behaviour analytics, session recordings, heatmaps | USA (SCCs in place) |
| Google LLC (Gemini API) | AI liveness verification of selfie photographs | USA (SCCs in place) |
| Other Platform users | Load details, carrier profiles, delivery information | UK |
| HM Revenue & Customs (HMRC) | Mandatory annual income reporting under DAC7 (Carriers only) | UK |
| ICO / law enforcement | Legal compliance when required | UK |
We do not sell your personal data to third parties.
5a. HMRC Reporting (DAC7)
The Carrier Hub is a reporting platform operator under the Income Tax (Digital Platform Reporting) Regulations 2023 (SI 2023/817). We are legally required to collect, verify, and report to HMRC information about Carriers who earn income through the Platform. This includes your full name, address, National Insurance number or UTR, date of birth or company registration number, and annual transaction data. This processing is carried out under the legal obligation basis (UK GDPR Art. 6(1)(c)). We will provide you with a copy of the data reported to HMRC by 31 January each year.
6. International Transfers
Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the ICO, or adequacy decisions where applicable. A full list of international transfers and the safeguards in place is available on request by contacting [email protected].
7. Data Retention
We retain personal data for the following periods:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account data | Duration of account + 6 years after closure | Legal and tax obligations |
| Transaction records | 7 years from transaction date | HMRC requirement |
| Compliance documents | Duration of account + 2 years | Regulatory compliance |
| Biometric data (facial images) | Duration of account; deleted within 30 days of closure; deleted immediately on user request | Explicit consent basis; minimal retention |
| Usage logs | 12 months | Security and fraud prevention |
| Marketing consent records | Until consent is withdrawn + 3 years | Evidence of lawful processing |
| DAC7 reporting data | 7 years from the end of the reporting year | HMRC statutory requirement |
Where you request erasure of your personal data, we will action this within 30 days. Some data cannot be erased where we have a legal obligation to retain it (for example, transaction records required by HMRC). We will always tell you which data cannot be erased and why.
7a. Right to Erasure -- What We Can and Cannot Delete
You have the right to request erasure of your personal data (the "right to be forgotten") under UK GDPR Article 17. We will erase your data where:
- The data is no longer necessary for the purpose it was collected
- You withdraw consent (where consent was the legal basis)
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
We cannot erase data where we are required to retain it by law. This includes transaction records (7 years, HMRC), DAC7 reporting data (7 years), and compliance document records (2 years post-account closure). We will always explain which data cannot be erased and provide the legal basis for retention.
7b. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach, as required by UK GDPR Article 33. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, as required by UK GDPR Article 34.
8. Your Rights
Under UK GDPR, you have the right to:
- Access your personal data (Subject Access Request -- we will respond within one calendar month)
- Rectify inaccurate personal data
- Erase your personal data (see Section 7a above for what can and cannot be erased)
- Restrict processing of your personal data
- Data portability -- receive your data in a structured, machine-readable format (JSON or CSV on request)
- Object to processing based on legitimate interests
- Withdraw consent at any time for consent-based processing
- Not be subject to solely automated decisions with legal or significant effects (see our AI Transparency Statement)
To exercise any of these rights, contact us at [email protected]. We will respond within one calendar month (extendable by a further two months for complex requests, with notice). You also have the right to lodge a complaint with the ICO at www.ico.org.uk or by calling 0303 123 1113.
9. Cookies and Behaviour Analytics
We use cookies and similar tracking technologies, including Microsoft Clarity, a behaviour analytics service provided by Microsoft Corporation. Microsoft Clarity records how you interact with the Platform -- including mouse movements, clicks, scroll patterns, and session replays -- to help us understand usability and improve the Platform experience. Microsoft Clarity uses cookies to collect this data and may transfer it to the USA under Standard Contractual Clauses. Form field values are masked by default. You can opt out at: clarity.microsoft.com/optout
Please see our Cookie Policy for full details of all cookies we use.
10. Security
We implement appropriate technical and organisational measures to protect your personal data, including TLS encryption in transit, bcrypt password hashing, and access controls. We conduct regular reviews of our security measures. However, no internet transmission is completely secure. In the event of a security incident affecting your data, we will notify you in accordance with Section 7b above.
11. Children
The Platform is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at [email protected] and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or prominent notice on the Platform at least 30 days before the changes take effect. Continued use of the Platform after the effective date of changes constitutes acceptance of the updated policy.
13. Contact
For any privacy-related queries, contact our Data Protection contact at: [email protected]
Our ICO registration number is ZC106770. You can verify our registration at ico.org.uk/ESDWebPages/Entry/ZC106770.
Legal Disclaimer: This document is provided for informational purposes. The Carrier Hub Ltd recommends that you seek independent legal advice if you have questions about your rights and obligations.