Sri Lanka Driver GuidePlan a trip

Privacy Policy

Last updated 7 July 2026

1. Who we are

Sri Lanka Driver Guide Ltd ("SLDG", "we", "us") operates srilankadriverguide.example, the drivers portal, and the SLDG Driver mobile application. We are a company registered in England and Wales and act as the data controller for the personal data described in this policy. Contact: privacy@srilankadriverguide.example.

2. What data we collect

  • Travelers: name, email address, phone/WhatsApp number, trip details (dates, pickup location, group size, notes), payment confirmation metadata (we never see or store full card numbers — payments are processed by Stripe), reviews you submit including optional photos, and correspondence with our support team.
  • Drivers: name, contact details, home town and base location, working radius, vehicle details, years of experience, languages, profile photos and videos, identity and licensing documents (driving licence, SLTDA tourist-driver licence, insurance, vehicle registration), bank details for payouts, device push-notification tokens, and booking/earnings history.
  • Everyone: basic technical data (IP address, browser type, pages visited) collected through privacy-respecting analytics, and cookies strictly necessary for the site to function (session and security cookies).

3. Why we process it (legal bases)

  • To perform our contract with you: matching trips with drivers, processing deposits, sending booking confirmations and job alerts, paying drivers.
  • Legitimate interests: verifying driver credentials to keep travelers safe, preventing fraud, improving the service, moderating reviews.
  • Legal obligations: tax and accounting records, responding to lawful requests from authorities.
  • Consent: marketing emails (opt-in only, withdraw any time) and optional review photos.

4. Who we share it with

  • Between travelers and drivers: after a booking is confirmed by deposit, we share the traveler's name, contact number and trip details with the accepted driver, and the driver's name, photo, vehicle and contact details with the traveler. This is the core function of the service.
  • Processors: Stripe (payments), Supabase (hosting/database), Cloudflare (infrastructure), Resend (transactional email), Expo (push notifications). Each processes data under contract and only on our instructions.
  • We never sell personal data, and we do not share it with advertisers.

5. International transfers

Our infrastructure providers store data in the EU, UK and Singapore. Where data leaves the UK/EEA we rely on adequacy decisions or standard contractual clauses. Driver verification is performed by our operations team in Sri Lanka under confidentiality obligations.

6. Retention

  • Booking and payment records: 7 years (tax law).
  • Driver verification documents: for the duration of the driver's registration plus 12 months.
  • Reviews: indefinitely while the driver profile exists (you may request removal of your review).
  • Analytics data: 14 months.

7. Your rights

Under UK GDPR you may request access to, correction of, or deletion of your personal data; object to or restrict processing; request portability; and withdraw consent at any time. Write to privacy@srilankadriverguide.example. You may also complain to the UK Information Commissioner's Office (ico.org.uk) or your local supervisory authority.

8. Security

Data is encrypted in transit (TLS) and at rest. Driver documents are stored in a private bucket accessible only to our verification team. Access to production systems is limited, logged and protected by multi-factor authentication.

9. Children

Our services are not directed at children under 18. Traveler bookings may include children in the party size, but we collect no personal data about them beyond a count.

10. Changes

We will post any changes to this policy on this page and, for material changes, notify registered users by email at least 14 days before they take effect.