Home About Routes Contact

GDPR and Data Protection

Last updated: 15 April 2026

This page provides information about how UK Road Trip Guides Ltd processes personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

UK Road Trip Guides Ltd acts as the data controller for personal information collected through this website. Our contact details are:

UK Road Trip Guides Ltd
47 Henrietta Street
Bath, BA2 6LR
United Kingdom
Email: [email protected]

Personal Data We Process

We process the following categories of personal data:

Contact and Identity Data

  • Email address
  • Name (when voluntarily provided)

Transaction Data

  • Purchase history
  • Order reference numbers
  • Payment transaction identifiers (not card numbers)

Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Time zone setting

Usage Data

  • Pages visited
  • Time spent on site
  • Navigation patterns

Lawful Basis for Processing

We process personal data under the following lawful bases as defined by Article 6 of the UK GDPR:

Contract Performance (Article 6(1)(b))

When you purchase a route guide, we process your email address to deliver the product and provide associated services. This processing is necessary to fulfil our contractual obligations to you.

Legitimate Interests (Article 6(1)(f))

We process certain data based on our legitimate interests, specifically:

  • Website security and fraud prevention
  • Improving our services based on aggregated usage patterns
  • Responding to enquiries and providing customer support

We have conducted legitimate interest assessments for each of these purposes and determined that our interests do not override your fundamental rights and freedoms.

Consent (Article 6(1)(a))

We obtain your explicit consent before:

  • Setting non-essential cookies (analytics and marketing)
  • Sending marketing communications

You may withdraw consent at any time by adjusting your cookie preferences or contacting us.

Legal Obligation (Article 6(1)(c))

We retain transaction records as required by UK tax and accounting regulations.

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access (Article 15)

You can request a copy of all personal data we hold about you. We will provide this within one month of receiving your request, free of charge for the first request.

Right to Rectification (Article 16)

If any personal data we hold is inaccurate or incomplete, you can request correction. We will update records promptly upon verification.

Right to Erasure (Article 17)

You can request deletion of your personal data when:

  • The data is no longer necessary for its original purpose
  • You withdraw consent and no other legal basis applies
  • You object to processing and no overriding legitimate grounds exist
  • The data was unlawfully processed

Note that we may need to retain certain data to comply with legal obligations or establish, exercise, or defend legal claims.

Right to Restriction of Processing (Article 18)

You can request that we limit how we use your data while disputes are resolved or when you have objected to processing.

Right to Data Portability (Article 20)

For data you have provided to us and that we process based on consent or contract, you can request a copy in a structured, commonly used, machine-readable format.

Right to Object (Article 21)

You can object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Rights Related to Automated Decision-Making (Article 22)

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

Exercising Your Rights

To exercise any of these rights, email us at [email protected] with your request. To help us locate your data and verify your identity, please include:

  • Your email address associated with any purchases or communications
  • The specific right(s) you wish to exercise
  • Any relevant details to help us identify the data in question

We will respond to valid requests within one month. If your request is complex or we receive a high volume of requests, we may extend this period by up to two months, in which case we will inform you of the extension and the reasons for it.

Data Security Measures

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data during transmission (TLS 1.2 or higher)
  • Access controls limiting data access to authorised personnel
  • Regular testing and evaluation of security measures
  • Procedures for handling potential data breaches

Data Breach Procedures

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the Information Commissioner's Office within 72 hours of becoming aware of the breach
  • Communicate the breach to you without undue delay if it is likely to result in a high risk to your rights and freedoms
  • Document all breaches, including facts, effects, and remedial actions taken

International Data Transfers

When we transfer personal data outside the United Kingdom, we ensure appropriate safeguards are in place:

  • Transfers to countries with an adequacy decision from the UK government
  • Standard Contractual Clauses approved by the ICO
  • Other valid transfer mechanisms as permitted under UK GDPR

Data Protection Officer

Given the nature and scale of our processing activities, we are not required to appoint a Data Protection Officer. However, all data protection matters can be directed to:

Email: [email protected]
Subject line: Data Protection Enquiry

Complaints

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Website: krypton-shield.com
Helpline: 0303 123 1113

We would appreciate the opportunity to address any concerns before you approach the ICO, so please contact us first if possible.

Changes to This Information

We review our data protection practices regularly and will update this page when changes occur. Material changes will be communicated via our website or directly to affected individuals where appropriate.

Cookie Preferences

We use cookies to enhance your browsing experience and analyse site traffic. You can choose which cookies to accept.

Cookie Settings

Essential Cookies

Required for the website to function properly. Cannot be disabled.

Analytics Cookies

Help us understand how visitors interact with our website.

Marketing Cookies

Used to deliver relevant advertisements and track campaign performance.