Privacy Policy
Tripoint Diagnostics Ltd
Last updated: February 2026
1. Who we are
Tripoint Diagnostics Ltd (“we”, “us”, “our”) is an independent mobile vehicle diagnostics and repair service operating across Kent and South East London.
- Company name: Tripoint Diagnostics Ltd
- Company number: 17038307
- Registered address: 476 Sidcup Road, Eltham, London
- Email: contact@tripointdiagnostics.co.uk
- Phone: 020 8058 6095
- Website: https://tripointdiagnostics.co.uk
We are the data controller for the personal data we collect through our website, booking system, and service delivery. We are not affiliated with any vehicle manufacturer.
2. What data we collect
Information you provide directly
When you use our website, book a service, or contact us, we may collect:
- Contact details: Full name, email address, phone number, postal address, postcode
- Vehicle details: Registration number, make, model, approximate mileage, VIN (where relevant to diagnostics)
- Booking details: Service type, preferred date/time, symptom descriptions, additional notes, safe-location confirmation
- Payment details: We do not store card numbers. Payments are processed securely by Stripe. We retain transaction references and payment status for invoicing.
- Contact form messages: Name, email, phone, postcode, message content
- Diagnostic report data: Vehicle fault findings, test results, media (photos/videos) uploaded as part of a diagnostic report
Information collected automatically
- Browser localStorage: We temporarily store form progress in your browser's local storage for convenience. This data remains on your device only and is not transmitted to us unless you submit a form.
- Analytics: We use Google Analytics 4 to measure site usage (e.g. page views, form submissions, phone and WhatsApp clicks). Google may use cookies and collect data as described in Google's Privacy Policy.
- Server logs: Our web server may record IP addresses, request timestamps, and user-agent strings for security and operational purposes. These logs are retained for a limited period and are not used for marketing.
Information from third parties
- Stripe: When you make a payment, Stripe may provide us with transaction confirmation, payment status, and a customer reference. We do not receive your full card number.
- Google Calendar: If you book an appointment, we create a calendar event using Google Calendar API. This contains booking details (name, service, time, postcode) but no sensitive financial data.
3. How we use your data
We process your personal data for the following purposes:
| Purpose | Lawful basis (UK GDPR) |
|---|---|
| Confirm and manage your diagnostic booking | Performance of a contract |
| Communicate about your appointment (confirmations, reminders, on-the-way notifications) | Performance of a contract |
| Process payments and issue invoices/receipts | Performance of a contract / Legal obligation |
| Produce and share diagnostic reports with you | Performance of a contract |
| Respond to your contact form enquiries | Legitimate interest |
| Improve our services and website | Legitimate interest |
| Comply with legal, tax, and regulatory obligations | Legal obligation |
| Protect against fraud and maintain security | Legitimate interest |
We do not use your data for automated decision-making or profiling.
4. Data sharing
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
We may share data with the following categories of service providers who assist in operating our business, under appropriate data protection agreements:
- Payment processing: Stripe (PCI-DSS compliant) for handling card payments
- Email delivery: Zoho Mail for sending booking confirmations, invoices, and service communications
- Calendar scheduling: Google Calendar API for managing appointments
- Hosting: Our website and API are hosted on infrastructure providers who process data on our behalf
We may also disclose your data if required by law, regulation, or legal process.
5. Data retention
| Data type | Retention period |
|---|---|
| Booking and payment records | 6 years from the date of the transaction (HMRC requirement) |
| Contact form messages | 12 months, or until the enquiry is resolved |
| Diagnostic reports and media | Retained until you request deletion, or 6 years from completion (whichever is shorter) |
| Analytics data | Aggregated and anonymised; no personal data retained |
| Server logs | 90 days |
You may request earlier deletion of your data at any time (see Section 7).
6. Data security
We take reasonable technical and organisational measures to protect your data:
- All data transmitted between your browser and our website is encrypted using TLS (HTTPS).
- Payment card data is handled entirely by Stripe and never touches our servers.
- Admin access to booking data is protected by authenticated sessions.
- Media uploads (photos, documents) from diagnostic reports are stored securely and are only accessible via unique, unguessable share links.
- We limit access to personal data to authorised personnel only.
7. Your rights
Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the right to:
- Access your personal data (Subject Access Request)
- Rectify inaccurate or incomplete data
- Erase your data (“right to be forgotten”), subject to legal retention requirements
- Restrict processing in certain circumstances
- Data portability - receive your data in a structured, machine-readable format
- Object to processing based on legitimate interest
- Withdraw consent where processing is based on consent
To exercise any of these rights, contact us at contact@tripointdiagnostics.co.uk. We will respond within one calendar month.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: https://ico.org.uk
- Helpline: 0303 123 1113
8. Cookies
Our website does not use cookies for tracking or advertising. We use privacy-friendly analytics that operate without cookies. Your browser's localStorage may be used to save form progress locally on your device - this is not a cookie and is not transmitted to any server unless you submit the form.
9. Children's data
Our services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.
10. International transfers
Your data is primarily processed within the United Kingdom. Where data is processed by third-party providers outside the UK (e.g., Stripe, Google), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions recognised by the UK Government.
11. Changes to this policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website at https://tripointdiagnostics.co.uk/legal/privacy-policy. Material changes will be highlighted with an updated “Last updated” date.
12. Contact us
For any privacy-related queries or to exercise your data rights:
- Email: contact@tripointdiagnostics.co.uk
- Phone: 020 8058 6095
- Post: Tripoint Diagnostics Ltd, 476 Sidcup Road, Eltham, London