Call us for same-day service
01604 715 515
Alderley Autos Northampton — how we collect, use and protect your personal data
This privacy policy applies to Alderley Autos, a motor vehicle repair garage based in Northampton, United Kingdom.
Trading name: Alderley Autos
Address: 103 Bunting Road, Northampton, NN2 6EE
Telephone: 01604 715 515
Email: info@alderleyautos.co.uk
Website: www.alderleyautos.co.uk
For the purposes of UK data protection law, Alderley Autos is the data controller for personal data collected through this website and our booking system.
We collect personal data in the following ways:
When you submit a booking request or contact enquiry through our website, we collect:
| Data collected | Why we collect it | Legal basis |
|---|---|---|
| Full name | To address you correctly when we respond | Legitimate interests — to provide the service you requested |
| Email address | To respond to your booking or enquiry | Legitimate interests — to provide the service you requested |
| Phone number (optional) | To contact you by telephone if you prefer | Legitimate interests — to provide the service you requested |
| Vehicle make & model (optional) | To prepare for your appointment and advise on your specific vehicle | Legitimate interests — to provide the service you requested |
| Vehicle registration (optional) | To identify your vehicle and look up relevant history | Legitimate interests — to provide the service you requested |
| Service required (optional) | To prepare for your appointment and give you an accurate quote | Legitimate interests — to provide the service you requested |
| Message / enquiry text | To understand what you need and respond appropriately | Legitimate interests — to provide the service you requested |
| IP address (hashed — not stored in raw form) | To prevent spam and limit automated submissions | Legitimate interests — security and fraud prevention |
We do not collect payment card details, bank details or any financial information through our website. All vehicle payments are handled in person at the garage.
When you call us or visit the garage, we may take note of your name, contact details and vehicle information in order to carry out or book work on your vehicle. This information is used solely to provide our services to you.
Our website is built on WordPress. WordPress may set cookies (small files stored on your device) and collect certain technical information as part of its normal operation, including:
This data is collected automatically and used for website security, performance monitoring and to understand how visitors use the site. It is not used to identify individual visitors for marketing purposes.
We do not collect or process:
Booking and contact form submissions are stored in a private database on our web server, which is hosted in the United Kingdom by eUKHost. This database is:
Booking enquiries are not sent by email when submitted. Staff review enquiries directly through the secure booking dashboard and respond to you using your provided contact details.
To protect against spam and automated form abuse, we record a one-way cryptographic hash (SHA-256) of the submitting IP address, combined with a server-side secret. This means we can detect and rate-limit repeated submissions from the same source without storing your actual IP address. The raw IP address is never written to our database.
Our website and all associated data is hosted on a dedicated server in the United Kingdom provided by eUKHost Ltd. eUKHost processes data on our behalf as a data processor. Their privacy policy is available at www.eukhost.com/terms/privacy/.
We take reasonable steps to protect the personal data we hold, including:
No method of electronic storage or transmission is 100% secure. While we use commercially reasonable means to protect your data, we cannot guarantee absolute security.
| Data type | Retention period | Reason |
|---|---|---|
| Booking / contact form submissions | Up to 2 years from the date of submission, or until manually deleted by staff | To maintain a record of customer contact for service continuity and any follow-up queries |
| Vehicle service records (paper or digital) | Up to 6 years | Standard business record-keeping requirements |
| Website access logs | Up to 90 days | Security monitoring and incident investigation |
| WordPress user accounts (staff) | Until the account is deleted or the member of staff leaves | Access control for the booking dashboard |
We will delete your personal data sooner if you request it and there is no legal reason to retain it. See Section 7 for your rights.
We do not sell, rent or trade your personal data to third parties.
We may share your data with the following categories of recipients, strictly for the purposes described:
| Recipient | Why | Data shared |
|---|---|---|
| eUKHost Ltd (hosting provider) | Our web server and database are hosted on their infrastructure | All data stored on the website and booking database (they do not access this data in normal operation) |
| Google (Maps embed) | We embed Google Maps on our website to show our location. Google may set cookies when the map loads. | IP address and browser information (handled by Google — see Google's Privacy Policy) |
| Law enforcement / regulatory bodies | If required to do so by law, court order, or to protect our legal rights | Only the data specifically required |
We do not use your data for any automated decision-making or profiling.
Cookies are small text files placed on your device by a website. They are widely used to make websites work efficiently and to provide information to site owners.
| Cookie name / type | Purpose | Duration |
|---|---|---|
| WordPress session cookies (e.g. wordpress_logged_in_*, wp-settings-*) |
Used to keep staff logged into the booking dashboard. These are only set for logged-in users and are not set for regular visitors. | Session / 1 year (persistent for logged-in staff) |
| CSRF nonce cookies | Set automatically by WordPress to protect forms from cross-site request forgery attacks. Essential for security. | Session |
| Google Maps cookies | Set by Google when the embedded map loads on our contact and service pages. Used by Google for their own purposes. You can opt out via Google's opt-out tool. | Up to 2 years |
We may use basic server-side analytics (access logs provided by our hosting environment) to understand traffic volumes and page performance. This does not involve any third-party analytics services such as Google Analytics at the time of this policy. If we introduce third-party analytics in future, this policy will be updated.
Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies, or to alert you when cookies are being sent. Note that if you disable cookies, some functionality of this website (such as the contact form) may be affected.
Guidance on managing cookies in popular browsers:
Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the following rights regarding your personal data:
| Right | What it means |
|---|---|
| Right of access | You can request a copy of the personal data we hold about you (a Subject Access Request). We will respond within one calendar month. |
| Right to rectification | If the data we hold about you is inaccurate or incomplete, you can ask us to correct it. |
| Right to erasure ("right to be forgotten") | You can ask us to delete your personal data where there is no compelling reason for us to continue holding it. We will comply unless we are required by law to retain certain records. |
| Right to restrict processing | You can ask us to stop using your data in certain ways while a dispute is resolved. |
| Right to data portability | You can request a machine-readable copy of the data you have provided to us. |
| Right to object | You can object to us processing your data where we rely on legitimate interests as our legal basis. We will stop unless we have compelling legitimate grounds to continue. |
| Rights relating to automated decision-making | We do not carry out any automated decision-making or profiling using your data, so this right does not currently apply. |
To exercise any of these rights, please contact us using the details in Section 8. There is no charge for making a request. We may need to verify your identity before responding.
For any questions about this privacy policy, to exercise your rights, or to raise a concern about how we handle your data:
Alderley Autos
103 Bunting Road
Northampton
NN2 6EE
Tel: 01604 715 515
Email: info@alderleyautos.co.uk
If you are not satisfied with how we have handled your data, you have the right to make a complaint to the Information Commissioner's Office (ICO), the UK's independent data protection regulator:
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk
Helpline: 0303 123 1113
We would, however, appreciate the opportunity to address your concerns before you contact the ICO, so please contact us in the first instance.
We may update this privacy policy from time to time to reflect changes in our practices, technology or legal requirements. When we do, we will update the "Last updated" date at the top of this page. We recommend checking this page periodically.
This policy was last reviewed and updated on 06 June 2026.