Effective from: January 2026

This Privacy Policy explains how Hire Minibus Ltd collects, uses, stores, protects, and shares personal data when you use our website, submit an enquiry, request a quote, make a booking, communicate with us, or use any service connected with Hire Minibus Ltd.

In this Privacy Policy, “Hire Minibus Ltd”, “we”, “us”, and “our” refer to Hire Minibus Ltd, company number 16409264, with registered office at 2nd Floor College House, 17 King Edwards Road, Ruislip, London, HA4 7AE, and trading/contact address at 42 Austin’s Place, Preston PR1 3YJ, UK.

This Privacy Policy applies to hireminibus.uk, enquiry forms, quote requests, CRM records, emails, phone calls, WhatsApp or SMS communication, bookings, payments, cancellations, refunds, complaints, operators, subcontractors, and customer service activities connected with Hire Minibus Ltd.

Please read this Privacy Policy carefully so you understand how we handle your personal data.

1. Who we are

Hire Minibus Ltd is a UK-based minibus and coach hire booking service provider. We arrange UK-based passenger transport services for customers, including bookings that may be fulfilled directly or through suitable licensed transport operators where required.

Hire Minibus Ltd is the data controller for personal data collected through our website, enquiries, quotations, bookings, communications, and customer service activities.

Company name: Hire Minibus Ltd
Company number: 16409264
Registered office: 2nd Floor College House, 17 King Edwards Road, Ruislip, London, HA4 7AE
Trading/contact address: 42 Austin’s Place, Preston PR1 3YJ, UK
Privacy contact email: privacy@hireminibus.uk

For privacy and data protection requests, please contact us at:

privacy@hireminibus.uk

2. Personal data we may collect

We may collect personal data directly from you when you contact us, submit a form, request a quote, make a booking, speak to us, or communicate with us through email, phone, WhatsApp, SMS, website forms, CRM messages, or other channels.

The personal data we may collect includes:

  • name
  • email address
  • phone number
  • pickup and drop-off details
  • journey date and time
  • return journey details
  • passenger count
  • luggage details
  • stops or route details
  • flight details, where relevant
  • event timing, where relevant
  • accessibility, mobility, medical, assistance, seating, or special passenger requirements, where relevant
  • quote details
  • booking status
  • payment records
  • invoices, receipts, and payment confirmations
  • cancellation, refund, and complaint records
  • communication records, including emails, call notes, SMS, WhatsApp messages, and CRM notes
  • lead source and marketing tracking data
  • CRM activity logs, status changes, quotation history, booking value, internal notes, and follow-up history
  • operator allocation details
  • technical data such as IP address, browser/device information, timestamps, referral source, form submission details, page interactions, website errors, failed submissions, and security logs
  • feedback, survey responses, promotion or competition entries, where applicable
  • photos, screenshots, receipts, videos, or other evidence you voluntarily provide for complaint, refund, incident, or customer service purposes
  • any other information you voluntarily provide to us

3. Payment information

Customers cannot make a direct booking or enter card details directly through our website without first receiving a quotation from Hire Minibus Ltd.

Where a customer accepts a quotation, we may send a secure payment link or provide bank transfer details. Card payments are processed through secure third-party payment processors. Bank transfer payments are made using the bank details provided by Hire Minibus Ltd.

We may receive payment-related information such as payment status, payment amount, transaction reference, invoice details, receipt details, payment method, payment date, refund status, chargeback details, or failed payment details.

We do not ask customers to send full card details by email, SMS, WhatsApp, phone call, or any other unsecured method. Customers should only make card payments through the secure payment link or secure payment process provided by Hire Minibus Ltd.

The payment processor may collect and process payment information according to its own privacy and security terms.

4. Special category or sensitive information

We do not usually need sensitive personal data. However, you may voluntarily provide accessibility, mobility, medical, disability, assistance, safeguarding, or care-related information where it is relevant to arranging safe and suitable transport.

This information will only be used where necessary for the booking, journey support, operator allocation, safety, complaint handling, or legal compliance.

Please only provide sensitive information where it is necessary for the journey or service you are requesting.

5. Children’s personal data

We do not usually need children’s personal data. However, we may receive limited information where needed for school, family, youth, care, accessibility, safeguarding, or group bookings.

The customer, organisation, school, parent, guardian, or responsible adult providing the information confirms that they have authority to share it.

Children’s data will only be used for booking, safety, journey coordination, legal compliance, complaints, or customer service.

6. How we collect personal data

We may collect personal data from:

  • you directly
  • our website forms
  • phone calls, emails, WhatsApp, SMS, or other communication channels
  • quote requests and booking forms
  • payment records
  • CRM records
  • customer service interactions
  • complaint or refund requests
  • advertising platforms
  • directory listings
  • partner or referral websites
  • call-tracking providers
  • booking partners
  • other enquiry sources

7. How we use personal data

We may use personal data to:

  • respond to enquiries
  • provide quotations
  • review journey details
  • confirm availability and pricing
  • arrange bookings
  • coordinate transport services
  • allocate drivers, operators, or subcontractors
  • process payments
  • issue invoices, receipts, or payment confirmations
  • manage cancellations, refunds, chargebacks, and payment disputes
  • communicate with customers before, during, and after a journey
  • manage complaints and investigate service issues
  • maintain CRM records and booking history
  • prevent fraud, spam, misuse, abuse, or suspicious activity
  • protect our website, systems, staff, drivers, operators, and customers
  • measure marketing performance
  • understand enquiry sources
  • improve our website, services, response process, and customer experience
  • send service-related updates about enquiries, quotes, bookings, payments, cancellations, refunds, and journeys
  • send marketing communications where allowed by law
  • invite customers to provide feedback, complete surveys, or participate in promotions or competitions, where applicable
  • comply with accounting, tax, legal, regulatory, and insurance obligations
  • handle legal claims, disputes, or debt recovery

8. Lawful basis for using personal data

We use personal data under the following lawful bases:

Contract
To provide quotes, arrange bookings, manage journey details, process payments, communicate with you, handle cancellations, refunds, complaints, and provide customer service.

Legitimate interests
To maintain CRM records, follow up on enquiries, improve services, coordinate with operators, prevent fraud, manage business records, monitor service quality, investigate complaints, measure marketing performance, protect our systems, and manage business operations.

Legal obligation
To keep accounting, tax, payment, legal, regulatory, complaint, and dispute records where required.

Consent
For optional marketing, non-essential cookies, advertising tracking, surveys, promotions, competitions, or other consent-based processing where required.

Vital interests
In emergency situations only, such as passenger safety, urgent medical situations, or security incidents.

9. Our custom CRM

We use our own custom CRM to manage enquiries, quotes, booking records, communication history, customer service records, operator allocation, follow-ups, cancellations, refunds, complaints, and internal activity logs.

CRM records may include lead source, enquiry history, quotation history, booking status, booking value, communication records, internal notes, activity logs, follow-up history, complaint notes, and refund/cancellation records.

Access to CRM data is restricted to authorised users where needed for business, customer service, operational, security, or compliance purposes.

10. AI-assisted tools and CRM processing

We may use AI-assisted tools, automated tools, or large language model services to support enquiry handling, email drafting, communication summaries, CRM organisation, internal notes, follow-ups, quotations, and customer service.

The active provider may change from time to time. We do not name AI or large language model providers in this Privacy Policy.

These tools support administration and communication. We do not use them to make solely automated decisions that have legal or similarly significant effects on customers unless clearly stated and lawfully permitted.

11. Phone calls and communication records

We may keep call logs, call notes, enquiry notes, and communication history in our CRM.

If call recording is used, customers will be informed where required. Recordings may be used for quality, training, dispute handling, booking accuracy, and customer service.

We may communicate with customers through email, phone, SMS, WhatsApp, website forms, CRM messages, or other channels provided by the customer.

Communication records may be stored for booking management, customer service, dispute handling, legal compliance, service improvement, and fraud prevention.

12. Website diagnostics, errors, and usage information

When you use our website, we may collect technical and usage information such as:

  • IP address
  • browser and device information
  • timestamps
  • referral source
  • pages visited
  • form interactions
  • website errors
  • failed submissions
  • loading errors
  • security logs
  • approximate location or regional information where available

We use this information to operate the website, protect our systems, prevent spam or fraud, measure marketing performance, improve website performance, and troubleshoot technical issues.

13. Location-related information

We may collect journey location information such as pickup points, drop-off points, stops, route details, airports, event locations, and other travel-related locations provided by the customer.

We may also receive approximate location or regional information from website analytics, advertising platforms, call tracking, device/browser settings, or enquiry sources where this is available and lawful.

14. Sharing data with drivers, operators, and subcontractors

We may share necessary booking, journey, passenger, contact, luggage, accessibility, and special requirement details with drivers, licensed operators, subcontractors, and transport partners where needed to arrange, manage, or complete the journey.

Only relevant information will be shared, and operators or drivers must use it only for booking, journey coordination, safety, customer service, or legal compliance.

Depending on the arrangement, transport operators, drivers, and subcontractors may act as processors, independent controllers, or separate businesses responsible for their own legal, insurance, licensing, safety, and operational obligations.

15. Sharing data with service providers

We may use trusted service providers for payment processing, email, analytics, advertising, accounting, bookkeeping, communication, security, and other business operations.

We use our own custom CRM. We control our own IT support.

Hosting providers are not permitted to access customer data for ordinary business use. However, hosting or infrastructure providers may technically store, transmit, back up, or secure website or system data where this is necessary to provide hosting, infrastructure, security, or maintenance services. Any access to customer data should be limited, authorised, and only where necessary.

Where service providers process data on our behalf, they are expected to process it only for agreed purposes, keep it secure, and follow applicable data protection requirements.

16. Other parties we may share data with

Where necessary, we may share relevant data with:

  • licensed transport operators
  • drivers
  • subcontractors
  • payment processors
  • banks
  • email and communication providers
  • analytics and advertising platforms
  • accounting or bookkeeping providers
  • insurers
  • legal advisers
  • debt recovery providers
  • IT or security providers controlled or authorised by us
  • regulators
  • law enforcement
  • courts or dispute bodies
  • other parties where required for bookings, payments, legal compliance, safety, fraud prevention, service delivery, or business operations

17. Advertising, analytics, and conversion tracking

We may use advertising and analytics tools, including Google Ads or similar platforms, to measure enquiries, quote requests, bookings, and campaign performance.

This may include:

  • online conversion tracking
  • call and form tracking
  • CRM-based lead status tracking
  • offline conversion measurement
  • campaign attribution
  • enquiry quality analysis

Where permitted, limited customer data may be securely matched or uploaded to advertising platforms for conversion measurement, attribution, fraud prevention, and campaign optimisation, subject to privacy settings, consent requirements, and platform rules.

18. Cookies and similar technologies

Our website may use essential cookies, analytics tools, advertising pixels, conversion tracking, call/enquiry tracking, and similar technologies to operate the website, measure campaign performance, understand enquiry sources, improve services, and show relevant ads.

Non-essential cookies or tracking will be handled through consent where required.

The website should use a cookie consent banner that separates essential cookies from non-essential analytics, advertising, retargeting, conversion tracking, and similar technologies. Users should be able to accept, reject, or manage non-essential cookies, and their preference should be stored.

19. Marketing communications

We may send service-related messages about enquiries, quotes, bookings, payments, cancellations, refunds, and journeys.

Marketing messages may be sent where the customer has consented or where legally permitted, such as similar-service follow-ups to existing customers or enquirers.

Customers can opt out of marketing at any time.

We do not include a general permission in this Privacy Policy to sell customer contact details to third-party marketing partners.

20. Abandoned quotes and follow-ups

We may follow up on enquiries, abandoned quotes, incomplete bookings, payment issues, or pending confirmations using the contact details provided.

These follow-ups are treated as service-related where they relate to the customer’s enquiry.

Marketing follow-ups about future or similar services may only be sent where legally permitted, and customers can opt out of marketing.

21. Surveys, promotions, competitions, and feedback

From time to time, we may invite customers or website visitors to provide feedback, complete surveys, take part in promotions, or participate in competitions.

If we do this, we may collect the information you choose to provide and use it for the purpose explained at the time, such as service improvement, customer research, marketing, or administering the promotion.

Participation is optional unless clearly stated otherwise.

22. Reviews, testimonials, and feedback

We may use customer feedback, reviews, testimonials, ratings, or complaint outcomes for service improvement, quality monitoring, and marketing.

Public reviews may be referred to where lawfully available.

Direct testimonials, names, images, or identifiable customer details will only be used in marketing where permission is obtained or where otherwise legally permitted.

Anonymised feedback may be used without identifying the customer.

23. Customer photos, videos, and social media content

Hire Minibus Ltd does not use customer photos, passenger images, group/event images, videos, or identifiable social media content for marketing purposes.

If customers provide photos, videos, receipts, screenshots, or other evidence as part of a complaint, refund request, dispute, or incident investigation, we may use that evidence only for the relevant investigation, complaint, legal, insurance, payment, or customer service purpose.

24. Complaints, disputes, and evidence sharing

We may use and share relevant booking, journey, communication, complaint, payment, incident, photo/video, or evidence records where reasonably necessary to investigate complaints, resolve disputes, handle insurance, legal, or payment matters, protect staff, drivers, operators, customers, or comply with legal obligations.

Only relevant information will be shared where appropriate.

25. Fraud, abuse, and suspicious activity

We may collect, retain, and share relevant records of suspicious activity, abusive messages, fraud attempts, chargebacks, spam, or misuse where necessary for security, fraud prevention, legal compliance, dispute handling, debt recovery, or protection of staff, drivers, operators, and customers.

26. International data transfers

Customer data may be transferred to or processed in countries outside the UK where service providers, software platforms, payment processors, analytics tools, advertising platforms, hosting, email, CRM, or communication systems are used.

Where required, we will rely on appropriate safeguards such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or equivalent lawful transfer mechanisms.

27. How long we keep personal data

We keep personal data only as long as reasonably necessary for enquiries, bookings, customer service, CRM history, complaints, legal claims, accounting, tax, fraud prevention, and business records.

Typical retention periods may include:

Data typeTypical retention period
Enquiry and lead recordsUp to 3 years
Booking, customer service, and complaint recordsUp to 6 years
Accounting and payment recordsUp to 6 years
Marketing preference recordsUntil updated, withdrawn, or no longer required

We may keep records longer where required for legal claims, disputes, fraud prevention, debt recovery, regulatory matters, or legal obligations.

28. Data deletion and record-keeping limits

Customers may ask us to delete personal data, but deletion is not always possible.

We may keep records where required or reasonably needed for bookings, payments, accounting, tax, legal claims, disputes, fraud prevention, complaints, safety, regulatory obligations, or business records.

Where full deletion is not possible, we may restrict or minimise the data where appropriate.

29. Data security

We use reasonable technical and organisational measures to protect personal data, including:

  • access controls
  • CRM permissions
  • activity logs
  • secure hosting
  • secure payment processes
  • restricted staff/operator access
  • system monitoring
  • procedures to manage suspected data incidents

No system can be guaranteed completely secure.

30. Data security incidents

We will take reasonable steps to investigate, contain, document, and respond to suspected personal data incidents.

Where legally required, we will notify affected individuals, the ICO, or other relevant parties.

Customers should contact privacy@hireminibus.uk if they believe their personal data has been affected.

31. Your data protection rights

Under UK data protection law, you may have rights to ask for:

  • access to your personal data
  • correction of inaccurate data
  • deletion of personal data
  • restriction of processing
  • portability of personal data
  • objection to processing
  • withdrawal of consent
  • objection to direct marketing

Some rights may not apply in every case, especially where we need to keep records for bookings, legal, accounting, fraud prevention, safety, or dispute reasons.

To make a privacy request, contact us at:

privacy@hireminibus.uk

32. Identity verification for privacy requests

For security, we may ask you to verify your identity before responding to a privacy request or disclosing, correcting, deleting, restricting, or transferring personal data.

We may also ask for additional information to help us locate the relevant records and respond to your request properly.

We may refuse to act on a request where we cannot reasonably verify that the person making the request is the customer, authorised contact, or legally entitled requester.

33. Fees for privacy requests

You will not usually have to pay a fee to exercise your data protection rights.

However, where a request is clearly unfounded, repetitive, excessive, or unreasonable, we may charge a reasonable fee or refuse to respond where the law allows.

34. Complaints about personal data

Please contact us first at privacy@hireminibus.uk so we can try to resolve your concern.

You also have the right to complain to the UK Information Commissioner’s Office if you are unhappy with how we handle your personal data.

35. Third-party websites and services

Our website may contain links to third-party websites, payment processors, maps, analytics tools, advertising platforms, review platforms, social media pages, or external service providers.

We are not responsible for the content, availability, security, terms, privacy policies, or practices of third-party websites or services.

Customers should review the relevant third-party terms and privacy policies before using them.

36. Updates to this Privacy Policy

We may update this Privacy Policy from time to time.

The latest version published on our website applies from the date shown.

Where we make important changes that materially affect how we use personal data, we may take reasonable steps to notify customers, such as by updating the website notice or contacting affected customers by email where appropriate.

For confirmed bookings, the Privacy Policy in place at the time of booking will usually apply unless a change is legally required, agreed in writing, or does not materially affect the customer’s booking.