Privacy Policy
Effective date: 11 February 2026
This Privacy Policy explains how Specialist Vehicle Hire Limited trading as Southern Self Drive (“we”, “us”, “our”) collects, uses, and protects personal data in accordance with applicable UK data protection legislation, including the UK GDPR and the Data Protection Act 2018.
1. Personal Data We Collect
We may collect and process personal data including, but not limited to:
- Name and contact details
- Identification and verification information
- Booking, hire, and contract details
- Payment, billing, and account information
- Information required for legal, regulatory, and compliance purposes
Personal data may be collected:
- Directly from you when you submit an enquiry, booking, or application
- From employers, clients, or referees where relevant and permitted
- From publicly available sources (e.g. company websites or public registers)
- From credit reference agencies (CRAs) where checks are necessary
- From third-party providers supporting our operational and compliance activities
2. How We Use Personal Data
We process personal data for legitimate business purposes, including:
- Managing bookings, hires, and contracts
- Verifying identity and preventing fraud
- Assessing creditworthiness and affordability where applicable
- Meeting legal, regulatory, tax, and accounting obligations
- Maintaining accurate records
- Responding to enquiries and providing customer support
3. Credit Reference and Affordability Checks
To assess applications, verify identity, prevent fraud, and meet legal and regulatory obligations, we may obtain information about you from credit reference agencies (CRAs).
We obtain this information via Creditsafe, which uses its data partner TransUnion to supply consumer credit and identity data.
Creditsafe Business Solutions Limited is authorised and regulated by the Financial Conduct Authority (FCA Firm Reference Number: 742313).
TransUnion International UK Limited is authorised and regulated by the Financial Conduct Authority (FCA Firm Reference Number: 805757).
The information received may include identity details, credit commitments, payment history, and public record information. This data is used solely for legitimate business purposes such as credit assessment, identity verification, and fraud prevention.
Further information can be found in their privacy notices:
- Creditsafe Transparency Notice – Customers & Suppliers
- TransUnion Credit Reference Agency Information Notice (CRAIN):
https://www.transunion.co.uk/legal/privacy-centre/pc-credit-reference - TransUnion Bureau Privacy Notice:
https://www.transunion.co.uk/legal/privacy-centre/pc-bureau
4. Legal Basis for Processing
We process personal data under one or more of the following lawful bases:
- Performance of a contract
- Compliance with a legal obligation
- Legitimate interests
- Consent (where required, such as marketing communications)
Legitimate Interests Pursued
Where processing is based on legitimate interests, these interests include operating and improving our business, fulfilling contractual obligations, ensuring system and data security, preventing fraud, supporting audit and compliance activities, and protecting data supplied by third-party providers, including TransUnion.
We carefully balance these interests against the rights and freedoms of individuals and apply appropriate safeguards to ensure processing remains fair, proportionate, and compliant with data protection law.
5. Provision of Personal Data
Certain personal data is required to:
- Enter into and perform contracts
- Process bookings and manage accounts
- Verify identity and prevent fraud
- Comply with legal and regulatory obligations
Consequences of Not Providing Data
- We may be unable to provide services
- Contracts may not be completed
- Verification checks may not be possible
- Services may be delayed, restricted, or declined
Where personal data is requested for optional purposes, provision is voluntary and consent may be withdrawn at any time.
6. Automated Processing and Profiling
We may use automated tools and systems to support processes such as risk assessment, fraud prevention, identity verification, affordability checks, and record management.
We do not make decisions producing legal or similarly significant effects based solely on automated processing. Relevant decisions are subject to meaningful human review.
7. Data Sharing
We may share personal data with:
- Service providers supporting our business operations
- Credit reference agencies for verification and assessment
- Regulatory, enforcement, or legal authorities where required by law
All third parties are required to respect the security and confidentiality of personal data.
8. International Data Transfers
We may transfer personal data outside the UK and/or European Economic Area (EEA) where necessary. Where this occurs, appropriate safeguards are implemented.
9. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, and protect our legitimate business interests.
10. Your Rights
Under applicable data protection law, you have rights including:
- The right of access
- The right to rectification
- The right to erasure (where applicable)
- The right to restrict processing
- The right to object to processing
- The right to data portability
- The right to lodge a complaint with the Information Commissioner’s Office (ICO)
Right to Data Portability
Where processing is carried out by automated means and based on your consent or the performance of a contract, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. You may also request that we transfer this data to another organisation where technically feasible.
11. Data Protection Officer
Our Data Protection Officer:
Alexi Paxman
alexi.paxman@ssdhire.co.uk
12. Policy Updates
We review this Privacy Policy periodically to ensure continued compliance. The latest version will always be available on our website.