Cashloom

Privacy Policy

This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights.

1) Who we are

“Cashloom”, “we”, “us”, or “our” refers to the operator of this website and the services offered through it.

If you tell me your legal business name/address and contact email, I’ll insert them here properly.

2) What data we collect

  • Account data: email address, password hash, name (if provided), session identifiers.
  • Depot applications: depot name, address, postcode, opening hours, access notes, optional proof uploads.
  • Operational data: job/collection/drop-off details, weights/miles used for calculations.
  • Support messages: contact form/email messages you send us.
  • Technical data: device/browser info, IP address, basic logs for security and abuse prevention.
  • Location parameters (optional): town/region parameters passed in URLs to improve user experience.

We do not intentionally collect special category data (e.g., health, religion). Please don’t submit that kind of information.

3) Why we collect data (purposes)

  • To create and manage your account and allow you to log in.
  • To process depot applications and manage depot listings.
  • To operate the service (jobs, earnings, scheduling, calculations).
  • To communicate with you about your account or service updates.
  • To prevent fraud, misuse, and protect our systems.
  • To comply with legal obligations where required.

4) Lawful bases (UK GDPR)

We process personal data under one or more lawful bases, including:

  • Contract: to provide the services you request (e.g., account access, depot operations).
  • Legitimate interests: running and securing our platform, preventing abuse/fraud, improving reliability.
  • Consent: where you choose to provide optional information (e.g., optional proof upload).
  • Legal obligation: where we must comply with law (e.g., responding to lawful requests).

5) Cookies and sessions

We use essential cookies/sessions to keep you logged in and protect against security threats (e.g. CSRF). We do not require marketing cookies to operate the depot account features.

If you add analytics/advertising in the future, update this section and (if needed) implement a cookie consent banner.

6) Sharing your data

We do not sell your personal data. We may share data only where necessary, for example:

  • Service providers helping us run the website (hosting, email delivery), under confidentiality.
  • Legal requirements if we must comply with applicable law or valid requests.
  • Business protection to enforce our Terms, prevent fraud, or protect users and our systems.

7) Data retention

We keep personal data only as long as needed for the purposes described above, including legal, accounting, or security needs. Retention periods may vary depending on the type of data and service activity.

8) Security

We use reasonable technical and organisational measures to protect data (e.g., password hashing, access controls). However, no online system is 100% secure.

9) Your rights

Under UK GDPR, you may have rights including:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request corrections to inaccurate data.
  • Erasure: request deletion in certain circumstances.
  • Restriction: request limiting processing in certain circumstances.
  • Objection: object to processing based on legitimate interests in certain circumstances.
  • Portability: request transfer of your data where applicable.

Some rights are not absolute and depend on the context and legal requirements.

10) Children

Our services are not intended for children. If you believe a child has provided us data, contact us so we can remove it.

11) International transfers

If any service providers process data outside the UK, we will take steps to ensure appropriate safeguards are in place (e.g., UK adequacy regulations or contractual protections).

12) Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date shows when changes were made.

13) Contact

For privacy questions or requests, contact us via the contact page.

You also have the right to complain to the ICO (Information Commissioner’s Office) in the UK if you believe your data is being handled incorrectly.