Car Advert Check

Privacy Policy

Last Updated: 30 March 2026

At Car Advert Check ("we", "us", "our"), we take your privacy seriously. We built this tool to protect car buyers, and that includes protecting your data. This Privacy Policy explains how we collect, use, and safeguard your information when you use caradvertcheck.co.uk.

UK GDPR & DATA PROTECTION ACT 2018 COMPLIANT

1What Information We Collect

To provide our automated advert analysis, we collect the following types of data:

A. Information you provide directly:

  • Vehicle Registration Marks (VRMs): The number plate of the vehicle you are checking.
  • Advert Content: The text, descriptions, and links you paste into our tool.
  • Uploaded Documents: Photos of service histories, receipts, or vehicle damage you upload for iterative analysis.
  • Email Addresses: We collect your email address when you create a free account to access report credits, sign up for our beta feedback, or join the waitlist.

B. Information collected automatically:

  • Security & Network Data: Your IP address, browser type, and device information. This is strictly used for rate-limiting (preventing bots from draining our resources) and security and bot protection measures (such as Cloudflare Turnstile).
  • Usage Data: Anonymous analytics on how you interact with our website.

2A Warning About Third-Party Personal Data

Our system allows you to upload photos of service books, receipts, and advert text to improve your report. You must not upload any personally identifiable information (PII) belonging to a third party without their consent.

Please redact (cross out) any personal names, home addresses, phone numbers, or faces in photos before uploading. Our AI only needs to read the dates, mileages, and mechanical work completed.

3How We Use Your Information

We use the data we collect for the following core purposes:

  • Generating Reports: We use the VRM to query the UK Government's DVSA MOT database.
  • AI Analysis: We securely transmit the advert text, MOT data, and your uploaded images to our Large Language Model partners (such as Google Gemini or Anthropic) to generate the buyer's guide.
  • Security: To enforce our "1-per-IP" rate limits and block malicious traffic.
  • Communication: To send you updates about our platform (only if you explicitly opted in).

4Who We Share Your Data With

We do not sell your personal data to car dealerships, marketers, or data brokers. We only share data with the strict infrastructure partners necessary to run the app:

  • Government APIs: The DVSA (to retrieve MOT history).
  • AI Providers: Large Language Model providers (such as Google Gemini). We use enterprise-tier APIs, meaning your data is not used by these companies to train their public AI models.
  • Cloud Hosting & Databases: Vercel and Google Firebase/Firestore (to host the website and store the generated reports securely).
  • Payment Processing: Stripe (to process credit purchases securely). We never see or store your full credit card details. Stripe handles all payment data in compliance with strict PCI regulations.
  • Email & Communication: Resend (to send you transactional emails and optional marketing updates).
  • Security: Cloudflare (for bot protection).

International Data Transfers: Some of our infrastructure partners (like Stripe, Google, and Vercel) process data outside the UK (e.g., in the United States). Where this occurs, we ensure your data is protected through Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs) provided by these partners, compliant with UK GDPR.

5Data Retention

  • Generated Reports: We store generated reports in our database so you can access them later via your unique link. You can request the deletion of a report at any time.
  • Anonymised Records: If you delete your account, your financial transactions and report histories are scrubbed of all Personally Identifiable Information (PII). We retain the underlying anonymised data indefinitely for aggregated analytics, financial reconciliation, and system improvement.
  • IP Addresses: We temporarily log IP addresses in our database for rate-limiting purposes (e.g., limiting free scans per 24 hours).
  • Waitlist: Waitlist email addresses are retained until you unsubscribe or request deletion, and are used solely to notify you of launch discounts and product updates.

6Your UK GDPR Rights

Under UK law, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Erasure (Right to be Forgotten): Under Article 17 of the GDPR, you can request full account deletion via your Account Settings. This initiates a process that permanently deletes your authentication record and fully anonymises all associated transaction and report data so it can never be traced back to you.
  • Rectification: Correct any inaccurate data we hold.
  • Data Portability: Request a copy of your data in a structured, machine-readable format.
  • Object to Processing: Object to how we process your data, including for marketing purposes.
  • Withdraw Consent: Unsubscribe from our emails at any time.

To exercise any of these rights, please email us at hello@caradvertcheck.co.uk. We will respond within 30 days.

7Cookies and Storage

We use essential cookies and local storage to keep the site secure (like Cloudflare Turnstile) and to manage your session state.

Firebase Authentication uses browser storage to maintain your logged-in session. This is essential for the service to function and cannot be disabled.

Analytics & Tracking Cookies:

We use Google Analytics to understand how visitors interact with our website, which helps us improve our product. Google Analytics collects anonymous information such as your IP address, page visits, and device type.

  • EU/UK Visitors: We strictly require your explicit opt-in consent before deploying these non-essential tracking cookies. You will be prompted by a cookie banner on your first visit.
  • Outside EU/UK: In regions where strict opt-in is not legally required, we may deploy these cookies automatically.

You can manage or revoke your cookie preferences at any time by clearing your browser's local storage and cookies for our site. We do not currently use third-party tracking cookies for targeted advertising, but if this changes, we will update this policy and seek appropriate consent.

8Changes to this Policy

We may update this policy as we add new features (like full HPI checks or paid tiers). We will update the "Last Updated" date at the top of this page when we do.

9Contact Us & About Us

If you have any questions or concerns about how we handle your data, please reach out to our Data Protection Officer at:

Email: hello@caradvertcheck.co.uk

Registered Business Details:

Trading as: Car Advert Check

Address: 4th Floor, Silverstream House, 45 Fitzroy Street, Fitzrovia, London, W1T 6EB

We are registered with the Information Commissioner's Office (ICO).

10Marketing Consent

By explicitly opting in to our waitlist or newsletter, you consent to receive a small number of marketing emails from us about our launch, pricing, and updates. We rely on your explicit consent for this marketing. You have the right to withdraw this consent and unsubscribe at any time by clicking the unsubscribe link in any email or by contacting hello@caradvertcheck.co.uk. We will never sell or share your email address with third-party marketers.