DARY-SEB Logistics LTD · Company No. 14190486

Privacy Policy

Last updated: 4 June 2026 (processors & DPA) · United Kingdom

This Privacy Policy explains how DARY-SEB Logistics LTD (Company No. 14190486) ("we", "us", "our") collects and uses personal data when you use the Jobs Drivers website and related services at https://jobs-drivers.co.uk/ (the "Platform"). We are the data controller for personal data processed through the Platform.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy was last updated on 4 June 2026 (processors & DPA).

1. Who we are

Data controller: DARY-SEB Logistics LTD
Company number: 14190486
Registered office: 59 Margetson Crescent, Sheffield, England, S5 9ND
Platform / trading name: Jobs Drivers
Privacy contact: info@jobs-drivers.co.uk
Companies House: View company record

2. Personal data we collect

Depending on how you use the Platform, we may collect:

  • Identity & contact: name, email address, telephone number, business name and address (for companies).
  • Driver profile data: driving licence categories, qualifications (e.g. CPC), work history, availability, uploaded documents (licence, CPC card, CV, tachograph where provided).
  • Company account data: company details, subscription or account tier, search and hiring activity on the Platform.
  • Account & technical data: username, password (stored in hashed form), IP address, browser type, device information, log files and security records.
  • Communications: messages sent through the Platform or to our support team.
  • Marketing preferences: where you opt in to receive updates.

We do not intentionally collect special category data (e.g. health data) unless you voluntarily include it in free-text fields or documents; please avoid submitting unnecessary sensitive information.

2a. Driver identity documents (storage, access & audit)

When you register as a driver, you may upload identity and compliance files (for example driving licence images, right-to-work evidence, CPC/tachograph cards and CV). We treat these as high-risk personal data and apply additional controls:

  • Purpose & lawful basis: to verify your profile, comply with UK employment/transport due-diligence expectations, and allow subscribed companies to assess suitability — primarily Contract and Legitimate interests (fraud prevention and marketplace safety).
  • Compartmentalisation: each file is linked to your user account only; direct public URLs are disabled. Downloads use time-limited authenticated links. Only you, platform administrators, and companies with an active Premium subscription may open files (Free company accounts cannot download identity documents).
  • Encryption in transit: data is transmitted over HTTPS (TLS).
  • Encryption at rest: files are stored on our UK hosting infrastructure. At-rest protection depends on server/database encryption provided by the host (we require industry-standard disk/database encryption where available). Passwords are stored hashed; we do not store payment card details on this Platform.
  • Audit trail: we log document events (upload, replacement, view, deletion) with timestamp, actor user ID and IP address. Administrators can review these logs for security and compliance investigations.
  • Retention: while your account is active, documents remain available according to your profile settings. When you replace a file, the previous version is deleted. When your account is deleted (or you exercise erasure rights), we delete associated files promptly and retain audit log entries for up to 24 months unless a longer period is required by law or an active dispute.
  • After verification: we do not automatically delete documents immediately after a company views them — hiring decisions may require retained evidence. You may request erasure when no longer needed (see section 7). Companies must use documents only for lawful recruitment/verification purposes.
  • Minimisation: upload only documents relevant to the roles you seek; redact unrelated pages where possible.

Separate explicit consent is requested at registration for processing these identity documents, in addition to our Terms & Conditions.

2b. What companies can see (Free vs Premium) & revoking access

Driver profiles appear in search results as a limited preview (name, general location, licence categories, work preferences and whether certificates are on file). Additional data is tiered by the viewing company’s subscription:

Data typeGuest / publicCompany (Free)Company (Premium)
Search card (name, photo, postcode, licence categories, work type)Yes — public previewYesYes
Full PII (date of birth, address, licence number, RTW share code)NoNoYes — full profile modal
Phone number & emailNoNoYes
Availability calendarNoNoYes
In-platform messagesNoYes (registered company)Yes
Uploaded identity files (see list below)NoNo — file names may show as “uploaded” in preview only, without downloadYes — secure download per file (logged)

Identity documents collected

Only Premium companies may download the following when you have uploaded them (each download is audit-logged):

  • Right to work document
  • Licence (front)
  • Licence (back)
  • CPC card
  • Tachograph card
  • ADR certificate
  • HIAB certificate
  • Forklift licence
  • First aid certificate
  • Other certificates
  • CV / resume

Free companies may see that a document type exists (e.g. “CPC on file”) in preview mode but cannot open licence images, RTW scans, CPC/tachograph cards or your CV.

How company access is revoked

  • When Premium ends — prepaid period expires or status is set to expired (checked hourly). The company immediately loses access to driver phone, email, full profile fields, availability calendars and document downloads. Search previews remain available on the Free plan.
  • Technical enforcement — access is evaluated on every profile view and document download; expired companies receive locked document links and preview-only modals.
  • Unlock records — any per-driver “unlock” flags are cleared when Premium expires so access cannot continue via stale permissions.
  • Driver deletion — if a driver deletes their account, their documents are removed from the Platform; companies lose access automatically.
  • Reinstatement — purchasing a new Premium term restores access for the subscription period; previous downloads are not re-granted without a new logged view.

See Pricing for plan features.

3. How we use your data and lawful bases

PurposeLawful basis (UK GDPR)
Creating and managing your accountContract (Art. 6(1)(b))
Connecting drivers with transport companiesContract; Legitimate interests (operating the marketplace)
Verifying profiles and preventing fraudLegitimate interests; Legal obligation where applicable
Customer support and complaintsContract; Legitimate interests
Platform security and abuse preventionLegitimate interests
Legal, tax and regulatory complianceLegal obligation (Art. 6(1)(c))
Marketing (email) where you have opted inConsent (Art. 6(1)(a)) — you may withdraw at any time
Analytics cookies (if enabled)Consent — see our Cookie Policy

4. Sharing your data

We may share personal data with:

  • Registered transport companies — limited driver previews for all logged-in companies; full profile fields, contact details and identity document downloads only for active Premium subscribers, as set out in section 2b. Access ends when Premium expires. Company contact details may be visible to drivers where the Platform allows messaging.
  • Sub-processors (service providers) — named infrastructure and payment providers that process data on our instructions under UK GDPR Article 28 — see section 4a for the current list and DPA position.
  • Professional advisers — lawyers, accountants or insurers where necessary.
  • Authorities — police, regulators or courts when required by law.
  • Business transfers — if we sell or reorganise our business, subject to appropriate safeguards.

We do not sell your personal data.

4a. Sub-processors & Data Processing Agreements (UK GDPR Art. 28)

Where we use a service provider that processes personal data on our behalf, UK GDPR Article 28 requires a contract (commonly called a Data Processing Agreement or “DPA”) that sets out the subject matter, duration, nature and purpose of processing, types of personal data, categories of data subjects, and our instructions. We remain responsible to you as the data controller.

We maintain a list of key sub-processors below. This list may change when we add or replace suppliers; material changes will be reflected in an updated Privacy Policy where appropriate.

ProcessorServiceTypical locationPersonal data involvedArt. 28 safeguards
Gazduire.Net® (TES EURO MEDIA S.R.L.)Web hosting, storage, backups, email transport (infrastructure)Romania / EEA — servers operated in Romania unless otherwise stated in your service orderAccount data, driver profiles, uploaded documents, messages, logs, IP addresses and technical metadata necessary to operate the PlatformWritten hosting contract with data-protection clauses; provider GDPR policy and processor obligations under Romanian/EEA law. A formal Article 28 DPA or equivalent annex is maintained or requested for our hosting account.
Stripe, Inc. (Stripe Payments Europe Ltd. for UK/EEA customers)Payment processing for company Premium subscriptionsUnited Kingdom / EEA and United States (where applicable for fraud prevention and infrastructure)Company billing identity, email, payment method tokens, transaction metadata, invoices — we do not store full card numbers on our serversStripe Data Processing Agreement incorporated into the Stripe Services Agreement (controller/processor roles as defined by Stripe). We use Stripe Checkout so card data is collected directly by Stripe.

Our commitments as controller

  • We instruct processors only to process personal data on documented instructions (including this Privacy Policy and our Terms).
  • We require appropriate confidentiality, security, and assistance with data subject rights and ICO enquiries.
  • We use written terms or industry-standard processor agreements that include Article 28-style clauses (or equivalent under EU/EEA law for EEA-based hosts).
  • We assess international transfers and rely on UK IDTA/SCCs or adequacy decisions where data leaves the UK.

Processor agreements & copies

Formal DPAs for hosting and payments are held by DARY-SEB Logistics LTD as part of supplier contracts or accepted online terms (e.g. Stripe’s published DPA). If you need details of safeguards for a specific processor for compliance or due diligence, contact info@jobs-drivers.co.uk — we will provide relevant summaries or references within a reasonable time, subject to confidentiality.

Note: Registered transport companies that view driver profiles are separate recipients of data (often independent controllers for their recruitment activities), not our sub-processors — see section 2b and section 4.

5. International transfers

We aim to store and process personal data in the United Kingdom and, for hosting infrastructure, within the EEA (Romania) via our hosting provider Gazduire.Net®.

Some sub-processors (notably Stripe for payments) may process data in the United States or other countries for fraud prevention, support and global infrastructure. Where personal data is transferred outside the UK, we rely on appropriate safeguards such as:

  • UK adequacy regulations (where the destination is approved), and/or
  • the UK International Data Transfer Agreement (IDTA) or UK Addendum to EU Standard Contractual Clauses, and/or
  • the processor’s published transfer mechanisms (e.g. Stripe’s Data Processing Agreement and transfer tools).

You may request more information about transfers relating to your data by contacting us (section 7).

6. Retention

We keep personal data only for as long as necessary for the purposes above, including:

  • Active account data — while your account is open and for a reasonable period after closure.
  • Financial and legal records — up to six years where required for UK tax and legal purposes.
  • Security logs — typically up to 12 months unless needed for an investigation.
  • Driver identity document files — for the life of your account; deleted when you delete your account or we approve an erasure request, subject to legal holds.
  • Document access audit logs — up to 24 months after the event.

We may anonymise data for statistics where it can no longer identify you.

7. Your rights

Under UK data protection law you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase data (in certain circumstances)
  • Restrict or object to processing
  • Data portability (where processing is based on consent or contract and automated)
  • Withdraw consent for marketing at any time
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk

To exercise your rights, email info@jobs-drivers.co.uk. We respond within one month (extendable for complex requests).

8. Security

We implement appropriate technical and organisational measures, including:

  • role-based access controls and email verification for new accounts;
  • authenticated, logged downloads for driver identity documents (no anonymous public file links);
  • HTTP security headers (including frame protection and content security policies) on the public site;
  • encryption in transit (TLS/HTTPS);
  • hosting-level encryption at rest where supported by our infrastructure provider;
  • audit logging for sensitive document access.

No online service is completely secure. Please use a strong password, keep login details confidential, and notify us promptly if you suspect unauthorised access.

9. Children

The Platform is intended for users aged 18 and over. We do not knowingly collect data from children. Contact us if you believe a child has provided data and we will delete it.

10. Changes

We may update this policy from time to time. The date at the top shows when it was last revised. Material changes will be notified on the Platform where appropriate.