R5 Executive Travel luxury chauffeur vehicle

Legal

Privacy policy

Last updated: April 2026

1. Introduction

R5 Executive Travel Ltd ("R5", "we", "us", "our") is committed to protecting your privacy and ensuring the security of your personal data. We are registered in England and Wales and operate as a professional chauffeur and executive travel service.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services, visit our website, or communicate with us. It applies to all individuals who interact with R5 Executive Travel, including clients, website visitors, and enquiry contacts.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information we collect

We may collect and process the following categories of personal data:

Personal details

  • Name
  • Email address
  • Phone number
  • Company name

Journey information

  • Pickup and drop-off locations
  • Dates and times of travel
  • Number of passengers
  • Special requirements or preferences

Payment information

  • Payment details are processed securely through third-party payment providers. We do not store full payment card details on our systems.

Communication records

  • Emails, phone calls, and other correspondence related to bookings and service enquiries

Website usage data

  • Cookies and similar tracking technologies
  • Analytics data including pages visited, time on site, and referral sources
  • Device and browser information

3. How we use your information

We use the personal data we collect for the following purposes:

  • To provide and manage chauffeur services — including arranging vehicles, coordinating journeys, and fulfilling booking requests
  • To communicate about bookings and service updates — including confirmations, changes, and journey-related correspondence
  • To process payments — through our secure third-party payment providers
  • To improve our services — by analysing how our website and services are used
  • To comply with legal obligations — including tax, regulatory, and record-keeping requirements
  • To send marketing communications — only where you have given your explicit consent to receive them

4. Legal basis for processing

Under the UK GDPR, we rely on the following legal bases to process your personal data:

  • Contract performance — processing necessary to fulfil your booking and deliver the services you have requested
  • Legitimate interests — processing necessary for our legitimate business interests, such as improving our services, maintaining business operations, and ensuring security
  • Consent — where you have opted in to receive marketing communications. You may withdraw consent at any time
  • Legal obligation — processing required to comply with tax, regulatory, and other legal requirements

5. Data sharing

We may share your personal data with the following categories of recipients:

  • Payment processors — to securely handle transaction processing
  • Chauffeurs — limited to the journey details necessary for service delivery (such as pickup location, time, and passenger name)
  • Legal authorities — where required by law, regulation, or legal process

We do not sell, rent, or trade your personal data to third parties for marketing or any other purposes.

6. Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

  • Booking records: 7 years (to meet legal and tax requirements)
  • Marketing consent records: until consent is withdrawn
  • Website analytics data: 26 months
  • Communication records: 3 years

After the applicable retention period, personal data is securely deleted or anonymised.

7. Your rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right of access — you can request a copy of the personal data we hold about you
  • Right to rectification — you can request correction of inaccurate or incomplete data
  • Right to erasure — you can request deletion of your personal data, subject to legal retention requirements
  • Right to object — you can object to processing based on legitimate interests or direct marketing
  • Right to data portability — you can request your data in a structured, commonly used, machine-readable format
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at info@r5executive.co.uk. We will respond to your request within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. Visit ico.org.uk for more information.

8. Cookies

Our website uses cookies and similar technologies to enhance your experience and help us understand how the site is used. The types of cookies we use include:

  • Essential cookies — required for core website functionality, such as navigation and security. These cannot be disabled.
  • Analytics cookies — we use Google Analytics to understand how visitors interact with our website. This data is aggregated and anonymised where possible.
  • Marketing cookies — with your consent, we may use cookies to measure the effectiveness of our advertising campaigns and deliver relevant content.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

8b. Advertising measurement (offline conversions)

To measure the effectiveness of our advertising on Google Ads, we share limited data about completed bookings with Google after the booking has happened. This is sent server‑to‑server (not via cookies) and includes:

  • The Google Click ID (gclid) that was captured when you arrived from a Google Ads search result, which Google uses to attribute the booking back to the original advertising click
  • The booking value and date, so Google's bidding can optimise toward the trips that generate revenue rather than just clicks
  • SHA‑256 hashed versions of your email address and phone number (one‑way mathematical fingerprints — the original details cannot be recovered from them) to improve match accuracy when the click identifier is not available

The original (unhashed) email address and phone number never leave our systems for measurement purposes. Our lawful basis is legitimate interest under Article 6(1)(f) UK GDPR, balanced against your rights because the personal identifiers are one‑way hashed before transmission.

You can object to this processing at any time by emailing info@r5executive.co.uk, and we will exclude your bookings from future advertising platform uploads.

8c. Customer Match and audience targeting

To deliver more relevant advertising and to help advertising platforms find new customers who resemble our existing client base, we may upload one‑way SHA‑256 hashed versions of customer contact details (email addresses and phone numbers, and where useful first name, last name, and country) to the following platforms: Google Ads, Microsoft Advertising, Meta (Facebook and Instagram), and LinkedIn. These platforms use the hashed identifiers to:

  • Re‑engagement targeting — show ads to existing customers about new services, seasonal promotions, or vehicle classes you may not have used before
  • New customer acquisition — help advertising platforms exclude existing customers from cold prospecting campaigns and find new audiences who share characteristics with our best clients (sometimes called "lookalike" or "similar" audiences)
  • Cross‑platform measurement — understand the contribution of each advertising channel to your booking journey

The original (unhashed) personal data is not transmitted — only the one‑way mathematical fingerprint, which the platform compares against its own hashed records of registered accounts. Where there is no match, the hash is discarded by the platform. We rely on legitimate interest under Article 6(1)(f) UK GDPR, balanced against your rights because (a) only one‑way hashes leave our systems, (b) the data is used solely for advertising relevance rather than profiling, automated decision‑making, or onward sharing, and (c) you can opt out at any time without affecting the service we provide you.

To opt out of inclusion in our advertising audience uploads — or to request removal of any hashed match a platform holds on our behalf — email info@r5executive.co.uk. We will remove your record from our next upload and request that the relevant platforms delete any existing hashed match.

9. Data security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Industry-standard security measures to prevent unauthorised access, disclosure, or loss
  • Encrypted data transmission (SSL/TLS) across our website and communications
  • Access controls to ensure only authorised staff can access personal data
  • Regular security reviews and assessments of our data handling practices

While we take all reasonable steps to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest practical standards.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or regulatory guidance. Any changes will be posted on this page with an updated "Last updated" date.

We encourage you to review this policy periodically. Continued use of our services or website after changes are posted constitutes acceptance of the updated policy.

11. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us: