Find a garage near you…
fixaroo
Find a garage near you

Privacy Policy

Last updated 26 March 2026

1. Who We Are

Fixaroo is operated by Ampleflow Ltd, a company registered in England and Wales. We operate the Fixaroo marketplace at fixaroo.co, connecting car owners with automotive service providers across the UK.

For the purposes of UK GDPR and the Data Protection Act 2018, Ampleflow Ltd is the data controller for personal data collected through Fixaroo. You can contact us at [email protected].

2. What Personal Data We Collect

From customers (car owners):

  • Name, email address, phone number, and password when you create an account
  • Vehicle registration number and vehicle details
  • Booking details including service requested, date, time, and garage chosen
  • Payment information processed securely via Stripe (we do not store card numbers)
  • Communications you send us or that arise from a booking

From garage partners:

  • Business name, address, contact email, and phone number
  • Owner and staff names and email addresses
  • Bank account details for Stripe payouts
  • Business registration or VAT information where provided

Automatically collected data:

  • IP address, browser type, and device information
  • Pages visited, search queries, and time spent on pages
  • Referral source and approximate location based on IP
  • Cookies and similar tracking technologies (see our Cookie Policy)

3. How We Use Your Data

We process your personal data for the following purposes and on the following lawful bases:

  • To provide the Fixaroo service (contract performance) — creating your account, facilitating bookings, processing payments, and communicating booking confirmations and reminders.
  • To operate the partner portal (contract performance) — giving garage partners access to their dashboard, bookings, and business management tools.
  • To send transactional communications (contract performance and legitimate interests) — booking confirmations, receipts, appointment reminders, and service updates.
  • To improve the platform (legitimate interests) — analysing usage patterns, fixing bugs, and developing new features.
  • To comply with legal obligations (legal obligation) — fraud prevention, tax record keeping, and responding to lawful requests from authorities.
  • Marketing (consent or legitimate interests) — sending relevant offers and updates. You can opt out at any time.

4. Who We Share Your Data With

We do not sell your personal data. We share it only in the following circumstances:

  • With garage partners — when you make a booking, the relevant garage receives your name, contact details, vehicle information, and booking details to fulfil the service.
  • Stripe — our payment processor. Stripe processes card payments and handles payouts to garages. Stripe is subject to its own privacy policy and is PCI-DSS certified.
  • Service providers — we use third-party providers for hosting (AWS), email delivery, analytics, and customer support, all under data processing agreements.
  • Legal requirements — we may disclose data if required by law, court order, or to protect our rights and the safety of our users.

5. International Transfers

Some of our service providers (including AWS and Stripe) may process data outside the UK or EEA. Where this occurs, we ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements or Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO).

6. How Long We Keep Your Data

  • Account data — retained for as long as your account is active. If you delete your account, we remove your personal data within 30 days, subject to legal retention obligations.
  • Booking and payment records — retained for 7 years to comply with HMRC requirements.
  • Marketing opt-out records — retained indefinitely to honour your preference.
  • Server logs — retained for up to 12 months for security and debugging purposes.

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure — ask us to delete your personal data in certain circumstances.
  • Right to restrict processing — ask us to limit how we use your data in certain circumstances.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on legitimate interests or for direct marketing.
  • Rights related to automated decision-making — we do not make solely automated decisions that significantly affect you.

To exercise any of these rights, email us at [email protected]. We will respond within one month. If you are unhappy with our response, you have the right to complain to the Information Commissioner's Office at ico.org.uk.

8. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted connections (HTTPS/TLS), hashed passwords, access controls, and regular security reviews. No system is completely secure, and we cannot guarantee absolute security.

9. Children

Fixaroo is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by displaying a prominent notice on the platform. The "last updated" date at the top reflects the most recent revision.

11. Contact Us

For any privacy-related questions or to exercise your rights, contact our data protection team at [email protected]. We aim to respond within 5 working days.