Camel Global Ltd logo

Legal

Privacy Policy

Effective: 1 April 2026

This policy explains what personal data Camel Global Ltd collects, why we collect it, how we use it, and what your rights are. We've written it in plain English — if anything isn't clear, use our contact form.

1. Who we are

Camel Global Ltd is the operator of the Camel Global platform. We're registered in England & Wales (company number XXXXXXXX) with a registered address at 123 Placeholder Street, London, EC1A 1BB, United Kingdom.

For the purposes of UK and EU data protection law, we are the data controller for the personal data described in this policy.

2. What data we collect

Customers

When you create an account or make a booking we collect:

  • Your name and email address
  • Pickup and drop-off locations (including GPS coordinates where you provide them)
  • Booking details — dates, car type, duration
  • Fuel usage recorded at delivery and collection
  • Any reviews you submit
  • Technical data — IP address, browser type, pages visited (via cookies — see our Cookie Policy)

Partners (car hire companies)

When you apply as a partner we collect:

  • Business name, legal company name, and registration number
  • VAT / NIF number
  • Fleet base address and GPS coordinates
  • Contact email address
  • Driver names and contact details you add to your account
  • Fleet vehicle details
  • Booking and financial data related to your account

Drivers

Driver accounts are created by partners. We collect the name and login email you're given, along with job confirmation records linked to the bookings you complete.

3. Why we collect it

We use your data to:

  • Process and manage your bookings
  • Match customer requests with nearby partners
  • Send booking confirmations and status updates by email
  • Calculate fuel charges and partner payouts
  • Display reviews and ratings on partner profiles
  • Improve and maintain the platform
  • Comply with our legal obligations (e.g. financial record-keeping)

Our legal basis is primarily contract performance (we need your data to deliver the service you signed up for) and legitimate interests (maintaining and improving the platform). Where we rely on your consent (e.g. analytics cookies), you can withdraw it at any time.

4. Who we share your data with

We don't sell your data. We share it only where necessary to run the service:

  • Partners — when you accept a bid, the partner receives your pickup/drop-off location and booking details to fulfil the hire
  • Supabase — our database and authentication provider (data stored in the EU)
  • Resend — transactional email delivery
  • Google Maps — location search and mapping (subject to Google's privacy policy)
  • Stripe — payment processing (when integrated)
  • Vercel — hosting and infrastructure
  • Google Analytics — aggregate site usage analytics (only if you accept analytics cookies)

5. How long we keep your data

We keep your account and booking data for as long as your account is active and for a reasonable period afterwards to comply with legal and financial obligations (typically 7 years for financial records).

If you delete your account, we immediately remove your ability to log in and flag your profile as deleted. Your booking and financial records are retained for the period required by law, then deleted.

6. Your rights

Under UK GDPR you have the right to:

  • Access — request a copy of the data we hold about you
  • Correction — ask us to fix inaccurate data
  • Erasure — ask us to delete your data (subject to legal retention obligations)
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interests
  • Withdrawal of consent — withdraw cookie consent at any time via the banner

To exercise any of these rights, use our contact form. We'll respond within 30 days. You also have the right to complain to the ICO (ico.org.uk) if you believe we've mishandled your data.

7. Cookies

We use cookies for essential site functionality and, with your consent, for analytics. See our Cookie Policy for full details.

8. Security

We use industry-standard security measures including encrypted connections (HTTPS), row-level database security, rate limiting on all authentication endpoints, and CAPTCHA on all sign-in and sign-up forms. No system is completely immune to attack, but we take reasonable precautions to protect your data.

9. Changes to this policy

We may update this policy from time to time. When we do, we'll update the effective date at the top. If changes are significant, we'll notify you by email.

10. Contact

Questions? Use our contact form.