Privacy Policy

1. Who we are

AAsset Protect & Retrieve ("we", "us", "our") is a trading division of Northwest Car Group, based at Kirkham, Lancashire. We are the data controller for personal data you provide to us through this website, our customer portal, our reseller portal and any tracker monitoring services you take out.

If you have a question about your data you can contact us at info@aasset-protect.northwestcar.group or by phone on 07908 008668.

2. What we collect

We collect the following categories of personal data:

• Identity & contact data: name, email, phone, postal address.
• Vehicle data: registration, make, model, VIN, colour, mileage at fitting.
• Tracking data: GPS coordinates, journey history, ignition events, tow alerts, geofence breaches and similar telemetry produced by your installed device.
• Account data: login credentials (passwords stored as bcrypt hashes), portal preferences, authentication logs.
• Payment data: billing address, last four digits of card, transaction references. Full card numbers are processed by our payment providers (Stripe and PayPal) and are never stored on our servers.
• Technical data: IP address, browser, device, pages visited, referring URL.

3. How we use it

We process your data to:

• Provide and operate the tracker monitoring service you've paid for.
• Recover stolen vehicles and liaise with police on your behalf.
• Take payments, issue invoices and chase overdue balances.
• Send service notifications, monitoring alerts and renewal reminders.
• Calculate and pay reseller commission where applicable.
• Improve our website and service quality.
• Comply with our legal obligations and protect against fraud.

4. Legal basis

We rely on the following lawful bases under UK GDPR: contract (to deliver the tracking and recovery service you've purchased), legitimate interests (running and securing our business, recovering stolen vehicles, preventing fraud), legal obligation (tax, accounting, anti-money-laundering, lawful police requests) and, where required, consent (for example, optional marketing emails).

5. Sharing your data

We share data only where it is necessary to deliver the service or where we are legally required to. This includes:

• Our 24/7 control room and recovery agents.
• Police forces and lawful authorities investigating vehicle theft.
• Payment providers (Stripe, PayPal) and our bank for transaction processing and reconciliation.
• Our hosting, email and SMS providers acting under contract.
• Our resellers, where they introduced you to us and require basic account-status data to manage their referral.
• Our accountants, auditors and legal advisors.

We do not sell your personal data to third parties under any circumstances.

6. How long we keep it

We keep account and contract data for the duration of your monitoring service plus 6 years after termination, in line with UK accounting requirements. Tracking telemetry is retained for 12 months unless held longer for an active recovery investigation. Marketing preferences are retained until you withdraw consent.

7. Your rights

Under UK GDPR you have the right to: access your data, correct it, request erasure, object to processing, request restriction, request portability, and withdraw consent. To exercise any of these rights email info@aasset-protect.northwestcar.group. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Security

We protect your data with TLS encryption in transit, bcrypt password hashing, segregated production databases, role-based admin access, and audit logging. Payment card data is handled by PCI-DSS compliant processors and never reaches our servers in raw form.

9. International transfers

Our hosting and most processors are based in the UK or EU. Where data is transferred outside the UK, it is protected by adequacy regulations or Standard Contractual Clauses.

10. Cookies

We use a small number of essential cookies to keep you logged into the customer and reseller portals, and basic analytics cookies to understand how the site is used. See our Cookie Policy for full details.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top of this page will reflect any changes. Material changes will be notified to active customers by email.