SkipLog

← Back to SkipLog

PRIVACY POLICY

Last updated May 18, 2026

This Privacy Notice for Mathew Allen (doing business as SkipLog) (‘we’, ‘us’, or ‘our’), describes how and why we might access, collect, store, use, and/or share (‘process’) your personal information when you use our services (‘Services’), including when you:
  • Visit our website at http://www.skiplog.co.uk or any website of ours that links to this Privacy Notice
  • Use Digital Waste Transfer Notes. SkipLog is a cloud-based compliance platform for the UK waste industry. It enables licensed waste carriers to create digital Waste Transfer Notes (WTNs) at the point of collection, generate QR codes for gate-side handover, and automatically submit pre-notifications to the Environment Agency’s Digital Waste Tracking Service (DWTS). Licensed waste receivers can confirm receipts, record actual weights, and maintain a 2-year compliant vault of all incoming movements. SkipLog is designed to meet the mandatory digital reporting requirements coming into force for receivers in October 2026 and carriers in October 2027.
  • Engage with us in other related ways, including any marketing or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@skiplog.co.uk.

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice. You can find more details by using our table of contents below.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us. Learn more about personal information you disclose to us.

Do we process any sensitive personal information? We do not process sensitive personal information.

Do we collect any information from third parties? We do not collect any information from third parties.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. Learn more about how we process your information.

How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. Learn more about how we keep your information safe.

How do you exercise your rights? The easiest way is by emailing privacy@skiplog.co.uk. We will consider and act upon any request in accordance with applicable data protection laws.

TABLE OF CONTENTS


1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information we collect may include:
  • names
  • email addresses
  • vehicle registration
  • collection address and destination site
  • EWC (European Waste Classification) codes
  • company name and waste carrier licence number (CBDU number)
  • site address and postcode
  • actual weight confirmed at receipt
  • disposal or recovery method (D&R code)
  • weighbridge ticket reference (optional)
  • IP address and basic usage data (via Sentry error monitoring)
  • billing information (name, address — card details handled entirely by Stripe, we never see them)
Sensitive Information. We do not process sensitive information.

Payment Data. We may collect data necessary to process your payment. All payment data is handled and stored by Stripe. You may find their privacy notice here: https://stripe.com/gb/privacy.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.

We process your personal information for a variety of reasons, including:
  • To facilitate account creation and authentication. We may process your information so you can create and log in to your account.
  • To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
  • To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues.
  • To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
  • To fulfil and manage your orders. We may process your information to fulfil and manage your orders, payments, returns, and exchanges made through the Services.
  • To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
  • To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.
  • To save or protect an individual’s vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
  • To submit waste movement records to the Environment Agency’s Digital Waste Tracking Service (DWTS) as required by law.
  • To generate and store Waste Transfer Notes for the mandatory 2-year retention period.
  • To maintain an accurate audit trail of waste transfer events. In order to ensure regulatory compliance with Environment Agency requirements and provide users with evidence of lawful waste disposal if requested by enforcement authorities.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.

The GDPR and UK GDPR require us to explain the valid legal bases we rely on. We may rely on the following:
  • Consent. We may process your information if you have given us permission for a specific purpose. You can withdraw your consent at any time.
  • Performance of a Contract. We may process your personal information when necessary to fulfil our contractual obligations to you.
  • Legitimate Interests. We may process your information when reasonably necessary to achieve our legitimate business interests, including: analysing how our Services are used to improve them; diagnosing problems and preventing fraudulent activities.
  • Legal Obligations. We may process your information where necessary for compliance with our legal obligations, such as cooperating with a law enforcement body or regulatory agency.
  • Vital Interests. We may process your information where necessary to protect your vital interests or the vital interests of a third party.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations and with the following third parties.

The third parties we may share personal information with are as follows:
  • Communicate and Chat with Users — Resend
  • Functionality and Infrastructure Optimisation — Vercel and Supabase
  • Invoice and Billing — Stripe
  • Website Performance Monitoring — Sentry
  • Department for Environment, Food & Rural Affairs (Defra) — DWTS API

We also may need to share your personal information in the following situations:
  • Business Transfers. We may share or transfer your information in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business.

5. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. Please be aware that your information may be transferred to, stored by, and processed by us and our third parties in the United States and other countries.

We have implemented measures to protect your personal information, including by using the European Commission’s Standard Contractual Clauses. Our Data Processing Agreements are available here: https://vercel.com/legal/dpa  https://supabase.com/legal/dpa  https://sentry.io/legal/dpa

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice. No purpose in this notice will require us keeping your personal information for longer than twenty four (24) months past the termination of the user’s account.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. You should only access the Services within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age. By using the Services, you represent that you are at least 18. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@skiplog.co.uk.

9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: In some regions, such as the EEA, UK, and Switzerland, you have rights that allow you greater access to and control over your personal information.

In some regions (like the EEA, UK, and Switzerland), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us at HOW CAN YOU CONTACT US ABOUT THIS NOTICE? below.

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to the UK data protection authority.

Withdrawing your consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us at HOW CAN YOU CONTACT US ABOUT THIS NOTICE? below.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can log in to your account settings and update your user account.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

If you have questions or comments about your privacy rights, you may email us at privacy@skiplog.co.uk.

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems include a Do-Not-Track (‘DNT’) feature. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.

11. STATUTORY RETENTION OF WASTE TRANSFER RECORDS

Waste Transfer Notes (WTNs) and associated transfer records are subject to mandatory retention requirements under the UK Environmental Protection Act and the Digital Waste Tracking Service (DWTS) regulations. These records cannot be deleted upon request and will be retained for a minimum of 24 months from the date of transfer, regardless of account status. This retention obligation takes precedence over any right to erasure under UK GDPR for this category of data.

12. REGULATORY DISCLOSURE TO ENVIRONMENT AGENCY

As part of providing the SkipLog service, waste movement records are transmitted to the UK Environment Agency’s Digital Waste Tracking Service (DWTS) via the Defra API. This disclosure is a legal requirement under UK environmental regulations. Once submitted to Defra, these records are held by the Environment Agency under their own data retention and privacy policies. SkipLog has no control over data held by the Environment Agency following submission.

13. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated ‘Revised’ date at the top of this Privacy Notice. If we make material changes, we may notify you either by prominently posting a notice or by directly sending you a notification. We encourage you to review this Privacy Notice frequently.

14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at privacy@skiplog.co.uk or contact us by post at:

Mathew Allen
United Kingdom

15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please visit: privacy@skiplog.co.uk.

This Privacy Policy was created using Termly’s Privacy Policy Generator.