ALLTAP — PRIVACY POLICY
Effective Date: 26 October 2025
Controller: Info Tech Soft Limited
41 Putney High Street, London, SW15 1SP, United Kingdom
Email: privacy@alltap.co.uk
AllTap operates multi-service applications in the United Kingdom, including food delivery, parcel services, local merchants and rider workforce services. This Privacy Policy applies to:
• AllTap Customer App & Website
• AllTapMate Rider/Driver App
• AllTapBiz Merchant App
• TaskOnTap service modules
By using AllTap, you agree to this Privacy Policy.
AllTap services are only for users aged 18 or older.
If data is collected from someone under 18, we will delete it.
• Name, phone number, email
• Delivery addresses, notes and order history
• Support messages
Payment cards
Payments are processed securely by Stripe.
AllTap does not store or access full card numbers.
Stripe may act as an independent data controller under its own privacy policy when processing card payments.
We only receive limited payment metadata (transaction reference/status).
Identity & Work Eligibility
• Full name, contact details, date of birth
• Selfie image (camera required)
• Government ID (passport, driving licence, BRP)
• Right-to-Work verification data
• DBS status (pass/fail, reference number and expiry, where required)
Insurance (Verification Only)
• Vehicle insurance certificate and expiry
Used only to verify eligibility
Not shared with insurers
No insurance claims processing
Operational & Safety Data
• Proof-of-pickup and proof-of-delivery photos
• Rider GPS only while active
• Vehicle details (VRM, MOT expiry)
• Ratings and safety/compliance information
Bank Details (Direct Bank Transfer)
• Sort code, account number and account holder name
Used only to pay rider earnings
Not shared except with our bank/payment service to process payouts
Business Verification
• Business/trading name, company number, VAT
• Business address and contact details
• Owner/manager identification and authority proof
Insurance (Verification Only)
• Public/business liability certificate
Used only to verify compliance
No claims handling
Payout Bank Details
• Business bank account details
Used only for settlement of earnings
Operational Data
• Listings, pricing, support interactions
• Optional store/product photos
• Selfies for identity verification
• Identity and insurance documents (verification only)
• Delivery proof photos
• Optional business images
We do not request broad access to device media.
We only receive the specific file you select or capture.
All documents and images are encrypted and access is restricted.
• Rider location during delivery shifts
• Customer approximate location (optional for browsing)
• Device identifiers, diagnostics and crash logs
• Usage analytics for service improvement
Not used for advertising or cross-app tracking.
• Create and manage accounts
• Verify eligibility (Right-to-Work, DBS, insurance verification only)
• Assign and complete deliveries
• Confirm fulfilment with delivery proof photos
• Send payouts to riders and merchants via bank transfer
• Safety, fraud prevention and dispute resolution
• Customer support and service quality
• Compliance with UK legal obligations
We do not sell personal data.
We do not use compliance documents for marketing.
We do not process insurance claims or share insurance documents with insurers.
Purpose — Legal Basis
• Account management, delivery and payouts — Contract
• Right-to-Work, DBS, insurance verification — Legal Obligation & Legitimate Interests
• Safety and fraud prevention — Legitimate Interests
• Marketing (if used) — Consent
We only share data when necessary:
Who — Why
• Bank/payment service provider — Direct payout execution
• Stripe (card payments) — Secure card processing (controller)
• Hosting, routing and messaging providers — To operate the apps
• Law enforcement — When legally required
We do not share identity, DBS or insurance documents with advertisers or insurers.
We do not sell personal data.
Personal data is stored primarily in the United Kingdom.
Our core servers and databases are located in London.
If limited international transfers are required (e.g. secure backups),
we apply UK-approved safeguards such as the International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs).
• Encryption in transit and at rest
• Role-based access and audit logging
• Restricted access to compliance documents
• Secure payout and identity document systems
Data — Retention
• Identity, Right-to-Work, DBS, insurance verification — Active account + legal compliance period
• Delivery proof photos — Short dispute period only
• Payout bank details — While account is active and required
• Orders and invoices — Required under UK legislation
• Support and safety records — As required to fulfil legal obligations
Data is deleted or anonymised once it is no longer required.
You may request:
• Access to your personal data
• Correction of inaccuracies
• Deletion where legally permitted
• Restriction or objection to processing where applicable
• Portability for data you have provided
• Withdrawal of consent for marketing communications
To exercise your rights, contact privacy@alltap.co.uk.
You may lodge a complaint with the UK Information Commissioner’s Office (ICO).
We use cookies for functionality, security and performance.
You can manage cookie settings in your browser.
• Camera — Selfie + delivery proof photos only
• Photos/Files — Only the file you select (system picker)
• Location — Rider routing and fulfilment proof (only while active)
• Financial Data — Bank details only for payout processing
• Card Payments — Handled only by Stripe
Marketing messages are only sent with your consent.
You can unsubscribe at any time by contacting us.
We may update this Policy and will notify users of significant changes.
Last Updated: 26 October 2025
Info Tech Soft Limited
41 Putney High Street, London, SW15 1SP, United Kingdom
Email: privacy@alltap.co.uk
