Privacy Policy
Version 2.0 · Effective 28 May 2026. UK GDPR + Data Protection Act 2018 compliant.
TL;DR — the 30-second read
Keepwright Limited (UK company 17244061) builds private, one-time-paid mobile utility apps. We collect almost nothing about you. This website sets no cookies, runs no analytics, and embeds no tracking scripts. Your trips, receipts and settings live on your phone, not on our servers — and there is no account, so nothing we hold could be linked to you anyway.
Three things do leave your device, and we would rather name them than pretend otherwise: (1) the coordinates of a drive go to our own map service so the route can be snapped to real roads and the start/end turned into an address — no identifier travels with them and the service keeps no access log (§3.4); (2) an anonymised crash report, if the app falls over and you haven't opted out; (3) your App Store / Play Store purchase receipt, which we see as "this device has a valid receipt", not your name or email.
You have a full set of rights under UK GDPR. Because we hold almost nothing, most rights resolve quickly. Reach us via the contact form (when live) — we respond within 30 days. If you’re not satisfied, you can complain to the UK Information Commissioner’s Office at ico.org.uk.
Who we are
| Controller name | Keepwright Limited |
|---|---|
| Country of incorporation | England and Wales |
| Companies House registration | 17244061 · Companies House public record (authoritative source for registered office, director and filings) |
| SIC codes | 58290 (Other software publishing) · 62012 (Business + domestic software development) |
| Director | Alpesh Patel |
| Privacy contact | Via the contact form (when live), or via written correspondence to the registered office on our Companies House public record above. The Director is the responsible person for data-protection enquiries (no separate DPO required at this scale per Article 37 UK GDPR). |
We are the data controller for the personal information described in this Policy. Where we use a supplier to process data on our behalf, we say so in §5 and we have an Article 28 data-processing agreement with each one.
What we collect, why, and on what lawful basis
One row per data category, with the lawful basis under UK GDPR Article 6 (and Article 9 where it applies).
3.1 This website (keepwright.co.uk)
| What we collect | Nothing client-side. No cookies set, no analytics scripts, no third-party tracking. Cloudflare (our host) receives minimal request-log data (IP address, user-agent, path) automatically as part of serving the page — we do not access or process those logs. |
|---|---|
| Why | To serve the static HTML and protect against attacks. |
| Lawful basis | Legitimate interest — Article 6(1)(f) — operating and securing our website. Minimal data, balance heavily in favour of processing. |
| Retention | Cloudflare's log retention applies (typically <30 days at edge). We do not extract or store these logs ourselves. |
3.2 If you contact us
| What we collect | If you submit our contact form (when it goes live) or write to the registered office: your name (if you give it), the address you use, and the contents of your enquiry. |
|---|---|
| Why | To reply to you. That's it. |
| Lawful basis | Legitimate interest — Article 6(1)(f) — responding to enquiries you initiate. |
| Where it goes | Microsoft 365 mailbox (UK / EU data residency). Not shared with marketing tools. Not added to any list. |
| Retention | No longer than necessary to resolve the enquiry; deleted on request. |
3.3 Inside the apps — what stays on your phone
| What it is | Whatever the app captures or stores by design (e.g. for Mileage Tracker: trips, routes, vehicle definitions, expense receipts, settings). All of it. |
|---|---|
| Why | So the app does what it says on the tin. |
| Lawful basis | Contract — Article 6(1)(b) — delivering the app you paid for. |
| Where it lives | On your phone. Your drives, routes, vehicles and settings sit in the app's private storage, protected by the operating system's app sandbox and your device's own encryption. Your VAT receipts and expenses are held in a separate database encrypted with AES-256: the 256-bit key is generated on your device the first time you run the app and kept in the platform keystore (iOS Keychain / Android Keystore). Keepwright never receives, holds, or can recover that key. Your drives and receipts are never uploaded to a Keepwright server. One thing does leave your phone, and we set it out plainly in 3.4. |
| Retention | For as long as the app is installed. Delete the app → the data goes with it. Or delete it inside the app's settings. |
3.4 Map and route services — what does leave your phone
| What it is | To draw your drive as a line that follows real roads, and to turn a start or end point into a street name and postcode, the app sends the coordinates of that drive to Keepwright's own map services (osrm.keepwright.cloud and geocode.keepwright.cloud). The map picture itself is fetched from OpenStreetMap's tile servers, which necessarily see your IP address and the area of the map you are viewing. |
|---|---|
| Why | An accurate route and a real address are the substance of a mileage record. A full road network cannot be shipped inside a phone app, so the road-matching happens on our server. |
| Lawful basis | Contract — Article 6(1)(b) — producing the accurate mileage record the app exists to produce. |
| What is not sent | No account, name, email or device identifier travels with it — there is no account system to attach one to. The coordinates arrive unlinked to any person. |
| Retention | Our map services are configured to keep no access log: the coordinates are matched and discarded. Nothing about your route is retained on a Keepwright server. OpenStreetMap's tile servers are governed by their own privacy policy. |
3.5 Cloud backup — we do not offer one
| What it is | There is no cloud backup. Keepwright does not copy your data to iCloud, to Google Drive, or anywhere else. Your data lives on your device and nowhere else. |
|---|---|
| What that means for you | If you delete the app, or lose the phone, the data goes with it. Use the app's export to keep your own copy of your records. |
3.6 Anonymised crash reports (Sentry — opt-out available)
| What we receive | If the app crashes, Sentry receives: stack trace, app version, OS version, device model. We do not receive: your email, name, location, IP (scrubbed), in-app data, or any identifier that links a crash to your identity. PII-scrubbing is enforced at the SDK initialisation layer per Decisions Registry DR-007 (Sentry-only SDK stance). |
|---|---|
| Why | So that when the app falls over we can fix it. App stability is a quality matter that benefits everyone using the app. |
| Lawful basis | Legitimate interest — Article 6(1)(f) — keeping the app stable for the people who rely on it. Minimal data, scrubbed of identifiers, balance in favour of processing. You can opt out in the app's Settings. |
| Where it goes | Sentry (US-based, SCCs + UK extension to EU–US Data Privacy Framework). |
| Retention | 90 days (Sentry default). |
3.7 Apple / Google purchase receipts
| What we see | When you buy an app or use a free trial, the App Store / Play Store tells the app whether the receipt is valid. We see "this device has a valid receipt for product X" — not your name, email, billing address, or card details. |
|---|---|
| Why | To know whether to unlock the paid features you bought. |
| Lawful basis | Contract — Article 6(1)(b) — performing the licence we sold you. |
| Where it goes | Receipt validation happens on-device, against Apple's / Google's servers, governed by their terms. We never see your payment details. |
| Retention | As long as the app is installed. |
3.8 What we do not collect (and have designed the system so we cannot)
- No account system. No "Sign in with Keepwright". No email, no name, no password.
- No card or bank data. Apple / Google handle all payment.
- No phone, address, photos, contacts. The apps don't request these permissions.
- No advertising identifier. No ad SDKs. No attribution SDKs (Adjust, AppsFlyer, etc.).
- No behaviour analytics. No Mixpanel, Amplitude, Firebase Analytics, PostHog, Heap.
- No cross-app linkage. Each Keepwright app is independent. They don't share data with each other.
Who we share information with
We do not sell your information. We do not share it with advertisers. We share what we have to share with the small set of suppliers below, each of whom has an Article 28 data-processing agreement with us.
| Supplier | What they do · safeguards | |
|---|---|---|
| Cloudflare | Hosts the keepwright.co.uk website (static files only, no user data). Global CDN edge nodes. Standard Contractual Clauses in Cloudflare's DPA. | |
| Microsoft 365 | Mailbox (if you write to us). UK / EU data residency. Microsoft enterprise DPA. | |
| Apple | App Store distribution, payment, and receipt validation. Apple's Article 28 framework as our processor + their own controller relationship with you on App Store terms. | |
| Play Store distribution, payment, and receipt validation. Google's Article 28 framework + their own controller relationship with you on Play Store terms. | ||
| Sentry | Anonymised crash reporting only (US-based). PII stripped at the SDK level. SCCs + UK extension to EU–US Data Privacy Framework. Opt-out available in app Settings. | |
Maps. We don’t use Apple or Google’s mapping services to draw your routes. Your trip data — routes, times and classifications — is stored only on your device. To show streets, the map view currently loads imagery from an open mapping source (OpenStreetMap) for the area on screen; your trip data is never sent with it. We’re working to render the map fully on your device so even that request goes away, and we’ll update this section as that ships.
If we add a new supplier we will update this Policy and the new "last updated" date before any data starts flowing to them.
International transfers
Keepwright Limited operates in the UK. Our M365 mailbox uses UK / EU data residency. Cloudflare routes globally for performance; the static HTML it serves contains no user data. Sentry is US-based; only anonymised crash data is transferred, under Standard Contractual Clauses and the UK extension to the EU–US Data Privacy Framework. Apple's and Google's transfers are governed by their own terms.
How long we keep things
| In-app data | Until you delete the app or clear app data. |
|---|---|
| Crash reports (Sentry) | 90 days. |
| Email correspondence | As long as needed to resolve the enquiry; deleted on request. |
| Records required by HMRC | Tax-related records we are legally required to keep: 7 years (Companies Act + HMRC rules). This is metadata about purchases — not your personal data within the app. |
We honour an erasure request within 30 days regardless of these retention periods, except where we are legally required to keep something (mainly HMRC tax records).
Your rights under UK GDPR
UK GDPR gives you a set of rights. We will respond to any of the following within 30 days, free of charge in almost all cases. Because we hold almost nothing on you, most rights are quickly resolved.
| Right to be informed (Art 12–14) | The right to know what we collect and why. This Policy meets that obligation. |
|---|---|
| Right of access (Art 15) | The right to ask for a copy of what we hold. Write to us at the registered office or via the contact form. |
| Right to rectification (Art 16) | The right to ask us to correct anything wrong. Since most of what concerns you lives on your phone, you usually correct it in the app. |
| Right to erasure (Art 17) | The right to ask us to delete what we hold. For in-app data: delete the app. For correspondence: write to us. |
| Right to restrict processing (Art 18) | The right to ask us to pause while a question is being looked at. |
| Right to data portability (Art 20) | The right to receive a copy of your data in a structured machine-readable form. Each app has a built-in "Export" function (CSV / PDF) for your in-app data. |
| Right to object (Art 21) | The right to object to processing based on legitimate interest. We will reconsider if asked. |
| Automated decision-making (Art 22) | We make no automated decisions about you. If a future feature ever did, we'd ask for separate consent and offer a human-review route. |
Withdrawing your consent does not affect anything we did with your information before you withdrew. It just stops us from doing anything new with it.
If you're not satisfied with our response, you can complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.
Children
Keepwright apps are not directed at children under 13 (or the equivalent age in your jurisdiction). We do not knowingly collect data from children. If you believe we hold information about a child under 13 that should not be there, write to us at the registered office and we will remove it.
Security
- TLS 1.3 for everything over the network.
- Encryption at rest. Your VAT receipts and expenses are stored in an AES-256 encrypted database. The 256-bit key is generated on your device and held in the platform keystore (iOS Keychain / Android Keystore) — Keepwright never receives or holds it. Everything else the app stores is protected by the OS app sandbox and your device encryption.
- No payment data ever touches our infrastructure — Apple / Google handle all of it.
- No central user database exists to be breached — there is no account system to attack.
- Route matching is server-side, and logged nowhere. Drive coordinates are sent to our own map services over TLS to snap the route to real roads and resolve addresses; the endpoints keep no access log and nothing about your route is retained. See 3.4.
- Sentry PII-stripping enforced at the SDK initialisation layer so crash reports do not carry your data.
- Secrets held in environment variables only, never in the client app or public repositories.
No system is invulnerable. If anything happens that we believe puts your rights and freedoms at meaningful risk, we will tell you and notify the ICO within 72 hours per Article 33–34.
Changes to this Policy
We update this Policy when something changes — a new processor, a new app feature, a change in how we handle something. When we do, the version number at the top increments and the effective date moves forward. Material changes are also announced inside the apps on next launch.
Version history · v1.0 (26 May 2026, launch) · v2.0 (28 May 2026, current) — restructured around the UK-GDPR table pattern: explicit Article 6/9 lawful basis per data category; Article 28 processor table; retention table; full UK-GDPR rights table; cookies + breach-notification sections added.