This Privacy Policy explains how 2GO Dispatch ("we", "us", "our") collects, uses, stores, and shares personal data when you use the 2GO Dispatch driver mobile application (the "App") and any related services (together, the "Services").
Please read this policy carefully. By creating a driver account or using the App, you confirm that you have read and understood this policy.
1. Who We Are
2GO Dispatch is a food and takeaway delivery platform operating in Windsor, UK. We are the data controller responsible for your personal data processed through the App.
- Trading name: 2GO Dispatch
- Operating location: City of Windsor, Berkshire, United Kingdom
- Contact email: account@2g0.uk
As a UK-based data controller we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data We Collect
We only collect data that is necessary to operate the delivery service. The categories below describe what we collect, and when.
2.1 Account & Registration Data
When you sign up as a driver we collect:
- Full legal name
- Email address
- Mobile phone number
- Date of birth (to verify you are 18 or over)
- Residential address
- Profile photograph
- Password (stored as a one-way hash — we never see your plain-text password)
2.2 Identity & Right-to-Work Documents
To comply with our legal obligations and restaurant partner requirements we collect copies of:
- Government-issued photo ID (passport or driving licence)
- Right-to-work documentation (e.g. visa, settled status letter, birth certificate)
- Vehicle insurance certificate (moped, motorcycle, and car drivers only)
- Vehicle registration details (where applicable)
These documents are used for identity verification only and are stored in encrypted form. We use a third-party identity verification provider who is bound by equivalent data protection obligations.
2.3 Location Data
Location data is central to how the App works. We collect:
- Precise GPS location — while you are online and available to receive orders, and during active deliveries, so we can match you to nearby orders and give customers live delivery tracking.
- Background location — the App requests background location access on your device. This is used solely to keep order matching and live tracking accurate while the App is not in the foreground. We do not track your location when you are offline or logged out.
- Delivery route data — start point, waypoints, and end point of each completed delivery, retained for dispute resolution and earnings calculations.
You can revoke location permissions at any time in your device settings, but doing so will prevent you from going online to receive orders.
2.4 Financial & Payment Data
- Bank account details (sort code and account number) for earnings payouts
- Earnings history and individual delivery pay records
- Cash-out transaction records
- National Insurance number (required for UK tax compliance and self-employment records)
We use a regulated third-party payments processor. Full payment card details (if used for any in-app purchases) are handled entirely by that processor and are never stored on our servers.
2.5 Delivery & Order Data
- Orders offered to and accepted by you
- Pickup and drop-off addresses
- Delivery timestamps (offer received, pickup confirmed, delivered)
- Customer ratings and feedback left about your deliveries
- Photos taken as proof of delivery (where required)
- In-app messages between you and support or customers
2.6 Device & Technical Data
- Device model, operating system, and OS version
- Unique device identifiers
- App version
- IP address at time of login
- Push notification token (to send order alerts)
- Crash reports and diagnostic logs
2.7 Communications Data
- Support tickets, emails, and live chat messages you send us
- Call recordings if you contact our support team by phone (you will be notified at the start of the call)
3. How We Use Your Data
| Purpose | Data used |
|---|---|
| Create and manage your driver account | Account data, ID documents |
| Verify your identity and right to work in the UK | ID documents, date of birth |
| Match you to nearby delivery orders | Location data, vehicle type |
| Provide live tracking to customers during delivery | Location data (delivery period only) |
| Calculate, process, and pay your earnings | Delivery data, bank details, NI number |
| Resolve delivery disputes and customer complaints | Delivery data, route data, communications |
| Send order notifications and service communications | Push token, email, phone number |
| Provide driver support | Account data, delivery data, communications |
| Maintain safety and prevent fraud | Account data, device data, location, delivery records |
| Meet legal and regulatory obligations | All relevant categories as required by law |
| Improve the App and our algorithms | Anonymised/aggregated usage and route data |
| Send optional marketing (only with your consent) | Email address |
We will never sell your personal data to third parties for their own marketing purposes.
4. Legal Basis for Processing (UK GDPR)
We process your personal data under the following lawful bases:
- Contract (Article 6(1)(b)): Processing necessary to perform your driver contract with us — account management, order dispatch, earnings payments.
- Legal obligation (Article 6(1)(c)): Processing required by UK law — right-to-work checks, tax records, financial reporting.
- Legitimate interests (Article 6(1)(f)): Fraud prevention, App security, service improvement, dispute resolution — where our interests do not override your rights.
- Consent (Article 6(1)(a)): Marketing emails and optional analytics. You may withdraw consent at any time without affecting other processing.
For special category data (e.g. any health information you voluntarily disclose) we rely on Article 9(2)(b) (employment law obligations) or explicit consent.
5. Who We Share Your Data With
We share personal data only where necessary and with appropriate safeguards in place.
5.1 Restaurant & Takeaway Partners
When you accept a pickup order, the restaurant receives your first name and a masked phone number so they can hand over the order. They do not receive your full profile, ID documents, or financial data.
5.2 Customers
Customers see your first name, profile photo, vehicle type, and live location only during an active delivery. This data is no longer accessible to the customer once you mark the order as delivered.
5.3 Service Providers (Data Processors)
We use carefully selected third-party processors who act only on our instructions:
- Identity verification provider — for document checks during onboarding
- Payment processor — for earnings payouts to your bank account
- Cloud hosting provider — servers located in the UK/EEA
- Push notification service — to deliver order alerts to your device
- Crash analytics provider — anonymised diagnostic data to fix App bugs
- Customer support platform — for managing support tickets
All processors are bound by data processing agreements that meet UK GDPR requirements.
5.4 Legal & Regulatory Disclosure
We may disclose data to law enforcement, courts, or regulatory bodies (e.g. HMRC) where required by law or to protect the rights and safety of our drivers, customers, or the public.
5.5 Business Transfers
If 2GO Dispatch is acquired, merged, or transfers its business, your data may transfer to the new owner. You will be notified in advance of any such transfer and your UK GDPR rights will be maintained.
6. Location Data — Additional Information
Because location data is particularly sensitive, we want to be transparent about exactly how it works:
- When you are offline: We do not collect your location. Zero.
- When you go online (available for orders): We collect precise GPS to match you to nearby orders. This is the core function of the App.
- During an active delivery: We collect continuous GPS to show the customer live tracking and to record the route for earnings and dispute purposes.
- Background location permission: Required by both Android and iOS for the App to continue tracking during a delivery when you switch to another app (e.g. a maps app). We request this on first login and explain why in the App.
- Location history: Individual delivery routes are retained for 12 months for dispute resolution. Aggregated (non-identifiable) heatmap data may be retained longer for network planning.
On Android, background location access is labelled "Allow all the time" in your device settings. On iOS, it is labelled "Always". You grant this via a system permission prompt in the App.
7. How Long We Keep Your Data
| Data category | Retention period | Reason |
|---|---|---|
| Account data | Duration of account + 2 years after closure | Dispute resolution, re-activation |
| Identity / right-to-work documents | Duration of account + 2 years | Legal employment obligation |
| Financial / earnings records | 7 years from tax year end | HMRC requirement |
| Delivery & order records | 12 months | Disputes, earnings queries |
| Location (individual routes) | 12 months | Disputes, earnings queries |
| Support communications | 3 years | Dispute resolution |
| Device & technical logs | 90 days | Security and debugging |
| Marketing consent records | Until consent withdrawn + 1 year | Proof of consent |
When data reaches the end of its retention period it is securely deleted or anonymised. We review our retention schedules annually.
8. Your Rights Under UK GDPR
As a data subject in the UK you have the following rights. To exercise any of them, contact us at account@2g0.uk. We will respond within 30 days.
Right of Access (Article 15)
You may request a copy of all personal data we hold about you, free of charge. We will provide it in a portable, machine-readable format where possible.
Right to Rectification (Article 16)
If any data we hold about you is inaccurate or incomplete, you have the right to have it corrected. You can update most account details directly in the App.
Right to Erasure (Article 17)
You may request deletion of your personal data where we no longer need it for the purpose it was collected, you withdraw consent, or the processing is unlawful. Some data may be retained where we have a legal obligation to do so (e.g. financial records).
Right to Restrict Processing (Article 18)
You may ask us to pause processing of your data in certain circumstances — for example while you contest its accuracy.
Right to Data Portability (Article 20)
Where processing is based on your consent or a contract, you may request your data in a structured, commonly-used, machine-readable format.
Right to Object (Article 21)
You may object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your rights. You may also object to direct marketing at any time.
Rights Related to Automated Decision-Making (Article 22)
Our order-dispatch and driver-matching system uses automated algorithms. This does not constitute automated decision-making with legal or significant effects on you. You are always free to accept or decline any order offered.
Right to Withdraw Consent
Where we process data based on your consent (e.g. marketing), you may withdraw it at any time via the App's notification settings or by contacting us. Withdrawal does not affect processing already carried out.
Right to Lodge a Complaint
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
We would appreciate the opportunity to address your concerns directly before you contact the ICO, so please reach out to us first.
9. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures, including:
- TLS encryption for all data in transit between the App and our servers
- AES-256 encryption for data at rest, including identity documents
- One-way hashing for passwords (bcrypt)
- Role-based access controls — staff see only the data they need
- Regular security audits and penetration testing
- Automatic session expiry and device deauthorisation
- Multi-factor authentication for internal admin systems
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals without undue delay, in accordance with our obligations under UK GDPR Article 33.
10. Google Play & Apple App Store
The 2GO Dispatch App is distributed via the Google Play Store (Android) and the Apple App Store (iOS). Please be aware of the following:
Google Play (Android)
- Google may collect certain usage statistics when you download and use our App through Google Play. This data is governed by Google's Privacy Policy.
- Our App complies with the Google Play Developer Program Policy, including its requirements for apps that access precise and background location.
- We have submitted a Data Safety declaration on our Google Play listing accurately describing the data types collected, their purpose, and sharing practices.
Apple App Store (iOS)
- Apple may collect certain data when you download and use our App. This is governed by Apple's Privacy Policy.
- Our App complies with Apple's App Store Review Guidelines and Apple's requirements for apps using Location Services.
- We have completed an accurate App Privacy nutrition label on our App Store listing, disclosing all data types collected and linked to your identity.
- On iOS, you will see a system permission prompt explaining why the App requests "Always On" location access before it is granted.
Push Notifications
Both platforms use their own notification delivery infrastructure (FCM for Android, APNs for iOS) to deliver order alerts to your device. A device token is shared with these services solely for this purpose. You can disable push notifications in your device settings, but you will no longer receive order alerts.
11. Children's Privacy
The 2GO Dispatch driver App is strictly for individuals aged 18 and over. We do not knowingly collect data from anyone under 18. If we become aware that a person under 18 has registered, we will delete their account and data immediately. If you believe we have inadvertently collected data from a minor, please contact us at account@2g0.uk.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes:
- We will update the "Last updated" date at the top of this page.
- We will send a notification via the App and/or email at least 14 days before material changes take effect.
- Where required by law, we will ask for your renewed consent.
Continuing to use the App after changes take effect constitutes acceptance of the revised policy. We recommend reviewing this page periodically.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
2GO Dispatch — Data Privacy
- account@2g0.uk
- Windsor, Berkshire, United Kingdom
We aim to respond to all privacy enquiries within 30 calendar days in accordance with UK GDPR.