Privacy & Cookie Policy
Privacy & Cookie Policy
Last updated: 13 June 2026. This version supersedes all previous versions.1. Introduction and Data Controller
This Privacy & Cookie Policy explains how HYPERWAY LOGISTICS LTD ("we", "us", "our") collects, uses, stores and protects personal data in accordance with the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).
For the purposes of the UK GDPR and the Data Protection Act 2018, HYPERWAY LOGISTICS LTD is the data controller in relation to personal data processed under this Policy.
Data Controller Details:
HYPERWAY LOGISTICS LTD
Company No. 16426334
VAT Registration No. GB498268035
Registered Office: 86-90 Paul Street, 3rd Floor, London, England, EC2A 4NE
Email: admin@hyperway.co.uk
ICO Registration No. ZC002604
2. Types of Personal Data We Collect
We may collect and process the following categories of personal data:
- Identification data (e.g. first name, last name, company name).
- Contact details (e.g. email address, phone number, billing and delivery address).
- Account data (if you create an account: username, login data, preferences).
- Logistics information (e.g. shipment details, pick-up and delivery locations, contact persons).
- Technical data (e.g. IP address, browser type, device information, pages visited, access times).
- Communication data (content of messages sent via contact forms, email, chat, or phone notes).
- Billing and payment data (e.g. invoicing details and payment information processed via payment providers).
- Verification data (e.g. PIN and QR code authentication records, GPS data, delivery timestamps and photographic evidence).
3. How We Collect Your Data
We collect personal data in different ways, including:
- When you fill in forms on our Website (contact, quote, registration forms, etc.).
- When you contact us by email, phone, or other channels.
- When we provide logistics and related services to you or your company.
- Automatically, through cookies and similar technologies when you browse our Website (see section 15 onwards).
- Through operational systems including GPS tracking, PIN/QR verification and delivery confirmation records generated during service provision.
4. Purposes and Legal Bases of Processing
We process your personal data for the following purposes and on the following legal bases, in accordance with the UK GDPR:
4.1 Service Provision and Contract Performance
To manage your requests, provide quotations, organise and execute shipments, manage accounts, and deliver our logistics services.
Legal basis: performance of a contract or steps prior to entering into a contract (Article 6(1)(b) UK GDPR).
4.2 Legal Obligations
To comply with legal, regulatory, accounting, and tax obligations (e.g. invoicing and record-keeping).
Legal basis: compliance with a legal obligation (Article 6(1)(c) UK GDPR).
4.3 Legitimate Interests
To improve our services, prevent fraud or misuse of the Website, ensure network and information security, and manage our business relationships.
Legal basis: legitimate interests (Article 6(1)(f) UK GDPR), provided such interests are not overridden by your rights and freedoms.
4.4 Marketing Communications
For existing customers, we may send service-related updates and relevant offers by email on the basis of our legitimate interests (soft opt-in under PECR), provided you have not opted out.
For new contacts, or where required by PECR, we will only send marketing communications with your prior explicit consent.
Legal basis: consent (Article 6(1)(a) UK GDPR) and/or legitimate interests (Article 6(1)(f) UK GDPR) as applicable under PECR.
You may withdraw consent or opt out at any time by clicking the unsubscribe link in any marketing email or by contacting us at admin@hyperway.co.uk.
5. How We Share Your Data
We may share your personal data with:
- Service providers and contractors (e.g. IT providers, hosting providers, payment processors, analytics tools including Google Analytics) acting as processors on our behalf under appropriate data processing agreements.
- Logistics partners and carriers involved in execution of shipments and related services.
- Professional advisers (e.g. lawyers, accountants, auditors) where necessary.
- Public authorities when required by law, court order, or regulatory obligation.
- Fraud prevention agencies and payment providers where reasonably necessary to prevent or investigate fraud or misuse.
- Business successors in case of mergers, acquisitions, or transfers of business assets, subject to appropriate safeguards.
We do not sell your personal data to any third party.
6. International Data Transfers
Your personal data may be transferred to countries outside the United Kingdom, for example where our service providers (including Google Analytics) are located or process data outside the UK.
Where such transfers occur, we ensure that appropriate safeguards are in place, including:
- UK adequacy regulations (where the destination country has been recognised as providing adequate protection); and/or
- UK International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses (SCCs) approved under UK GDPR; and/or
- other lawful transfer mechanisms as permitted under UK GDPR and the Data Protection Act 2018.
7. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected and in accordance with applicable laws. After the relevant retention period, we will securely delete or anonymise the data unless further retention is required by law.
| Category of Data | Retention Period | Reason |
|---|---|---|
| Customer and transaction records | 6 years from date of transaction | Limitation Act 1980; tax and accounting obligations |
| Delivery and operational records (GPS, PIN/QR, timestamps, photos) | 6 years from date of delivery | Operational verification, dispute resolution, chargeback defence and legal proceedings under the Limitation Act 1980 |
| Fraud prevention and security records | Up to 6 years | Legal protection, fraud prevention |
| Marketing consent records | Until consent withdrawn, plus 12 months | Demonstrating lawful processing under PECR |
| Cookie consent logs (Cookiebot) | 12 months | Demonstrating lawful cookie consent under PECR |
| Communication records (email, phone notes) | 3 years from last contact | Business relationship management, dispute resolution |
| Accounting and invoicing records | 6 years | HMRC and statutory accounting requirements |
Records may be retained for longer where required for active legal proceedings, regulatory compliance, chargeback defence or ongoing dispute resolution.
8. Your Rights
Under UK GDPR you have the following rights in relation to your personal data:
- Right of access — to obtain a copy of the personal data we hold about you.
- Right to rectification — to request correction of inaccurate or incomplete data.
- Right to erasure — to request deletion of your personal data in certain circumstances.
- Right to restriction — to request that we restrict processing of your data in certain circumstances.
- Right to data portability — to receive your data in a structured, commonly used format where technically feasible.
- Right to object — including to direct marketing and processing based on legitimate interests.
- Right to withdraw consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of your rights, please contact us at admin@hyperway.co.uk. We may need to verify your identity before responding.
We will respond to your request within one month of receipt. In complex cases we may extend this by a further two months and will notify you within the initial one-month period.
9. Automated Decision Making and Profiling
We do not make decisions based solely on automated processing that produce significant legal or similarly significant effects concerning you.
Where we use automated tools for fraud detection or risk assessment, these support human decision-making and do not replace it. A human review is available upon request by contacting admin@hyperway.co.uk.
10. Fraud Prevention, Risk Assessment and Legal Protection
We may process personal data for fraud prevention, misuse detection, risk assessment, and protection of our operations, platform integrity and clients. This may include monitoring account activity, shipment data, delivery confirmations (including PIN/QR verification), IP addresses and transactional behaviour patterns.
Where required, we may share relevant information with payment providers, fraud prevention agencies, professional advisers and competent law enforcement authorities.
Legal basis: legitimate interests (Article 6(1)(f) UK GDPR). We may also retain limited personal data where necessary for the establishment, exercise or defence of legal claims.
11. Data Security
We apply appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration or disclosure. Access to operational systems and shipment-related data is restricted to authorised personnel only.
No internet transmission or electronic storage system can be guaranteed as 100% secure. If you believe your interaction with us is no longer secure, please notify us immediately at admin@hyperway.co.uk.
12. Children's Data
Our services are not directed to children under the age of 16 and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at admin@hyperway.co.uk and we will delete it promptly.
13. Complaints
If you have concerns about how we process your personal data, please contact us first at admin@hyperway.co.uk so we can try to resolve the matter.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: https://ico.org.uk/make-a-complaint/
- Helpline: 0303 123 1113
- Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
14. Changes to This Policy
We may update this Privacy & Cookie Policy from time to time. The latest version will always be published on this page with an updated "Last updated" date. Where changes are material, we will take reasonable steps to notify you.
15. Cookie Policy – Introduction
This section explains how we use cookies and similar technologies on our Website in accordance with PECR and UK GDPR. Our cookie consent is managed through Cookiebot, which allows you to control your preferences at any time.
16. What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help ensure proper functionality, security and performance, and (where permitted) enable analytics and marketing.
17. Categories of Cookies We Use
17.1 Strictly Necessary Cookies
These cookies are essential for the operation of our website and business portal. They enable core functionality such as secure login, session management, fraud prevention, shipment tracking and PIN/QR verification. These cookies cannot be disabled.
17.2 Performance & Analytics Cookies
These cookies help us understand how visitors use our website through tools such as Google Analytics (GA4). They collect anonymised or pseudonymised information about traffic and page views.
These cookies are only activated after you provide consent.
17.3 Marketing & Advertising Cookies
These cookies may be used to deliver relevant advertising and measure marketing effectiveness.
These cookies are only activated after you provide explicit consent.
18. Cookie Table
The following cookies may be set on our Website:
| Cookie Name | Provider | Category | Purpose | Duration |
|---|---|---|---|---|
| CookieConsent | Cookiebot | Strictly Necessary | Stores the user's cookie consent preferences | 1 year |
| _ga | Google Analytics | Analytics | Registers a unique ID to generate statistical data on website usage | 2 years |
| _ga_[ID] | Google Analytics GA4 | Analytics | Used by Google Analytics GA4 to persist session state | 2 years |
| _gid | Google Analytics | Analytics | Registers a unique ID to generate statistical data on website usage | 24 hours |
| _gat | Google Analytics | Analytics | Used to throttle request rate to Google Analytics | 1 minute |
The most current and complete list of cookies is always available through our Cookiebot consent panel, accessible via the cookie settings link on our Website.
19. Cookie Consent Banner & Choices
When you first visit our Website, you are presented with a cookie consent banner managed by Cookiebot, allowing you to:
- Accept all cookies
- Reject non-essential cookies
- Manage preferences (choose individual categories)
Non-essential cookies will not be set unless you provide consent. Your preferences are recorded and stored by Cookiebot.
20. Managing or Withdrawing Consent
You can change or withdraw your cookie consent at any time via the cookie settings link on our Website or through your browser settings. Blocking strictly necessary cookies may affect key functionality including login, booking and shipment tracking.
You may also opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
21. Third-Party Cookies
Some cookies may be set by third-party providers such as Google Analytics. These providers operate under their own privacy policies:
- Google Privacy Policy: https://policies.google.com/privacy
22. International Transfers (Cookies)
Where cookie-related data is processed outside the United Kingdom (for example by Google Analytics), we apply appropriate safeguards under UK GDPR including UK adequacy regulations and/or UK International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses (SCCs) where applicable.
23. Updates to Cookie Policy
We may update this Cookie Policy from time to time to reflect legal, technical or operational changes. The updated version will always be published on this page with a revised "Last updated" date.
Contact Us
Email:
admin@hyperway.co.ukPhone:
0207 889 9913Address:
86-90 Paul Street, 3rd Floor, London, England, EC2A 4NE