We've Got The Key - Auto Locksmiths

1. Introduction

This Privacy Policy explains how We've Got The Key Limited ("we", "us", or "our") collects, uses, and protects your personal data when you use our website and related services.

We are committed to safeguarding your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who we are

We've Got The Key Limited

Norfolk Tower, 48–52 Surrey Street, Norwich, NR1 3PA.

Email: enquiries@wgtk.co.uk

Telephone: 03033 300540

We are the data controller responsible for your personal data.

3. Information we collect

(a) Information you provide directly

When you interact with our website (for example, filling in forms, requesting a quote, submitting a claim, or making a payment), we may collect:

  • Your name and contact details (email address, phone number, address).
  • Vehicle information (registration number, make, model).
  • Payment information (processed securely by Stripe – we never store full card details).
  • Any information you include in messages or correspondence.

(b) Information we collect automatically

When you visit our website, we may collect:

  • Your IP address and browser type.
  • Pages you visit and actions you take on our site.
  • Device information and approximate location.

(c) Information from third parties

We may receive limited data from third-party services, including:

  • Stripe (for payment processing and verification).
  • Google (for analytics or embedded map services).

4. How we use your information

We use your personal data to:

  • Provide and manage your requested service or claims.
  • Verify your identity and reduce fraud (for example secure OTP or SMS verification).
  • Process and confirm secure payments online, through Stripe.
  • Communicate with you about your enquiry, repair, claim or payment.
  • Maintain business and regulatory records.
  • Improve our website and customer experience.
  • Comply with legal obligations.

5. Lawful bases for processing

We process personal data under the following lawful bases:

  • Contractual necessity – to perform or prepare a contract (e.g. fulfilling a claim or payment).
  • Consent – where you have given permission (e.g. for marketing or analytics).
  • Legal obligation – to meet regulatory or accounting requirements.
  • Legitimate interests – for site optimisation, fraud prevention, and internal administration.

6. Data storage and security

We take appropriate security measures to protect your data from unauthorised access, disclosure, or loss.

Sensitive information such as payment data is encrypted and handled exclusively through secure, PCI-compliant providers (e.g. Stripe).

Access to your data is limited to authorised personnel only.

7. Sharing your data

We only share your data when necessary for service delivery, including:

  • Stripe – to process secure payments.
  • Google – to provide analytics, error monitoring and embedded map services.
  • Hosting provider – for site hosting, error monitoring, performance and updates.

We do not sell, rent, or trade our data with third parties.

8. Data retention

We keep personal data only as long as necessary to fulfil the purpose it was collected for or as required by law.

Typical retention periods:

  • Claims and payment records: up to 7 years (for accounting and audit purposes).
  • General enquiry details: up to 18 months.
  • Analytics data retained according to your cookie consent preferences.

9. Your rights

You have the following rights regarding your personal data:

  • Access your personal information.
  • Request correction of data.
  • Withdraw consent (where applicable, e.g. from marketing emails).
  • Object to or restrict certain processing.
  • Request data portability.
  • Request that we erase your data in certain circumstances.

To exercise your rights, please contact us at enquiries@wgtk.co.uk.

If you are unhappy with how your data is handled, you can lodge a complaint with the Information Commissioner's Office (ICO):

https://ico.org.uk

10. International data transfers

Some of our trusted service providers (e.g. Stripe, Google) may store or process data outside the UK.

Where this occurs, we use appropriate safeguards, such as Standard Contractual Clauses (SCCs), to protect your data.

11. Updates to this Privacy Policy

We may update this Privacy Policy to reflect changes in our operations or legal obligations.

Please review this page periodically for the latest version.

Last updated: 14 October 2025

Need our help? Or just have a question?

Get in touch.

24/7 Nationwide Support
Fast Response Times
Trusted, Transparent Service

or send us an email
enquiries@wgtk.co.uk

1of 4

What's your name?

Get Support