We are open, straightforward, and transparent about the personal information we process on the Wondle platform. We design our systems to be lean and secure, limiting our processing activities strictly to the data required to operate our tools, verify account security, and deliver the automated reporting services requested.
This privacy policy outlines the specific information we process when you visit our website, communicate with our team, or interact with our vehicle inspection platform.
Wondle limits data collection to standard operational categories required to execute automated vehicle appraisals:
Identity & Account Records: Your first name, last name, and system-assigned user profile identifiers.
Contact Details: Your email address. Telephone numbers are processed conditionally and exclusively when explicitly and voluntarily provided by you during direct support inquiries or manual account updates.
Conditional Transactional Data: Physical billing addresses, temporary payment tokens, invoice histories, and records of purchases. This data is handled conditionally and is processed exclusively when a user actively initiates a direct purchase transaction on our platform.
Vehicle Condition Assets: Vehicle Registration Marks (VRMs), time-stamped vehicle photographs, structural damage coordinates, and generated condition matrices. These images and data points are analysed and processed strictly as visual records of vehicle condition. We do not collect, embed, or link geographic location tags or GPS data to your vehicle media files.
Technical Footprint Telemetry: Your Internet Protocol (IP) address, secure login activity logs, browser type, device operating system, and platform performance parameters.
Service Communications: Correspondence records, support tickets, and interaction history when you communicate with our team.
Our platform is structured to process standard operational data and excludes sensitive personal categories (such as health data, biometric profiles, or religious beliefs).
We log information across three designated operational paths:
Direct Interactions: Information you provide when creating an account, entering billing details (during direct purchases), uploading vehicle photographs, or contacting support.
Automated System Interaction: Technical metadata and functional session tokens captured securely by our servers and functional cookies during platform use.
Partner Onboarding Frameworks: Account contact records, temporary vehicle parameters, and transaction references passed securely to us via integration channels from corporate customers (such as vehicle leasing companies, commercial fleet managers, or automotive repair networks) who have purchased our service tokens for your use.
We process your information based on clear legal foundations, mapped directly to specific business operations:
| Authorised Platform Activity | Data Category Involved | Lawful Foundation for Processing |
| Account Configuration | Identity and Contact Records | Performance of the requested service contract. |
| Vehicle Appraisal Generation | Identity, Contact, & Vehicle Condition Assets | Performance of the requested service contract. |
| Service Onboarding Support | Identity and Contact Records | Legitimate interests of our corporate business clients and Wondle to ensure users can successfully access and utilise the platform features purchased for them. |
| Direct Purchase & Invoice Management | Identity, Contact, Financial, & Transaction Records (Processed conditionally upon purchase) | Performance of a contract / Legitimate corporate interest in collecting owed fees. |
| System Maintenance & Service Notices | Identity, Contact, Account, & Technical Telemetry | Performance of our contract / Compliance with a legal obligation. |
| Platform Security & Fraud Countermeasures | Identity, Contact, Asset, & Technical Telemetry | Legitimate corporate interest in securing our networks and preventing platform abuse. |
| Experience Optimisation | Technical Footprint & Service Communications | Legitimate corporate interest in refining platform performance and usability. |
We restrict our data sharing to necessary third-party systems that act under our direct, confidential instructions as authorised data processors. Data is routed exclusively to the following service provider pools:
Automated Image Analysis Pipelines: Specialised systems utilising secure machine learning models to analyse vehicle media and generate structural damage appraisals.
Data Hosting & Cloud Infrastructure: Highly secure server networks based within the United Kingdom and European Economic Area (EEA) used to maintain our databases and application tools.
Secure Transaction & Invoicing Gateways: Industry-standard third-party card processing networks and cloud accounting platforms handling encrypted payment collections and issuing transactional invoices (only triggered during direct user purchases).
Customer Communication Platforms: Integrated live chat widgets and support ticket systems used to manage your conversations with our team.
Professional & Regulatory Bodies: Legal advisors, auditors, or statutory public authorities when required to fulfill statutory reporting obligations.
Wondle stores and processes your information within the United Kingdom and the European Economic Area (EEA). Where a core processing pipeline utilises a dependency outside these regions, legal protection is maintained by implementing specific contractual clauses officially approved by the UK Information Commissioner's Office (ICO).
We retain personal data only for the lifecycles required to fulfil our service agreements, satisfy historical financial accounting rules, or meet legal obligations:
Financial & Tax Records: Core transactional lines, billing metadata, and invoicing logs are retained for six (6) years following account closure to satisfy statutory UK tax laws (applies exclusively to purchasing users).
Vehicle Inspection Assets: Photographs and damage reports are kept securely in line with our operational review cycles. Retaining this visual history provides clear evidence of a vehicle's historical state, protecting users against unfair end-of-contract vehicle damage penalties.
Anonymisation Wrapper: Upon the expiration of a record's required lifecycle, the system executes an automated anonymisation wrapper that permanently removes all identifying personal links, leaving behind anonymous technical metadata used for long-term platform performance analysis.
Under UK data protection laws, you possess clear rights regarding your personal information:
The Right to Access: You can request a clear copy of the personal data linked to your profile to verify lawful processing.
The Right to Correction: You can request that we immediately update or fix incomplete or inaccurate details.
The Right to Erasure: You can ask us to delete your personal data when there is no ongoing contract or overriding legal obligation requiring its retention.
The Right to Object or Restrict: You can challenge our processing when based on legitimate interest grounds, or ask us to freeze processing while records are verified.
The Right to Portability: You can request that your automated account profile data be provided in a clean, structured, and machine-readable format.
For formal data access queries, rectification updates, or deletion requests, you can contact our compliance team directly:
By Email: support@wondle.io
By Post: Data Protection Review, Wondle, 179 Park Lane, Poynton, United Kingdom, SK12 1RH.
If you wish to escalate a query, you have the right to lodge a formal complaint at any time with the UK Information Commissioner’s Office (ICO), the statutory supervisory authority for data protection issues, by visiting www.ico.org.uk. We welcome the opportunity to address your concerns directly before you approach the regulator, so please reach out to our team in the first instance.
By Post: Data Protection Review, Wondle, 179 Park Lane, Poynton, United Kingdom, SK12 1RH.
If you wish to escalate a query, you have the right to lodge a formal complaint at any time with the UK Information Commissioner’s Office (ICO), the statutory supervisory authority for data protection issues, by visiting www.ico.org.uk. We welcome the opportunity to address your concerns directly before you approach the regulator, so please reach out to our team in the first instance.
