Daro
How it works Pricing Coverage About Sign up

Legal

Privacy Policy.

Last updated: 16 May 2026


1. Who we are

Daro Home Ltd ("Daro") is the data controller. Company number SC889546. Registered office: 1C Simpson Parkway, Kirkton Campus, Livingston Village, Livingston, EH54 7BH. Data protection enquiries: support@getdaro.co.uk.

We are registered with the Information Commissioner's Office (ICO) under reference ZC149537.

2. What we collect

When you sign up: name, email, phone number (optional), service address, bin-location instructions, marketing consent and doorstep-access flags. Bank account details are submitted directly to GoCardless and are not stored by Daro.

When you join the waitlist: email and postcode sector.

When we service you: two photos per visit (kerbside and post-return), time-stamps, route data, operative ID, service exceptions.

When you log into your dashboard (once available): authentication tokens, login timestamps, IP address of the session.

When you contact us: the content of your emails or messages, and any attachments.

Automatic, from the website: a session cookie to keep the signup flow working. We do not currently use analytics or advertising cookies. See our Cookie Policy.

3. Why we use it, and our legal bases

PurposeLegal basis
Provide and bill the servicePerformance of the contract with you
Take payment via Direct Debit / cardPerformance of the contract
Send service notifications (reminders, missed-bin notices, receipts)Performance of the contract
Operate your customer dashboardPerformance of the contract
Send marketing emailsYour consent, given at sign-up; withdraw any time
Prove service was delivered and resolve disputesLegitimate interest
Train operatives and improve routesLegitimate interest
Comply with tax, accounting, legal obligationsLegal obligation

4. Photos of your property

The two photos per visit are taken from public-facing positions: at the kerb and at your bin storage location. They will incidentally include the front of your property. We retain them for 12 months then delete them automatically. We do not use them for advertising or social media without separate written consent. Logged-in customers can view their own photos in the dashboard; no other customer can.

5. Your customer dashboard

When you log into your dashboard you will see only your own account data: your subscription, your collections, your photos, your invoices. We enforce this with database-level row access controls. Daro staff with operational need (e.g. dispatch, support) can see your account when investigating a service issue; this access is logged. Photos in your dashboard are served over signed, expiring URLs.

6. Who we share data with

We use the following processors, all bound by data-processing agreements:

  • GoCardless (Direct Debit, UK) — bank and payment data
  • Stripe (card payments, UK/EU) — card data, one-off charges only
  • Supabase (database, EU region) — all customer records
  • Vercel (hosting, EU region) — website infrastructure
  • Resend (transactional email) — recipient address and content
  • Twilio (SMS) — phone number and content
  • Google Workspace (our inboxes) — emails you send us

We do not sell your data. We do not share it for advertising. We may share data with law enforcement, regulators, or HMRC where legally required.

7. International transfers

Most processors store data in the UK or EU. Where data is transferred outside the UK (some Stripe and Twilio infrastructure), the transfer is covered by the UK International Data Transfer Agreement or equivalent safeguards.

8. How long we keep it

TypeRetention
Customer record (name, address, contact)Lifetime of subscription + 7 years (HMRC)
Bank mandate / payment records7 years (HMRC)
Service photos12 months from date of visit
Marketing consent recordUntil withdrawn + 1 year
Website session cookiesEnd of session
Waitlist sign-upsUntil you ask us to delete or 24 months of inactivity
Dashboard login logs12 months

9. Your rights

Under UK GDPR you have the right to access, correct, erase, restrict, object to processing, withdraw consent, port data you provided, and complain to the ICO (ico.org.uk, 0303 123 1113). To exercise any right, email support@getdaro.co.uk with "Data Request" in the subject line — we respond within one month.

10. Security

  • All data in transit is encrypted (TLS).
  • Database access is restricted by row-level security and role-based access.
  • Payment data is handled by PCI-DSS compliant processors; we do not see or store card or bank numbers.
  • Photos are stored in access-controlled cloud storage with signed, expiring URLs.
  • Internal access to customer data is restricted to staff with operational need, and is logged.
  • We will notify the ICO and you of any breach likely to risk your rights, within 72 hours of becoming aware.

11. Changes

We may update this policy. The "last updated" date will change. Material changes will be notified by email.

Daro

Bin care, taken care of.

Service

How it works Pricing Coverage About

Legal

Terms Privacy Cookies Refunds

Get in touch

hello@getdaro.co.uk support@getdaro.co.uk accounts@getdaro.co.uk
Daro Home Ltd · Registered in Scotland · Company No. SC889546
1C Simpson Parkway, Kirkton Campus, Livingston Village, Livingston, EH54 7BH