AskUp LogoAskUp

Privacy Policy

Last updated: 15/12/2025

AskUp (“AskUp”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, share, and protect personal data when you visit our website, create an account, request or purchase Meals, or interact with the AskUp platform.

This Policy applies to:

Customers / Users

Shops / Food Businesses

Website visitors

We comply with the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

1. Who We Are

AskUp Ltd
Company Number: [insert]
Registered Address: [insert]
Email (Data Protection contact): support@AskUp.co.uk

AskUp acts as a Data Controller for personal data collected through the platform.

Stripe acts as an independent Data Controller for payment-related information processed through its services.

2. Personal Data We Collect

A. Data You Provide Directly

For Customers:

Name

Email address

Phone number

Account login details

Order and request history

Pickup confirmations

Dispute reports and messages

For Shops:

Business name

Owner or manager contact details

Trading address and pickup location

Food hygiene rating

Meal listings, descriptions, and photos

Payout details (processed via Stripe Connect – we do not store bank details)

B. Payment Information (Processed by Stripe)

AskUp does not store or process card details.

Stripe may collect:

Card details

Billing postcode

Transaction and payout records

Stripe’s processing is governed by its own Privacy Policy.

C. Technical & Usage Data

Collected automatically when you use the platform:

IP address

Device and browser type

Operating system

Pages visited and interactions

Date, time, and duration of visits

D. Cookies & Tracking Technologies

We use cookies and similar technologies for:

Core site functionality

Login sessions

Security and fraud prevention

Analytics and performance monitoring

Improving the platform experience

A cookie banner allows you to manage non-essential cookies.

3. How We Use Your Data (Lawful Bases)

We only process personal data where permitted by law.

A. To Operate the Platform

Lawful basis: Contractual necessity

Creating and managing accounts

Processing requests and confirmed orders

Facilitating payments via Stripe

Sending order and pickup notifications

Handling disputes and support queries

B. To Support Shops

Lawful basis: Contractual necessity / Legitimate interest

Providing dashboards and order management

Managing payouts

Verifying business information and compliance

C. To Improve and Protect the Platform

Lawful basis: Legitimate interest

Monitoring usage and performance

Fixing bugs and technical issues

Preventing fraud and abuse

Enforcing usage limits and platform rules

D. Service Communications

Lawful basis: Contractual necessity / Legitimate interest

Order confirmations

Pickup reminders

Password resets

Important operational messages

We do not send marketing emails unless you have given explicit consent.

E. Legal & Regulatory Obligations

Lawful basis: Legal obligation

Financial record-keeping

Fraud prevention

Responding to lawful requests from authorities

4. Sharing Your Data

We only share personal data where necessary and proportionate.

A. With Shops

For confirmed orders, Shops receive limited information (e.g. name and pickup reference) required to fulfil the order.
Shops never receive payment details.

B. With Stripe

For secure payment processing and payouts.
Stripe acts as an independent Data Controller.

C. With Service Providers

We may use trusted third parties such as:

Hosting providers

Analytics tools

Email delivery services (e.g. SendGrid)

All providers are required to comply with UK GDPR and act only on our instructions.

D. With Authorities

We may share data where required to:

Comply with legal obligations

Prevent fraud

Respond to lawful requests

We never sell personal data.

5. International Data Transfers

Some service providers may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, including:

UK adequacy decisions

Standard Contractual Clauses (SCCs)

Your data remains protected to UK legal standards.

6. Data Retention

We retain personal data only as long as necessary:

User accounts: until deleted by the user

Order and transaction records: 6 years (legal/accounting requirement)

Dispute records: up to 3 years

Shop accounts: while active and as required by law

Cookies: vary by type (see cookie banner)

You may request deletion where legally permitted.

7. Security Measures

We use appropriate technical and organisational measures to protect personal data, including:

SSL-encrypted connections

Secure hosting and firewalls

Hashed passwords

Restricted staff access

Anonymised analytics

Regular security monitoring

No online system is completely secure, but we take reasonable steps to protect your data.

8. Your Rights Under UK GDPR

You have the right to:

Access your personal data

Correct inaccurate or incomplete data

Request deletion (where applicable)

Restrict processing

Object to certain processing

Data portability

Withdraw consent (where processing is based on consent)

You also have the right to complain to the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

To exercise your rights, contact: support@AskUp.co.uk

9. Children

AskUp is not intended for children under 16.
We do not knowingly collect personal data from minors.

10. External Links

Our platform may contain links to third-party websites.
We are not responsible for their content or privacy practices.

11. Changes to This Policy

We may update this Privacy Policy from time to time.
Significant changes will be communicated through the platform or by email where appropriate.

12. Contact Us

For questions, data requests, or privacy concerns:

Email: support@AskUp.co.uk
Company: AskUp Ltd