Privacy Policy

Yokra London Ltd ("we", "us", "our") is the data controller of personal information collected through yokra.co.uk and the member portal. We process personal data in accordance with the UK GDPR and the Data Protection Act 2018.

1. The information we collect

• Identity & contact: full name, date of birth, email address, telephone, residential address.
• Application & eligibility: personal or business applicant, employer / occupation, income band, referral source, free-text notes you provide.
• Driving & insurance: driving licence number and issuing country, years held, points and endorsements, claims and accident history, declared medical conditions notifiable to the DVLA, declared criminal convictions.
• Verification (post-shortlist): identity documents, proof of address, credit reference data, anti-money-laundering and source-of-funds checks, sanctions screening.
• Membership & usage: bookings, deliveries, swap requests, incidents, payments, mileage records.
• Technical: IP address, device and browser data, cookies (see Cookie Policy).

2. How we use it and our lawful basis

• Reviewing your application — necessary for the steps to enter into a contract (Art. 6(1)(b)).
• Underwriting and insurance pool management — legitimate interests (Art. 6(1)(f)) and substantial public interest under Schedule 1 Part 2 DPA 2018 for criminal-conviction and DVLA-medical data.
• Credit, KYC, AML and sanctions checks — legal obligation (Art. 6(1)(c)) under the Money Laundering Regulations 2017.
• Operating your membership — performance of contract.
• Sending updates and concierge messages — legitimate interests; marketing only with your consent.
• Site analytics — your consent (recorded via the cookie banner).

3. Special-category and criminal-offence data

Where you tell us about a notifiable medical condition or unspent convictions we process this only to assess your suitability and to comply with insurance, road-safety and AML obligations. Access is restricted to the underwriting and compliance team.

4. Who we share it with

• Insurers, brokers and reinsurers underwriting the club's pool.
• Credit reference and identity-verification agencies (e.g. Experian, Equifax, Onfido or equivalent).
• Payment processors handling your subscription and waiting-list deposit.
• The DVLA, HMRC and other regulators where legally required.
• Cloud infrastructure and email providers acting as our processors.
• Professional advisers (legal, accounting, audit) under duties of confidentiality.

We do not sell your personal data.

5. International transfers

Where personal data is transferred outside the United Kingdom or EEA, we rely on UK adequacy regulations or the International Data Transfer Addendum to the EU Standard Contractual Clauses, with additional safeguards as appropriate.

6. How long we keep it

• Unsuccessful applications: 12 months from decision.
• Member records and bookings: duration of membership and 6 years after termination (limitation period).
• AML and sanctions records: 5 years from end of relationship (MLR 2017).
• Tax records: 6 years after the relevant tax year.
• Marketing preferences: until you withdraw consent.

7. Your rights

Under UK GDPR you have the right to access, rectify or erase your data, to restrict or object to processing, to data portability, and to withdraw consent at any time. To exercise these rights email info@yokra.co.uk. You may also complain to the Information Commissioner's Office at ico.org.uk.

8. Security

We use encryption in transit and at rest, role-based access controls, audit logging, and regular review of our processors. No system is perfectly secure; suspected breaches will be reported to the ICO and affected individuals where required by law.

9. Contact

Yokra London Ltd, 32 Mount Street, Mayfair, London W1K, United Kingdom. info@yokra.co.uk.

See also our Terms, Privacy Policy, Cookie Policy and Membership Agreement.