Back to MileageMonster

Privacy policy

1. Introduction

Cyberfreak Software Limited (“we”, “us”, “our”) respects your privacy and is committed to protecting it through compliance with this policy and the General Data Protection Regulation (GDPR). This policy applies to our MileageMonster service, including the web portal for business employers (“Employers”) and the mobile application for their employees (“Employees”) to track journeys and submit claims (collectively, the “Service”).

This policy describes:

  • The types of information we collect from Employers and Employees or that you provide when using the Service.
  • Our practices for collecting, using, maintaining, protecting, and disclosing that information.

2. Information We Collect and How We Collect It

We collect information from and about users of the Service, including:

  • Personal Information: Identifiers such as Employer names, email addresses, billing details, and Employee names, email addresses, national insurance numbers, or other contact details.
  • Non-Personal Information: Data such as vehicle number plates, journey details (e.g., routes, distances), and usage data from the web portal or mobile app.
  • Technical Information: Internet connection details, IP addresses, device information, and usage patterns.

We collect this information:

  • Directly: When Employers provide billing or account details via the web portal or Employees submit journey or claim data via the mobile app.
  • Automatically: Through cookies, web beacons, or tracking technologies as you navigate the Service, including Google Routes API for journey tracking.

3. How We Use Your Information

We use collected information, including personal information, to:

  • Provide and maintain the Service, including the web portal and mobile app.
  • Process subscriptions, billing, and claims for Employers and Employees.
  • Fulfill the purposes for which you provided the information.
  • Improve the Service and notify you of updates or changes.
  • Comply with legal obligations, including GDPR, and enforce our Terms of service.

4. Disclosure of Your Information

We may disclose aggregated, non-identifying information without restriction. Personal information is disclosed only:

  • To Google for journey tracking via the Google Routes API, subject to their privacy policies.
  • To fulfill the purpose for which you provided it (e.g., processing claims).
  • As required by law or to protect our rights, users, or others.

We do not share personal information with other third parties except as described above.

5. Data Storage and Security

We store all data securely in Firebase, retaining only necessary information for the minimum period required to provide the Service, in compliance with GDPR. We implement technical and organizational measures to protect your data, but no system is completely secure.

6. Your GDPR Rights

Under GDPR, you have the right to:

  • Access, correct, or delete your personal information.
  • Restrict or object to our processing of your data.
  • Request data portability.
  • Withdraw consent for data processing, where applicable.

To exercise these rights, contact us at the address below. We will respond within one month, as required by GDPR.

7. Changes to Our Privacy Policy

We may update this policy and will post changes on this page. Significant changes will be notified via the Service’s homepage. Your continued use of the Service constitutes acceptance of the updated policy.

8. Contact Information

For questions or to exercise your GDPR rights, contact us at: [email protected].

Date last updated: 8.7.2025