Others Try | We Persist

Privacy Policy

Krypton Tune Ltd
Company Number: SC879364
VAT Number: GB735199411

Registered Office:
Unit 4 Mosshall Industrial Estate
West Main Street
Blackburn
West Lothian
EH47 7LY

Email: mail@kryptontune.com
Telephone: 01506 651107

Last Updated: 1st April 2026

1. Introduction

Krypton Tune Ltd (“we”, “us”, “our”) is committed to protecting and respecting your personal data.

This Privacy Policy explains how we collect, use, store and protect personal information when you interact with our business, including when you:

  • book vehicle repairs or services
  • contact us
  • visit our premises
  • use our website (if applicable)
  • request vehicle security-related services

We process personal data in accordance with:

• UK General Data Protection Regulation (UK GDPR)
• Data Protection Act 2018
• Security-Related Repair and Maintenance Information (SERMI) Scheme requirements
• Applicable UK and Scottish law

 

2. Data Controller

The Data Controller responsible for your personal data is:

Krypton Tune Ltd                                                                                                                               Registered Office:
Unit 4 Mosshall Industrial Estate
West Main Street
Blackburn
West Lothian
EH47 7LY

Email: mail@kryptontune.com
Telephone: 01506 651107

3. Personal Data We May Collect

We may collect and process the following categories of personal data.

Identity Data

• Name
• Date of birth (where required for security verification)

Contact Data

• Address
• Telephone number
• Email address

Vehicle Data

• Vehicle registration number
• Vehicle Identification Number (VIN)
• Vehicle ownership details
• Service and repair history relating to the vehicle

Financial Data

• Payment records
• Transaction history
• Invoice records

We do not normally store full payment card information.

4. SERMI and Vehicle Security Verification

To comply with Security-Related Repair and Maintenance Information (SERMI) regulations, manufacturer security requirements, and anti-theft legislation, we may be required to verify the identity of customers before performing certain security-related services.

These services may include:

• key programming
• immobiliser programming or replacement
• ECU replacement or programming
• anti-theft system repairs
• security system diagnostics

To verify identity and authority to access the vehicle we may request:

• driving licence or photographic identification
• proof of address
• vehicle registration document (V5C)
• proof of ownership
• lease or finance documentation
• written authority from the registered owner

Failure to provide required identification may prevent us from carrying out certain security-related services.

5. How We Use Your Personal Data

We use personal data for the following purposes:

• providing vehicle repairs, diagnostics, and servicing
• verifying vehicle ownership and customer identity
• processing payments and maintaining financial records
• communicating with customers regarding their vehicle or services
• complying with legal and regulatory obligations
• complying with SERMI accreditation requirements
• preventing fraud, theft, and vehicle crime
• maintaining internal business records
• improving our services and customer support

 

6. Lawful Basis for Processing

Under UK GDPR we process personal data on the following lawful bases.

Contract

Processing necessary to provide vehicle repairs, diagnostics, servicing, and other requested services.

Legal Obligation

Processing necessary to comply with legal or regulatory obligations including:

• tax and accounting laws
• SERMI requirements
• fraud prevention
• law enforcement requests

Legitimate Interests

Processing necessary for the legitimate interests of operating and protecting our business, including:

• preventing fraud or vehicle crime
• maintaining service records
• improving customer service

7. Data Retention

We retain personal data only for as long as necessary for legal, regulatory, and business purposes.

Typical retention periods include:

Customer service records
Up to 6 years after the last transaction

Financial and accounting records
6 years (HMRC requirements)

SERMI identity verification records
Minimum 5 years or longer where required by SERMI accreditation rules

When data is no longer required it is securely deleted or destroyed.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data against:

• unauthorised access
• accidental loss
• destruction
• misuse
• alteration or disclosure

Security measures include:

• restricted staff access
• password-protected systems
• secure electronic storage
• locked physical document storage
• secure disposal procedures

Only authorised personnel may access personal data where necessary for business purposes.

9. Sharing Your Data

We may share personal data where necessary with:

• vehicle manufacturers or authorised manufacturer systems
• SERMI auditors or accreditation bodies
• payment processors
• accountants or professional advisers
• law enforcement agencies
• government authorities where legally required

Personal data is never sold or shared for marketing purposes.

10. Website and Technical Data 

When visiting our website we may collect limited technical information including:

• IP address
• browser type
• device information
• website usage data

This information may be collected through cookies or analytics tools and is used to improve website functionality and security.

11. CCTV

CCTV may operate at our premises for the purposes of:

• crime prevention
• staff safety
• business security
• protection of customer property

CCTV recordings are retained for a limited period and may be shared with law enforcement authorities where required.

12. Your Rights

Under UK GDPR you have the right to:

• request access to your personal data
• request correction of inaccurate information
• request deletion of personal data where legally permitted
• restrict or object to processing in certain circumstances
• request data portability where applicable

Requests should be made using the contact details provided in this policy.

13. Complaints

If you have concerns regarding how your data is handled, please contact us first so we can attempt to resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
www.ico.org.uk
Telephone: 0303 123 1113

14. Failure to Provide Data

If required personal data is not provided we may be unable to:

• carry out requested repairs or services
• perform vehicle security work
• comply with legal obligations
• verify vehicle ownership

15. Data Breaches

In the unlikely event of a personal data breach that poses a risk to individuals, we will notify the Information Commissioner’s Office and affected individuals where required by law.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or business operations.

The latest version will always be available at our premises or on our website.

17. Contact

Krypton Tune Ltd
Unit 4 Mosshall Industrial Estate
West Main Street
Blackburn
West Lothian
EH47 7LY

Email: mail@kryptontune.com
Telephone: 01506 651107