FineCheck

Privacy Policy

Last updated: April 2026

FineCheck ("we", "us", "our") is committed to protecting your privacy. This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using FineCheck at appealafine.co.uk, you agree to the collection and use of data as described in this policy. If you do not agree, please do not use our service.

1. What Data We Collect

We collect the minimum data necessary to provide our service:

  • Fine details: The type of fine (council or private), operator name, vehicle registration, fine date, fine amount, location, and your description of the circumstances. We need this to assess your fine and generate an appeal letter.
  • Contact information: Your name and email address, used to deliver your appeal letter and any follow-up correspondence.
  • Payment information: We do not store credit card or debit card numbers. All payments are processed by Stripe, a PCI-compliant payment processor. We receive confirmation of payment from Stripe, but we never see or store your full card details.
  • Photos you upload: If you upload photos of your parking ticket, signage, or location, we process these solely to improve your appeal letter. Photos are not shared with third parties.
  • Usage data: We use Google Analytics to collect anonymised usage data such as pages visited, time on site, and referral source. This data is aggregated and cannot identify you personally.

2. How We Use Your Data

  • Service delivery: To assess your parking fine, generate your appeal letter, and provide the documents you purchased.
  • Communication: To send you your appeal letter by email and any essential service updates (e.g., if we discover an issue with your order).
  • Service improvement: To understand how our service is used and make improvements. We analyse aggregated, anonymised data only.

We do not use your data for marketing. We do not send promotional emails unless you explicitly opt in. We do not sell your data to anyone.

3. Third Parties

We share data with a limited number of trusted third parties, solely to operate our service:

  • Stripe (payment processing): Receives your payment details to process transactions securely. Stripe is PCI DSS Level 1 certified. See Stripe's privacy policy.
  • Anthropic(AI letter generation): Your fine details (not your payment information) are sent to Anthropic's Claude API to generate your appeal letter. Anthropic does not use API inputs for training. See Anthropic's privacy policy.
  • Vercel (hosting): Our website is hosted on Vercel. See Vercel's privacy policy.
  • Google Analytics (usage analytics): Collects anonymised browsing data. See Google's privacy policy.

4. Cookies

We use essential cookies required for the website to function (e.g., session management). We also use Google Analytics cookies to understand site usage. These cookies do not contain personally identifiable information. You can disable cookies in your browser settings, but some features of the site may not work correctly.

5. Data Retention

  • Fine details and appeal letters: Retained for 12 months after generation to allow you to access them, then automatically deleted.
  • Payment records: Retained for 6 years as required by UK tax and accounting regulations.
  • Analytics data: Google Analytics data is retained for 14 months (the default retention period).
  • Uploaded photos: Deleted within 30 days of your appeal letter being generated.

6. Your Rights Under UK GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate personal data.
  • Eraseyour personal data (the "right to be forgotten").
  • Restrict processing of your personal data.
  • Object to processing of your personal data.
  • Data portability: Receive your personal data in a structured, commonly used format.

To exercise any of these rights, submit a request through our website. We will respond within 30 days.

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

7. International Data Transfers

Some of our third-party providers (Anthropic, Vercel, Stripe) may process data outside the UK. Where this occurs, appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions, to ensure your data receives equivalent protection.

8. Children

Our service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please submit a data deletion request through our website and we will delete it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated date. We encourage you to review this page periodically.

10. Data Requests

If you have any questions about this privacy policy or wish to exercise your data rights, please submit a request through our website. We aim to respond to all valid requests within 30 days.