Borrow It

Privacy Policy

Last updated: 29 June 2026

Borrow It is a peer-to-peer marketplace for borrowing and lending everyday items. This policy explains what personal data we collect, how we use it, and your rights under UK data protection law (UK GDPR and the Data Protection Act 2018). For the purposes of that law, Borrow It is the data controller for your personal data.

1. Data we collect

Category	Examples
Account	Name, email address, sign-in identifiers (email, Google, or Apple).
Profile	Profile photo, bio, ratings and reviews.
Contact & location	Phone number (if provided) and your location, used to show nearby items and set a pickup area. Stored privately to your account.
Content	Listings, bookings, chat messages, condition photos, and dispute evidence.
Payment	Stripe customer and connected-account identifiers, payment status, and transaction amounts. We do not store your card number — card details are handled directly by Stripe.
Charity hubs	If you apply to run a charity hub: your charity name and registration number.
Device	Push-notification (FCM) tokens and basic device/app data.
Usage	Analytics about how the app is used, to improve the Service.

2. How we collect it

From you (when you register, list items, book, message, or apply as a hub), automatically (e.g. app usage and device tokens), and from our processors (e.g. payment status from Stripe).

3. Why we use it & our lawful bases

To provide the Service — accounts, listings, bookings, messaging, handovers, payouts (lawful basis: performance of a contract).
Payments, deposits, and fee/damage/missing-item charges (contract and legitimate interests in operating the marketplace safely).
Showing nearby items and setting pickup areas using your location (consent, which you can withdraw in your device settings).
Push notifications about your bookings and messages (consent; you can disable notifications at any time).
Safety, fraud prevention and dispute resolution (legitimate interests).
Legal compliance where we must keep records or respond to lawful requests (legal obligation).

4. Who we share it with

Other users you transact with — e.g. your name, profile photo, rating, and the information needed to arrange a handover.
Stripe — our payment processor, for payments and payouts.
Google Firebase / Google Cloud — authentication, database, file storage, analytics, and push notifications.
Charity hubs — for PUDO bookings, the limited booking details needed to receive, hold, and release an item.
Authorities — where required by law or to protect users.

We do not sell your personal data.

5. International transfers

Some of our processors (e.g. Google and Stripe) may process data outside the UK. Where they do, transfers are protected by appropriate safeguards such as the UK International Data Transfer Agreement or equivalent mechanisms.

6. Retention & deletion

We keep your data for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. You can delete your account at any time in the app (Settings → Delete account); this removes your profile, contact details, listings, chats and associated data, and anonymises reviews you have written. Some records (e.g. transaction records) may be retained where the law requires.

7. Your rights

Under UK GDPR you have the right to access, correct, delete, restrict, or object to processing of your personal data, to data portability, and to withdraw consent at any time. To exercise these rights, contact us at the address below. You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

8. Security

We use industry-standard measures (including authentication, access rules, and encryption in transit) to protect your data. No system is perfectly secure, but we work to keep your information safe.

9. Children

The Service is intended for users aged 18 and over and is not directed at children.

10. Changes

We may update this policy from time to time. Material changes will be notified in the app or by email, and the "last updated" date above will change.

11. Contact

Questions or data requests: joiandlaff@gmail.com.