Driveway Visualiser

Privacy Policy

Last updated: 13 July 2026

Who is responsible for your information

Driveway Visualiser is a product operated by Madereal. For account, billing, support and website information, Driveway Visualiser is the data controller. Contact us at support@drivewayvisualiser.co.uk.

When a contractor enters information about its own customer, job or prospect, that contractor normally decides why the information is used and is the controller. Driveway Visualiser processes that information to provide the service. Contractors are responsible for giving their customers an appropriate privacy notice, having a lawful basis and handling customer rights requests. We will provide reasonable assistance where needed.

Information we handle

  • Account and company details: authentication identifier, name, email address, profile image, company name, logo, contact details and settings you choose to add.
  • Project and customer details: customer name and contact details, property address, measurements, surface choices, notes, line items, quote totals, VAT settings and contractor-supplied payment, bank or finance information.
  • Images and AI requests: uploaded property photographs, traced masks, selected materials, generated concepts and the instructions required to produce them. Property photos may incidentally contain people, vehicles, number plates or neighbouring homes, so upload only what is needed and what you are entitled to use.
  • Proposal activity: when a customer proposal is opened, the service records the open time and limited request information such as user agent, language, referrer and country code. This supports open tracking and service security.
  • Billing information: plan, subscription and transaction status. Stripe handles payment-card details; Driveway Visualiser does not receive or store the full card number.
  • Support and partnership enquiries: the contact details, company information and message you submit, plus referral or campaign information included with the enquiry.
  • Consent-controlled first-party website analytics: before you opt in, the analytics script sends no events and creates no analytics identifiers. After opt-in it may collect page path, page title, referring site without query strings or fragments, link or button interactions, viewport, user agent, country code and time on page. Random analytics identifiers are kept in session storage for the current browser tab and are not used as a persistent cross-session profile. Your analytics consent choice is stored in local storage so the site can remember it. TikTok and Google advertising or analytics pixels are not loaded.

Why we use it

  • To authenticate users and provide the requested app, storage, proposal, rendering and billing features. This is necessary to perform our contract with account holders.
  • To operate, secure, diagnose and improve the service, prevent misuse, understand feature use and respond to support. We rely on our legitimate interests where those interests are not overridden by individual rights.
  • To manage subscriptions, accounting and legal obligations.
  • To reply to a support, team-pilot or partnership enquiry with the consent or expectation created by that enquiry. We do not add an enquiry to unrelated marketing lists without a separate lawful basis.

Cookies and browser storage

Opening a customer proposal does not set a proposal-tracking cookie. Repeat proposal opens are deduplicated on the server in 30-minute windows using a short-lived fingerprint derived from limited request information. The fingerprint is not returned to or stored in the visitor's browser.

After analytics consent, session storage holds the temporary analytics identifiers described above until the browser tab is closed. Local storage remembers the analytics consent choice. You can clear browser storage through your browser settings.

Service providers and international processing

We use service providers only where needed to run the product:

  • Google Firebase for authentication, database and file storage.
  • Google Gemini API to process the submitted property photo, traced area and material instruction and return an AI-generated concept.
  • Netlify for website hosting, server functions, request handling and operational logs.
  • Stripe for subscriptions, billing and payment-account management.
  • Google Fonts, Tailwind CSS CDN, unpkg and jsDelivr to deliver fonts, styles, icons or animation libraries used by public pages. Requests to these providers can include the visitor’s IP address, user agent, requested asset and time.

These providers may process information outside the UK. Where UK data protection law requires it, transfers are made using an adequacy decision or appropriate contractual and organisational safeguards. Each provider also processes some service and security information under its own terms and privacy notice.

Customer proposal links and sharing

A customer proposal can be viewed by anyone who receives its unique link. It is not intended to be indexed, but a recipient can forward it. Contractors should include only information needed for that quote, check bank and payment details carefully, and share the link through an appropriate channel. We do not sell personal information.

How long we keep information

Account and saved project information is generally kept while the account is active or until the user deletes the relevant project or asks us to close the account. Enquiry records are kept while the enquiry is being handled and for a reasonable period for follow-up and record keeping. Subscription and transaction records may be kept for the periods required by tax, accounting, fraud-prevention and legal obligations. Operational and security records are kept only while reasonably needed for those purposes.

Deletion removes information from active product systems where the feature supports it. Limited copies may remain temporarily in provider backups or logs until their normal rotation completes. To request account-wide deletion, email support from the address connected to the account.

Security

We use access controls, authenticated product areas and reputable infrastructure providers to protect information. No online service can promise absolute security. Keep account access secure, check proposal recipients and tell us promptly if you believe an account or proposal link has been exposed.

Your UK data protection rights

Depending on the circumstances, you may have rights to access, correct, erase or restrict personal information, object to particular uses, and receive information you supplied in a portable form. You may also withdraw consent where consent is the basis for processing. These rights can have legal limits.

Email support@drivewayvisualiser.co.uk to make a request. We may need to verify your identity. If the request concerns information entered by a contractor about its customer, contact the contractor first; we will assist the contractor where appropriate. You can also complain to the UK Information Commissioner’s Office at ico.org.uk.

Changes

We may update this notice when the product or its providers change. The date at the top shows the current version. Material changes will be highlighted in the service or by another appropriate notice.