Effective Date: 17 February 2026
This Privacy Policy explains how NestVid LTD ("Company", "we", "us", or "our") collects, uses, stores, and protects personal data in connection with the ADF OS platform available at www.adfos.co.uk (the "Platform"). We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).
NestVid LTD is the data controller for personal data collected directly through the Platform (such as account registration data). Where dealers process customer personal data through the Platform (such as ADF leads), the dealer is the data controller and NestVid LTD acts as the data processor.
Contact: sales@adfos.co.uk
When you register for an account, we collect your full name, email address, telephone number, job title or role, dealership name and address, and account login credentials (passwords are stored in encrypted form only).
To provide our services, we collect and process dealership business information including trading name and registered address, vehicle stock and inventory data, showroom and branding information, marketing content and assets, and business contact details.
The Platform processes vehicle enquiry leads which may contain customer personal data including names, email addresses, telephone numbers, vehicle preferences, and enquiry details. This data is processed by us on behalf of the dealer as data processor.
Payment information (such as credit or debit card details) is collected and processed directly by our payment processor, Stripe. We do not store your full payment card details on our servers. We may retain limited billing information such as the last four digits of your card, billing address, and transaction history for our records.
We may collect technical data when you use the Platform, including IP address and approximate location, browser type and version, device information, pages visited and features used, time spent on the Platform, and referring URLs.
We retain records of communications between you and us, including emails, support requests, and feedback.
We process personal data for the following purposes and on the following legal bases:
Performance of Contract (Article 6(1)(b) UK GDPR)
To provide and maintain the Platform, process subscriptions and payments, manage your account, deliver dealer management tools and features, and process ADF leads on your behalf.
Legitimate Interests (Article 6(1)(f) UK GDPR)
To improve and develop the Platform, provide customer support, send service-related communications, detect and prevent fraud or misuse, and analyse usage patterns to enhance user experience.
Legal Obligation (Article 6(1)(c) UK GDPR)
To comply with applicable laws, regulations, and legal processes, including tax and accounting obligations.
Consent (Article 6(1)(a) UK GDPR)
Where we send marketing communications, we will obtain your consent where required. You may withdraw consent at any time.
We share personal data with trusted third-party service providers who assist in operating the Platform, including: Stripe (payment processing), TikTok and social media platforms (content publishing and integration), AI service providers (content generation features), and hosting and infrastructure providers. All third-party processors are bound by data processing agreements and are required to process data only on our instructions and in accordance with applicable data protection law.
We may disclose personal data where required by law, court order, or regulatory authority, or where we reasonably believe disclosure is necessary to protect our rights, property, or safety, or that of our users or the public.
In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your data.
We do not sell personal data to third parties for marketing or advertising purposes.
Some of our third-party service providers (including AI services and cloud infrastructure) may process data outside of the United Kingdom. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the Information Commissioner's Office (ICO), transfers to countries with an adequacy decision, or other lawful transfer mechanisms under UK GDPR.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, secure password hashing, access controls and role-based permissions, regular security reviews, and secure hosting infrastructure. While we take reasonable precautions, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.
Under the UK GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, please contact us at sales@adfos.co.uk. We will respond to your request within one calendar month, as required by law.
The Platform may use cookies and similar technologies to enhance your experience, analyse usage, and support the Platform's functionality. Essential cookies are necessary for the Platform to function and cannot be disabled. Analytics cookies help us understand how the Platform is used and improve our services. You can manage your cookie preferences through your browser settings. We will display a cookie consent banner where required by PECR.
The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.
Where you use the Platform to process customer personal data (such as ADF leads), you acknowledge that: (a) you are the data controller and are responsible for complying with all applicable data protection laws; (b) you have obtained all necessary consents or have an appropriate legal basis for collecting and sharing customer data with us; (c) you will maintain your own privacy notice informing customers about the processing of their data; and (d) you will cooperate with us in responding to data subject access requests and other rights requests relating to customer data.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Platform with at least 14 days' notice. The updated policy will be posted on our website with the revised effective date. Your continued use of the Platform after any changes constitutes acceptance of the updated Privacy Policy.
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
For any questions or concerns regarding this Privacy Policy or our data practices, please contact:
