DelayDashStart a claim →

Privacy Policy

Last updated: 28 April 2026 · Version 1.1

This policy explains how Forthbound Ltd, trading as DelayDash(“DelayDash”, “we”), handles the personal data of passengers and visitors to delaydash.com. Forthbound Ltd is the data controller for personal data processed through our service. Contact us at privacy@delaydash.com.

1. What we collect

We collect only what we need to pursue your claim and run our service:

  • Identity & contact data— full name, email address, phone number, postal address where required by the airline, date of birth where the airline requires it.
  • Flight & claim data— booking reference, flight number, route, date of travel, disruption details, supporting documents and correspondence you or the airline send us.
  • Payment data— bank details used to pay out recovered compensation. We do not store full card numbers.
  • Identification documents— where an airline requests proof of identity we may ask for a passport or ID scan and forward it securely to the airline.
  • Technical data— IP address, device and browser type, language, approximate location derived from IP, referrer, page views and actions on the site (see our cookie policy).
  • Signature & consent audit trail— the timestamp, IP and typed signature you use to authorise us, plus a hash of the consent copy shown at the time.

2. How we use your data — lawful basis

  • Contract (Art. 6(1)(b) UK GDPR)— to review, submit and manage your claim; to correspond with the airline; to pay out compensation; to provide customer support.
  • Legal obligation (Art. 6(1)(c))— to meet our accounting, tax, anti-money-laundering and record-keeping duties.
  • Legitimate interests (Art. 6(1)(f))— to prevent fraud, secure our systems, measure and improve the product, and build aggregate analytics. We balance these against your rights before relying on this basis.
  • Consent (Art. 6(1)(a))— for non-essential cookies, marketing emails to non-customers, and any processing we tell you specifically requires your consent. You can withdraw consent at any time.
  • Special category data (Art. 9(2)(a))— if the airline requires medical or other special-category evidence, we process it only with your explicit consent.

3. Who we share data with

  • Airlines, their agents and regulators— to submit and progress your claim.
  • Panel solicitors / debt-recovery partners— where court action or escalation is appropriate.
  • Service providers acting as our processors— hosting, email, storage, document upload, customer support, payment and analytics providers, bound by data-processing agreements.
  • Professional advisers— auditors, insurers and legal advisers where reasonably necessary.
  • Buyers or successors— if Forthbound Ltd or the DelayDash business is sold, restructured or merged, personal data may transfer to the acquiring entity on the same terms as this policy.

We do not sell your personal data.

4. International transfers

Some of our providers process data outside the UK/EEA. Where that happens we rely on an adequacy decision, the UK International Data Transfer Agreement, the EU Standard Contractual Clauses (with the UK addendum) or another recognised safeguard.

5. How long we keep data

  • Active claim data: for the life of the claim.
  • Closed claims: up to 6 years from closure for legal, accounting and dispute-defence purposes.
  • Marketing preferences: until you unsubscribe, plus up to 24 months for suppression records.
  • Security and fraud logs: up to 24 months.

6. Your rights

Under UK GDPR you can ask us to access, correct, delete, restrict or port your personal data, and to object to certain processing. You can also withdraw consent at any time for processing based on consent. Contact privacy@delaydash.com and we will respond within 30 days.

You can complain to the UK Information Commissioner's Office at ico.org.uk/make-a-complaint. We'd rather hear from you first — see our complaints page.

7. Automated decision-making

We use automated tooling to triage claim eligibility and flag likely winners. A human reviews every claim before it is filed with the airline, so no decision with legal or similarly significant effect on you is taken solely by automated means.

8. Security

We use encryption in transit, access controls, logging, and a least- privilege model internally. No system is perfectly secure; if we ever detect a breach affecting you we will notify you and, where required, the regulator.

9. Changes to this policy

We update this policy as our product changes. We may revise it at any time by posting the updated version here, and such changes are effective immediately on posting. For material changes that affect how we use data you've already given us, we will flag the change in-product or by email where reasonably practicable. For non-material updates we rely on the “Last updated” date above and do not send individual notifications.

10. Contact

Forthbound Ltd (trading as DelayDash) · privacy@delaydash.com