What personal data we collect
“Personal data” or “personal information” means any information that identifies you as an individual or relates to an identifiable individual. It does not include data where the identity has been removed (anonymous data). We process the following personal information about you depending on your interaction with us through the website:
- Your full name;
- If you register with us to purchase services, your selected username and password;
- If your business purchase services from us (or you make purchases from us on behalf of your business), details of your or your business’ bank account and payment card details and details about payments to and from you or your business, and other details of products and services your business has purchased from us (or purchases you have made on behalf of your business);
- Your business contact information including a contact phone number, email address and postal address;
- If you are raising an enquiry with us in connection with your business, the name and country of operation of your business along with details of the size of your fleet of vehicles;
- Information relevant to your participation in customer surveys and/or offers (which will be described in more detail at the time at which you participate in any such survey or offer); and
We do not collect (and we ask that you do not send us) any special categories of personal data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data) about you in connection with our operation of our website, nor do we seek to collect any information about criminal convictions and offences.
How do we use the information that we gather
Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
- Where necessary, where we have your consent to do so.
We have set out below a description of the ways in which we plan to use your personal data, and the lawful justification we rely upon when we do so.
How we use your data
(Note that some of these promotions have additional rules containing information about how we will use and disclose your personal information. Please read those additional rules before choosing to participate.)
Sharing your personal data
We share your data with certain third parties set out below for the purposes set out in the table above:
- Service providers (acting as processors) who provide IT and system administration services in connection with your use of the website.
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- Fraud prevention agencies in order to detect and prevent fraud.
- Public and government authorities, including authorities outside your country of residence, where we receive requests from them.
We also use and disclose personal information, as necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to enforce our Terms & Conditions; (d) to protect our operations; (e) to protect our rights, property or safety, and/or that of our users, you, our or others; and (f) to allow us to pursue available remedies or limit the damages that we may sustain. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. Transfers of your personal data to locations outside the United Kingdom/the European Economic Area Our sharing of your personal data with the third parties identified above will result in the transfer of your personal data to locations outside of the UK or the European Economic Area (“EEA”), which may have data protection rules that are different from those in the UK or the EEA (as applicable). Whenever we transfer your personal data out of the UK or the EEA, we ensure at least one of the following safeguards is implemented:
- We transfer your personal data to countries that have been deemed by the UK government or the European Commission (as applicable) to provide an adequate level of protection for personal data. This applies in respect of any transfer of your personal data (i) from the UK to the EEA and (ii) from the EEA to non-EEA countries.
- For transfers from the UK or the EEA to countries not considered adequate (such as when we share personal data with third parties), we rely on adequate measures, such as standard contractual clauses, which give personal data the same protection it has in the UK and the EEA. You may obtain a copy of these measures by using the information in the ‘Contact Us’ section below.
We strive to keep your information as secure as possible. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Measures we take include placing confidentiality requirements on our staff members and service providers and destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect any usernames and passwords necessary to make use of our website, please take appropriate measures to protect this information.
Storing your personal information
- While we have an ongoing relationship with you and provide our services to you (for example, for as long as you have an account with us or keep using our services);
- Where we are required to do so in accordance with legal, regulatory, tax, accounting requirements (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and
- Where we need to have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Links to other websites
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we are not responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling our use of your personal information for marketing purposes
You may choose to restrict the collection or use of your personal information for marketing purposes in the following ways:
- Whenever you are asked to fill in a form on the website, look for the box that you can check to indicate that you wish to opt-in to receive direct marketing. If you do not check this box, you will not receive any promotional marketing e-mails from Autocab; or
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org, or unsubscribing by clicking the ‘unsubscribe’ link found on any e-mail we send.
Your legal rights
Under certain circumstances and subject to certain exemptions, you have rights under data protection laws, to request to access, update, correct, suppress, restrict or delete your personal data provided to us, object to the processing of your personal data, or request to receive an electronic copy of your personal data for purposes of transmitting it to another company (where the right to data portability is provided to you by applicable law). We may ask you for additional information to confirm your identity and for security purposes, before responding to a request you raise. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. You can exercise your rights by contacting us using the details below in the ‘Our Contact Details’ section. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
Our Contact Details
How to contact regulatory authorities
You also have the right to report your concern to an appropriate regulatory authority, depending on where you have your habitual residence or place of work, or where an alleged infringement of applicable data protection law occurs. For the UK, this is the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). For the EEA, a list of data protection authorities is available here.