PRIVACY POLICY

INTRODUCTION

 

CityFleet Networks Limited operates five brands, CityFleet Networks, Comcab (Aberdeen and Liverpool), Argyle Satellite Taxis, Kingkabs, CMAC and Addison Lee. CityFleet Networks Limited is committed to protecting your personal data and complying with the General Data Protection Regulation (EU) 2016/679. We take your privacy seriously and will only use your personal information to administer your account and to provide the services you have requested from us.

 

PURPOSE

 

The purpose of this document is to disclose the ways that CityFleet Networks gathers, processes, discloses, and manages your personal data. It will also set out our cookies policy and to make you aware your rights under the current Data Protection legislation most notably the UK General Data Protection Regulation (GDPR).

 

SCOPE

 

The scope of this policy extends to all CityFleet Networks Limited departments, employees, contractors, vendors, customers and partner agencies that use/access CityFleet Networks Limited’s information assets.

 

POLICY

 

YOUR PERSONAL DATA AND ITS ORIGIN

 

When referring to ‘Personal Data’, this means information collected from you or information supplied by other sources from which you may be personally identifiable.

 
HOW YOUR INFORMATION WILL BE USED

 

The information held by CityFleet Networks will only be used for the purpose of providing ground transportation services to you and / or your company. Your data will identify you to our system to make sure that your identity is not used fraudulently. We may also report back to you and to your company on the trips you have taken with us by way of providing Management Information reports. These reports will be delivered securely to authorised persons.

 

INFORMATION WE COLLECT AND HOLD

 
PERSONALLY IDENTIFIABLE INFORMATION (PII)

 

The table below details the PII that is held by CityFleet Networks in order to provide ground transportation services for its customers.

 

Name Device UUID Home address (if provided by Data Subject)
Contact phone numbers IP address Email address
Employee number / Unique ID Login Payment detail
 
PERSONAL DATA ASSOCIATED WITH (PII)

 

The table below details the personal data that is associated with the PII documented above.

 

Trip pickup and destination Trip pickup date and time Trip purpose
Vendor who provided the trip Registration of the vehicle Passenger on Board time
Booker details Drop off time Location of vehicle
 

ACQUISITUION AND COLLECTION OF DATA

 

Personal data held by CityFleet Networks maybe transferred to us by the Data Subject’s employer or regulator. The data enables CityFleet Networks to authenticate and validate an individual and set up a user profile. This user profile is maintained by the Data Subject or a delegate nominated by the Data Subject or the Data Subject’s employer.

 

In the case where the PII data is sent to CityFleet Networks by an employer or regulator, CityFleet Networks assumes the role of Data Processor and the employer or regulator assumes the role of Data Controller. CityFleet Networks will only use the information for the purpose specified in section 6 of this document.

 

Where the CityFleet Networks systems collect the information directly from service users, for instance if a home address is added to the profile for speed of booking purposes, CityFleet Networks assumes the role of Data Controller for that information but will still only use it for the purpose of providing ground transportation services.

CityFleet Networks expects that the customer or regulator, as the Data Controller that shares the information with CityFleet Networks will notify the Data Subject that their data has been transferred to CityFleet Networks along with the purpose for which it is shared and the lawful basis upon which it is being processed.

 

PERSONAL DATA AND ITS USES

 

CityFleet will use your data for the following purposes:

 

  • Provision of Transport Services
  • Answering Queries
  • Marketing Communications
  • Reporting and Billing

 

PROVISION OF TRANSPORT

 

The driver needs to know where to pick the Passenger up from, so CityFleet will require name and the pick-up address entered on the booking.

When the job is booked, the driver arrives, or if the driver is delayed your telephone, mobile number or email address will be used to notify you.

The passenger needs to know the details of the driver so the Passenger knows they are safely getting into the right vehicle, so the Driver name and registration details will be shared.

 

ANSWERING YOUR QUERIES

 

When contacting CityFleet for the purpose of raising questions or queries any personal data that you provide will be used to give a response.

In the case of an e-mail query, CityFleet may need to contact you by telephone in order to confirm the request came from you; this is to ensure that CityFleet can keep your data safe.

 

MARKETING COMMUNICATIONS

 

Where you elect to receive such material, CityFleet will from time to time send you information about our services or company news, which CityFleet believe may be of interest to you. At any time you may unsubscribe from (‘opt-out’) of such communications.

 

REPORTING AND BILLING

 

CityFleet use your personal data to provide management information and payment services to you or the ultimate Account Holder.

 

AUTOMATED DECISION MAKING

 

CityFleet do not use your personal data for any automated decision making.

 

PERSONAL DATA AND WHO CITYFLEET WILL SHARE THIS WITH

 

DRIVERS

 

If your trip is completed by a taxi, the driver needs to make sure it is you being picked up. The driver also needs to know where to pick you up and where to take you to.

 

SUBCONTRACTORS

 

If your trip is to be completed by a Subcontractor, CityFleet will send your details to a Taxi or Private Hire Car Company (“Company”) so they can accept your trip. The Company needs to ensure the car arrives and transports you safely to your destination. The Company also needs to make sure you are kept up to date with the progress of your booking. For this reason your data is processed by staff of the Company so that they may enter and monitor your booking.

 

All Companies that CityFleet use are affiliated to CityFleet, or are owned by CityFleet.

 

WHERE IS DATA STORED

 

CityFleet store your data in the United Kingdom.

 

SECURITY

 

CityFleet have implemented an Information Security Management System (ISMS) to ISO/IEC 27001:2013 standard, which has been certified by an accredited auditor. This demonstrates that CityFleet uses internationally recognised processes and best practices to manage infrastructure and organise that support and deliver its services.

 

The ISO/IEC 27001:2013 certificate confirms that CityFleet has implemented the guidelines and general principles for initiating, implemented, maintaining and improving the management of information security.

 

CityFleet will take reasonable precautions to keep your personal data secure, and require third party data processors to do likewise. All personally identifiable information is subject to restricted access to prevent unauthorised access, modification or misuse. Please note that CityFleet may release your personal data if required to do so by law, by search warrant, subpoena or court order.

 

YOUR RIGHTS

 

  • The right to be informed – You need to know how CityFleet use your data, and that is the purpose of this document. If any part of this document are unclear please contact us using the below postal and email address details. CityFleet are happy to explain and often use your feedback to update this document.
  • The right of access – You can request CityFleet to provide you with a copy of your data at any time.
  • The right to rectification – If the data CityFleet hold for you is incorrect; you can require us to update it.
  • The right to erasure – You can ask us to delete your data. Please be aware, that depending on the data delete, you may not be able to use the service, or all of its features. Should CityFleet delete your phone number for instance, CityFleet will have no way to contact you when your driver arrives.
  • The right to restrict processing – You can tell CityFleet how to use and how not to use your data. Please be aware, that depending on the data restrict, you may not be able to use the service, or all of its features. Should CityFleet restrict the processing of your name for example the driver will not know who to ask for when they arrive.
  • The right to data portability – If you request a copy of your data, you can request it in electronic form (as a spreadsheet attached to an email for instance).
  • The right to object – At any time you can object to how CityFleet use your data.
  • Rights in relation to automated decision making and profiling – If for instance CityFleet always send a SMS to your mobile and you would rather receive a phone call, you can have CityFleet change it for you.
  • Right to complain – If your request for any of the above was not handled satisfactorily by CityFleet, you have the right to complain. If you are still unhappy, you can complain to our Supervisory Authority. Their contact details are available at https://ico.org.uk.

 

COOKIES

 

Since 2011, the law states that cookies on websites can only be used with your specific consent. CityFleet’s website https://cityfleet.co.uk uses cookies in the operation of the site in a number of areas.

 

WHAT IS A COOKIE?

 

A cookie is a small file of data, often incorporating a unique identifier that is sent to your computer or mobile phone browser from a website’s computer. This data file stores the information you provide us with and in doing so enables us to ‘remember’ you on repeat visit, effectively letting you move around the site without having to keep reintroducing yourself. Most browsers accept cookies automatically, but you can set your browser to prevent this. If your browser’s preferences allow it, each website or third party service provider is able to send a cookie to your browser. However, to protect your privacy, your browser only allows these websites or third party service providers to access cookies already sent to you, not the cookies sent to you by other sites or other third party service providers.

 

HOW DOES THE CITYFLEET NETWORKS LIMITED WEBSITE USE COOKIES?

 

CityFleet’s website does not use cookies to collect personally identifiable information about you as a user of the site. The website does use a number of independent measurement companies. They gather information regarding the visitors to the website on our behalf using cookies, log file data and code which is embedded on our website. CityFleet Networks Limited uses this type of information to help improve the services it provides to its users. This website strictly requires that third parties do not use any of this type of information for their own business or other purposes.

 

THIRD PARTY COOKIES

 

Our website does contain hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies, including cookies, and we urge you to review them. They will govern the use of any personal information you submit or which is collected by cookies while visiting these websites. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

 

HOW TO MANAGE COOKIES

 

As a user of our website, you have the ability to accept or decline any of the cookies on the site. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline some or all cookies if you prefer.

 

A comprehensive audit of the site in terms of the main cookies that our website sets (and what each is used for) has been carried out. As a result of this we have compiled a list of these cookies to enable you to opt out if you wish.

 

FURTHER INFORMATION ABOUT COOKIES

 

If you’d like to learn more about cookies in general and how to manage them, visit https:aboutcookies.org
(Please note that we can’t be responsible for the content of external websites).

 

USE OF WEB TAGS

 

Our website pages contain electronic JavaScript code snippets known as web tags that allow CityFleet to count users who have visited these pages. Web tags collect only limited information which includes a cookie number, time and date of a page view, and a description of the page on which the web tag resides. These web tags do not carry any personally identifiable information and are only used to track the effectiveness of the website. Because web tags are the same as any other content request included in the request for a web page, you cannot opt-out or refuse them.

 

LOG FILES

 

Visits to our websites, like virtually all websites, are recorded in our log files. Log files record the pages you read and the files you download. CityFleet use this information to optimise our site rather than to collect any personal data.

 

PRIVACY NOTICE:

 

ALL CITYFLEET NETWORKS LIMITED GROUP CUSTOMERS

 

This privacy notice describes how the CityFleet Networks Limited Group (We/Us) collects and uses information about its customers, before, during and after the contractual relationship, to the extent such information is personal data in accordance with the UK General Data Protection Regulation (GDPR). This document also satisfies our obligations under The Data Protection Act 2018 (DPA). It applies to all customers of the CityFleet Networks Limited Group.

 

DATA CONTROLLER DETAILS

 

The Company is a data controller for the purposes of the GDPR and DPA and every customer on behalf of itself and any of its directors, shareholders, members, employees, servants and agents (“associates”) acknowledges the use and processing of personal data described in this privacy notice.

 

CityFleet Networks Limited Group (“CityFleet”) means CityFleet Networks Limited and any of its subsidiaries including, without limitation, CityFleet Networks Limited, Computer Cab (Aberdeen) Limited, Computer Cab (Liverpool) Limited, Argyle Satellite Limited, Kingkabs Limited, Westbus Coach Services Limited, CMAC Group Limited and Addison Lee Group Limited (further details of which can be found at http://cityfleet.co.uk/) and CityFleet are committed to protecting the privacy and security of personal information. Within this policy the term “the Company” is applicable to CityFleet Networks Limited and all its subsidiaries unless a specific company is named.

 

CATEGORIES OF DATA SUBJECTS

 

Whilst the majority of our customers are “corporates”, some may be sole traders, partnerships, consumers or Drivers. We may therefore collect personal data from those types of customers and any employees or individuals working for that customer (collectively “customers”).

 

PERSONAL DATA WE MAY HOLD

 

We limit the personal data held to what is relevant for supplying or marketing our servicers or otherwise conducting business.

Individuals from whom we retain personal data include customers, potential customers, drivers, suppliers, service providers, industry experts and others with whom we have a business or professional relationship. We may collect the following categories of personal data about customers:

 

  • Personal details including name, address, pick up and drop off addresses, email, and telephone number including mobile phone or other contact information.
  • Banking, payment and financial information.
  • Credit information (through an external third party).
  • Electronic identification data including IP address collected through our websites.
  • Contractual details including the products and services provided, trading history with the Company.
  • Audio recordings of all telephone orders, enquiries and customer communications (Audio Data).Images (still or video) from the closed circuit television (CCTV). On the Company’s sites or from on-board vehicle monitoring (CCTV Data).
  • Other business or marketing related personal details (such as business or professional role and/or title)
  • Marketing channel preferences (such as individual’s preference to be contacted via email and not by telephone)
 
SOURCES OF PERSONAL DATA

 

We obtain Personal data when individuals:

 

  • Are designated by their employer as our contacts for the purpose of including but limited to submitting proposals, managing the service relationship and paying invoices.
  • Use our services from the CityFleet Networks Limited Group of Companies.
  • Request information from us or otherwise provide the Company or a Company employee with their contact details or other personal data.
  • Personal data may also be obtained from published sources.

 

PURPOSES OF DATA PROCESSING

 

The Company collects and processes data about customers, some of which may be personal data as defined under The UK GDPR and DPA, for purposes which include:

 

As necessary to perform a contract with a customer including:

 

  • To take steps at the customer’s request prior to entering into a contract.
  • To decide whether to enter into a contract.
  • To make credit decisions about the customer or its associates regarding the contract or the entering into of a new contract with us.
  • To manage, perform and operate the contract and the customer’s account.
  • To update our records.
  • To resolve any complaints in relation to the contract;
  • To recover debts.

 

As necessary for our own legitimate interests or those of other persons and organisation, for example.

 

  • For good governance, accounting and managing and auditing our business operations.
  • To search credit reference agencies.
  • To protect the health and safety of workers and others.
  • Maintaining, monitoring, improving and enhancing our products and services.
  • To monitor Audio Data and CCTV Data for quality control and training or for the detection and prevention of crime or unauthorised use of our systems.

 

As necessary to comply with our legal obligations for example:

 

  • Where disclosure is necessary for or in connection with any legal proceedings (including prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights.
    For tax collection purposes.
  • To comply with any regulatory obligations to which we are subject.
  • Where we are required to do so by law (including under any legislation, or by a court or tribunal in any jurisdiction).
  • For fraud prevention and money laundering purposes in compliance with our statutory obligations.

 

We have conducted a Legitimate Interest Assessment (LIA) and have concluded that the processing is legal on this basis. The fundamental findings from LIA are below:

 

  • We have identified the legitimate interests.
  • We have determined that the delivery of the service to you is not possible without processing your data and as such the processing is necessary.
  • We have determined through our balancing test that your rights and interests do not override our legitimate interests.
  • We only use your data in ways you would reasonably expect to deliver your service.
 

HOW WE USE PERSONAL DATA

 

We use Personal data to:

  • Provide customers with services or data they request.
  • Advise customers and potential customers about services offered by the Company.
  • Instruct our suppliers and service providers and compensate them for their services.
    Correspond with our contacts.
  • Except as described further below under the heading Legal Matters, we disclose Personal data to others only with the individual’s prior permission or in the following limited circumstances.
  • In the course of customer work, we may disclose personal data concerning our customers to others in the same customer organisation or to third parties, or disclose third-party personal data to our customers, but only when we believe the disclosure is in the interest of both parties.

 

We sometimes provide personal data to other companies and individuals to perform functions on our behalf (for example, to a mailing service to process a large mailing, or to a service partner to provide a service to our customer). Such data will be used solely to perform the contracted services for the Company.

 

CATEGORIES OF PERSONAL DATA RECIPIENTS

 

We disclose personal data to a number of recipients which includes the following categories of persons:

 

  • Other companies within the CityFleet Networks Limited Group.
  • Auditors and professional advisors, such as our bankers, lawyers and consultants.
  • Law enforcement officials and statutory or regulatory authorities.
  • Third-party service providers, such as providers of transport services; CCTV management; Audio Data management; IT system management; credit checks, debtor tracing; contractors or subcontractors or associated services necessary to perform the contract.
  • We may use and replace any third party which we wish to use to assist us in meeting its obligations under the contract, and where such third party is a processor of personal data, this constitutes prior general written authorisation as envisaged by Article 28(2) of the GDPR.
  • We may transfer personal data outside the EEA in accordance with the principles of the UK GDPR as necessary to perform the contract.
 

DATA SECURITY

 

We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access of personal data to those employees, agents, customers, contractors and other third parties who have a business need to know. They will only process the personal data on our instructions and they are subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected data security breach and will notify the person and any applicable regulator of a suspected breach where we are legally required to do so.

 

DATA RETENTION

 

We will only retain personal data for as long as necessary to fulfil the purposes that we collected it for, including for the purposes of performing the contract, satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

YOUR RIGHTS

 

You may change your marketing channel preferences, or request that you stop receiving all communications from us, at any time by contacting us as provided below. (See complaints below and contacts page 15).

 

You may review your personal data at any time and instruct that it be corrected, updated, or deleted, by contacting us as provided below. We will take all reasonable steps to make the requested changes promptly. We may retain Personal data for a period in our backup systems. We may also retain some data for longer periods as required by law, contract, or auditing requirements.

 

LEGAL MATTERS

 

The Company may disclose personal data as we deem necessary to satisfy any applicable law, regulation, legal process, or governmental request. In this, we will strictly adhere to the relevant privacy laws and regulations.

 

DATA COLLECTED THROUGH ALL COMPANY WEB SITES

 

We also collect personal data from users of our web sites. Our use and handling of this data are governed by the CityFleet Networks Limited Privacy and Data Protection Policy. Any personal data gathered through our web sites that are used in the Company general customer contact and marketing databases along with other personal data are treated in accordance with the CityFleet Networks Limited Privacy and Data Protection Policy.

 

CHANGES TO THIS RECORD OF PROCESSING ACTIVITIES

 

We reserve the right to amend this Privacy Notice from time to time consistent with the GDPR and other applicable data protection requirements.

 

COMPLAINTS

 

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) the UK supervisory authority for data protection issues.

 

CONTACTS

 

If you wish to ask any data protection questions or raise any data protection issues with us, please contact us using the details below:

Data Protection Team
CityFleet Networks Limited
Email: dataprotectionofficer@cityfleet.co.uk

CALL NOW