Privacy statement for Taxi 1 AS
This privacy policy applies to all processing of personal data at Taxi 1 AS.
Taxi 1 AS is the data controller.
The privacy policy states which personal data is processed and for which purposes.
Providing taxi services, as well as offering customer service and support
1a. Necessary information for the taxi center to be able to deliver the taxi service:
Name, telephone number, pick-up and delivery address, driving route, payment information and any other information you provide in connection with a trip booking.
1b. Services that provide a better user experience:
Several of our ordering solutions have positioning services to quickly give you the address of the place you are. You give and withdraw access to the device's location in the respective solutions and your devices.
We use cookies and collect information from the devices you use to order with, so that we can detect and correct technical errors, make general improvements to our ordering solutions and provide you with additional functions such as sending push messages, "track a taxi" etc.
When ordering by phone, an automatic look-up can be done in previous orders in the last 12 months from the same phone number. In this way, we can provide you with faster service and a reduced possibility of misregistration of tour bookings. These order details are not released to callers.
All bank payment services offered in the cars or in the ordering solutions are safely handled by PCI-certified third-party solutions. The taxi center does not itself process personal data from these solutions.
If you register your payment cards to receive an electronic receipt, the e-mail address you register will not be used for other purposes, unless you have explicitly approved this when you register the cards. Any consent can be withdrawn at the same place.
Together, this information forms your personal profile in our systems.
Preparation of statistics and analyses
Only anonymised information is used to prepare statistics and analyzes so that the taxi centers can improve their service and report statutory requirements to the authorities.
Prevent abuse
Information about telephone numbers and device information is stored to prevent abuse of the services. The taxi centers have a legitimate interest in having blocking lists that prevent certain people, who for various reasons should not be allowed to order a taxi, from using the services. For example, if a person repeatedly orders a taxi without using it.
Fulfill legal obligations
Information is collected and stored on, among other things, driving routes, payment information and receipts so that the taxi center and license holders can fulfill legal obligations, for example in accordance with the Bookkeeping Act.
5. Storage and deletion of information
The controller keeps a detailed and comprehensive overview of all types of personal data in a separate register (Personal Data Register) which is reviewed and updated at regular intervals. All information collected in connection with the taxi services is stored in accordance with applicable law/regulation or agreement. Storage time for the personal data falls into two categories; respectively 3 years for information needed to process complaints etc. and 5 years for information that falls under the Bookkeeping Act. Deletion of the personal data must be carried out within 1 year after the storage period has expired.
AGREEMENT, CONSENT AND WITHDRAWAL OF CONSENT
The storage and processing of personal data in the APPs is legally justified as "necessary to carry out an agreement with the data subject". Explicit consent is therefore not obtained.
If you wish to have your customer profile deleted, you can do so in the APP under "My profile". Your customer profile is not deleted if you uninstall the APP, as uninstallation is often used to update the APP.
SECURING PERSONAL INFORMATION
Your personal data is processed in accordance with Act on the Processing of Personal Data (Personal Data Act) and consent to participate in a decision in the EEA Committee on the incorporation of Regulation (EU) No. 2016/679 (General Data Protection Regulation) into the EEA Agreement.
We are concerned with securing personal data against accidental access, alteration or deletion by unauthorized persons and have a well-developed security solution for access to the systems and services.
The services run and store data in two logical environments:
Server park in Norway.
Cloud services from a recognized supplier with storage in the EU/EEA area.
The taxi centers (those responsible for processing) have signed a data processing agreement for the operation of the services.
PROVISION OF PERSONAL INFORMATION:
No personal data is provided to third parties. Exceptions are inquiries from the police with a justified purpose, and only with the consent of the data controller at the relevant central office.
Taxi customers who want access to their registered personal data must contact the taxi center used. Basically