Driver Privacy Policy
INTRODUCTION
We are 57 Taxis Limited. 57 Taxis Limited is the controller of your personal information, and is responsible for your personal information. All references in this policy to “Drive “, “our”, “us”, or “we” refer to 57 Taxis Limited.
This privacy notice sets out how we process your personal information, as part of our business to business relationship with you as a self-employed Drive driver.
It is important that you read this privacy notice so that you are aware of how and why we are using your personal information.
WHAT THIS POLICY CONTAINS
1. YOUR RIGHT TO OBJECT
2. WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
3. WHEN DO WE COLLECT YOUR PERSONAL INFORMATION?
4. WHY DO WE COLLECT PERSONAL INFORMATION?
5. DISCLOSURE OF YOUR INFORMATION
6. TELLING YOU ABOUT OUR SERVICES
7. HOW DO WE KEEP YOUR PERSONAL INFORMATION SECURE?
8. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?
9. CHANGES TO YOUR PERSONAL INFORMATION
10. WHAT ARE OUR OBLIGATIONS?
11. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
12. CONTACT
13. CHANGES TO OUR PRIVACY POLICY
YOUR RIGHT TO OBJECT
You have various rights in respect of our use of your personal information as set out below. Two of the
fundamental rights to be aware of are that:
- you may ask us to stop using your personal information for direct-marketing purposes. If you exercise this right, we will stop using your personal information for this purpose.
- you may ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our, or another person’s, legitimate interest.
WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
We process the following categories of personal information about you:
- personal Information including your name, residential address, email address and your phone number we receive from you when creating an account and then using our services;
- personal information relevant to your competence to drive and vehicle details such as your DVLA driving licence, your local authority private-hire driver licence, vehicle MOT certificate and vehicle insurance documents;
- bank account details and payment history;
- passenger complaint records;
- information provided to us by a Third Party and/or collected from public records in the case of fraud or suspected fraud. In the case of fraud or suspected fraud, we may obtain information from Third Parties and from public records to prevent and detect fraud;
- personal information and special category information such as information about your health as provided to us by the local authority in connection with your private-hire licence application, or motoring convictions/endorsements;
- information provided to us by the DVLA as a result of driver licence checks;
- CCTV information: i) some vehicles are fitted with dashboard cameras, your image may be picked up by them when you enter, exit or operate the vehicle ii) our offices are covered by CCTV and your image may be picked up when you enter or exit our premises;
- information about your use of our communications and dispatch routing system(s);
- your GPS location when you are logged onto the driver portal/booking system;
- information located on social media accounts (only in limited circumstances to check for specific risks
such as passenger complaints).
Please note that in compliance with data protection legislation, we may process your personal information without your knowledge or consent where this is required or permitted by law.
WHEN DO WE COLLECT YOUR PERSONAL INFORMATION?
When you start your engagement with us, apply to be a driver through the Drive driver application and engagement process; and when we receive your personal information from Third Parties.
WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
Under data protection legislation we may only process your personal information if we have a legal basis (i.e. a legally permitted reason) for doing so. For the purposes of this Policy, our legal basis for processing your Information is set out below:
a) The processing of the information listed below is necessary for the performance of the contract between us, enabling us to:
- comply with the terms and conditions of business between us and make decisions about your continued engagement;
- monitor and assess the quality of our service;
- ensure that content from the driver portal is presented in the most effective manner for you and for your device.
b) The processing is necessary for Drive’s legitimate interests so that we can:
- meet service requirements such as complaint handling and feedback;
- ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution; and
- process your personal information in order to send you non-marketing service related messages, as described in the Telling You About Our Services section below.
c) The processing is necessary to comply with a legal obligation e.g. so that we can:
- Comply with our legal and regulatory obligations imposed by the licensing authority where we provide services;
- Deal with legal disputes involving you, or other drivers, contractors, or passengers transported by you when you operate as a driver with Drive, including in relation to accidents that may occur while you are driving; and
- Comply with a request for information (where legally permissible) from law enforcement agencies and/or government bodies for the purposes of prevention or detection of crime or the apprehension or prosecution of offender. This enables us to comply with legal obligations that we are subject to. Further information can be found under ‘Disclosure of your Information’ below.
d) Where the processing is necessary to protect vital interests
We may process your personal information in the rare instance of requiring to process personal information in order to save someone’s life.
e) Where we process special category personal information
We will process your special category personal information on the basis of a contract between you and us and also in relation to your employment, social security and social protection (although for the avoidance of doubt, you are not an employee or worker but a self-employed contractor).
DISCLOSURE OF YOUR INFORMATION
We may disclose your Personal Information to:
- other companies within our group of companies.
- our third party contractors and advisors such as DiSC telephony and iCabbi providers (and any business partners, service providers or third party contractors of any other companies within our group of companies) to enable them to undertake services for us and/or on our behalf;
- any prospective buyer or seller (and their representatives) in the event that we sell or buy any business or assets;
- HMRC, other government departments and regulators, in order to comply with any legal obligation;
- to other persons or the general public. This includes sharing information in connection with legal or insurance claims to protect the rights and safety of others;
- disclose aggregated/anonymous information i.e. information from which you cannot be personally identified, or insights based on such anonymous information, to selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the website. In such circumstances we do not disclose any information which can identify you personally; and
- If our whole business is sold or integrated with another business your Information may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.
TELLING YOU ABOUT OUR SERVICES
Communicating with drivers is an essential part of our business to business relationship. We will therefore contact you by telephone, SMS / digital messaging services, PDA or by email in relation to non-marketing, service-related communications.
COOKIES AND RELATED SOFTWARE
Please see our separate Cookie Policy for further information about how we use cookies.
OVERSEAS TRANSFERS
From time to time we will transfer your personal information to countries outside the European Economic Area, which comprises the EU member states plus Norway, Iceland and Liechtenstein (“EEA”).
Where the European Commission has not recognised the relevant country outside the EEA to which your personal information is transferred as having adequate protections in place regarding protection and use of your data, we will ensure that adequate procedures are put in place for the security of your personal information.
HOW DO WE KEEP YOUR PERSONAL DATA SECURE?
We have put in place measures to protect the security of your personal information both in accordance with the requirements of the GDPR 2018 and the Data Protection Act 2018.
Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered and/or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?
We will only retain your personal information for as long we need to. This includes satisfying any regulatory, legal, accounting and/or reporting requirements.
We will retain your information as follows:
- your account information (including your technical usage data), for 7 years, after you last use our services; and
- records of bookings, lost property and complaints for a minimum of 12 months (we are required to retain such data to comply with our regulatory requirements).
CHANGES TO YOUR PERSONAL INFORMATION
It is important that the personal information we hold about you is accurate and current. Please keep us informed if the personal information changes during your working relationship with us.
WHAT ARE OUR OBLIGATIONS
Under data protection legislation, we are a Data Controller and therefore we are responsible for, and control
the processing of, your personal information. Such information must be protected in accordance with data
protection legislation.
In accordance with data protection legislation your personal information will be;
- used lawfully, fairly and in a transparent way;
- collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- relevant to the purposes we have told you about and limited only to those purposes;
- accurate and kept up to date;
- kept only as long as necessary for the purposes we have told you about; and
- kept securely.
YOUR RIGHTS IN RELATION TO PERSONAL INFORMATION AND HOW TO EXERCISE THEM
If you are an individual, you have the right to;
- ask us to provide you with copies of personal information we hold about you;
- ask us to provide your personal information to a third party provider of services. This right only applies where we use your personal information on the basis of your consent or performance of a contract and where our use of your information is carried out by automated means;
- ask that we correct any personal information if it is found to be inaccurate or out of date;
- ask that your personal information is erased where it is no longer necessary for us to keep it;
- request a restriction to be placed on further processing of your personal information where there is a dispute in relation to the accuracy or processing of your personal information;
- object on legitimate grounds to the processing of your personal information, where applicable i.e. where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority) and processing for the purposes of scientific/historical research and statistics);
- ask us to stop using your personal information for direct marketing purposes. If you exercise this right, we will stop using your personal information for this purpose. If you wish to exercise this right, you should contact us, or contact the relevant third party using their given contact details, giving us or them enough information to identify you and deal with your request. Alternatively, you can follow the unsubscribe instructions in emails you receive from us or them.
There are some exemptions, which may apply, for example, information collected and processed for the prevention, investigation, detection or prosecution of criminal offences.
CONTACT
If you have any difficulty in reading or understanding this Policy, or if you would like this Policy in another format (for example audio, large print or braille), please get in touch with us.
Our Compliance Team will oversee compliance of this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact us.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
CHANGES TO OUR PRIVACY POLICY
We may update our privacy policy from time to time. Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by post or email. Please check back frequently to see any updates or changes to our privacy policy.