All CityFleet Networks Limited group customers
This privacy notice describes how the CityFleet Networks Limited Group (We/Us) collects and uses information about its customers, before, during and after the contractual relationship, to the extent such information is personal data in accordance with the EU Regulation 2016/679 General Data Protection Regulation (GDPR). This document also satisfies our obligations under Article 30 of the GDPR and The Data Protection Act 2018 (DPA). It applies to all customers of the CityFleet Networks Limited Group (You).
Data controller details
The Company is a data controller for the purposes of the GDPR and DPA and every customer on behalf of itself and any of its directors, shareholders, members, employees, servants and agents (“associates”) acknowledges the use and processing of personal data described in this privacy notice.
CityFleet Networks Limited Group (“CityFleet”) means CityFleet Networks Limited and any of its subsidiaries including, without limitation, CityFleet Networks Limited, Computer Cab plc, Computer Cab (Aberdeen) Limited, Computer Cab (Liverpool) Limited, Argyle Satellite Limited (Wirral), Argyle Satellite Contract Services Limited (Wirral) and KingKabs Limited (Chester). CityFleet Networks are committed to protecting the privacy and security of personal information. Within this policy the term ”the Company” is applicable to CityFleet Networks Limited and all its subsidiaries unless a specific company is named.
Categories of data subjects
Whilst the majority of our Account customers are “corporates”, some may be sole traders, partnerships or consumers. We may therefore collect personal data from those types of customers and any employees or individuals working for that customer (collectively “customers”).
Our Customers also include the general Public making Taxi and Private Hire Car bookings, and our training school students.
Personal data we may hold
We limit the personal data held to what is relevant for supplying or marketing our servicers or otherwise conducting business.
Individuals from whom we retain personal data include customers, potential customers, suppliers, service providers industry experts and others with whom we have a business or professional relationship. We may collect the following categories of personal data about customers:
- Personal details including name, address, pick up and drop off addresses, email, telephone number including mobile phone or other contact information.
- Banking, payment and financial information
- Credit information (through an external third party).
- Electronic identification data including IP address collected through our websites;
- Contractual details including the products and services provided, trading history with the Company;
- Audio recordings of all telephone orders, enquiries and customer communications (Audio Data); and/or
- Images (still or video) from the closed circuit television (CCTV) on the Company’s sites or from onboard vehicle monitoring (CCTV Data).
- Other business or marketing related personal details (such as business or professional role and/or title)
- Marketing channel preferences (such as individual’s preference to be contacted via email and not by telephone)
Sources of personal data
We obtain Personal data when individuals:
- are designated by their employer as our contacts for the purpose of including but limited to submitting proposals, managing the service relationship and paying invoices
- use our services from the CityFleet Networks Limited Group of Companies
- request information from us or
- otherwise provide the Company or a Company employee with their contact details or other personal data.
- Personal data may also be obtained from published sources.
Purposes of data processing
The Company collects and processes data about customers, some of which may be personal data as defined under GDPR and DPA, for purposes which include:
- As necessary to perform a contract with a customer including:
- To take steps at the customer’s request prior to entering into a contract;
- To decide whether to enter into a contract;
- To make credit decisions about the customer or its associates regarding the contract or the entering into of a new contract with us;
- To manage, perform and operate the contract and the customer’s account;
- To update our records;
- To resolve any complaints in relation to the contract;
- To recover debts.
- As necessary for our own legitimate interests or those of other persons and organisation, for example:
- For good governance, accounting and managing and auditing our business operations;
- To search credit reference agencies;
- To protect the health and safety of workers and others;
- Maintaining, monitoring, improving and enhancing our products and services;
- To monitor Audio Data and CCTV Data for quality control and training or for the detection and prevention of crime or unauthorised use of our systems.
- As necessary to comply with our legal obligations for example:
- Where disclosure is necessary for or in connection with any legal proceedings (including prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights;
- For tax collection purposes;
- To comply with any regulatory obligations to which we are subject;
- Where we are required to do so by law (including under any legislation, or by a court or tribunal in any jurisdiction);
- o For fraud prevention and money laundering purposes in compliance with our statutory obligations.
How we use personal data
We use Personal data to:
- provide customers with services or data they request,
- advise customers and potential customers about services offered by the Company,
- instruct our suppliers and service providers and compensate them for their services,
- correspond with our Contacts.
- Except as described further below under the heading Legal Matters, we disclose Personal data to others only with the individual’s prior permission or in the following limited circumstances:
In the course of customer work, we may disclose personal data concerning our customers to others in the same customer organisation or to third parties, or disclose third-party personal data to our customers, but only when we believe the disclosure is in the interest of both parties.
We sometimes provide personal data to other companies and individuals to perform functions on our behalf (for example, to a mailing service to process a large mailing, or to a service partner to provide a service to our customer). Such data will be used solely to perform the contracted services for the Company.
Categories of personal data recipients
We disclose personal data to a number of recipients which includes the following categories of persons:
- Other companies within the CityFleet Networks Limited Group;
- Auditors and professional advisors, such as our bankers, lawyers and consultants;
- Law enforcement officials and statutory or regulatory authorities;
- Third-party service providers, such as providers of transport services; CCTV management; Audio Data management; IT system management; credit checks, debtor tracing; contractors or subcontractors or associated services necessary to perform the contract.
- TAXI DRIVERS. If your trip is completed by a taxi, the Driver needs to make sure it is you being picked up. The driver also needs to know where to pick you up and where to take you to.
- PRIVATE HIRE CAR COMPANIES. If your trip is to be completed by a car, CityFleet will send your details to a Private Hire Car Company so they can accept your trip. The Private Hire Car Company needs to ensure the car arrives and transports you safely to your destination. The Private Hire Car Company also needs to make sure you are kept up to date with the progress of your booking. For this reason your data is processed by staff of the Private Hire Car Company so that they may enter and monitor your booking.
- PRIVATE HIRE CAR DRIVERS. The Driver needs to make sure it is you being picked up. The driver also needs to know where to pick you up and where to take you to.
We may use and replace any third party which we wish to use to assist us in meeting its obligations under the contract, and where such third party is a processor of personal data, this constitutes prior general written authorisation as envisaged by Article 28(2) of the GDPR.
We may transfer personal data outside the EEA in accordance with the principles of the GDPR as necessary to perform the contract.
We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access of personal data to those employees, agents, customers, contractors and other third parties who have a business need to know. They will only process the personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify the person and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain personal data for as long as necessary to fulfil the purposes that we collected it for, including for the purposes of performing the contract, satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You may change your marketing channel preferences, or request that you stop receiving all communications from us, at any time by contacting us as provided below. (See Contacts and Complaints.)
We take all reasonable practicable steps to ensure that we only collect the minimum amount of data required for us to provide our services to you. We also take all reasonable practicable steps ensure data is accurate.
You may review your personal data at any time and instruct that it be corrected, updated, or deleted, by contacting us as provided below. We will take all reasonable steps to make the requested changes promptly. We may retain Personal data for a period in our backup systems. We may also retain some data for longer periods as required by law, contract, or auditing requirements.
The Company may disclose personal data as we deem necessary to satisfy any applicable law, regulation, legal process, or governmental request. In this, we will strictly adhere to the relevant privacy laws and regulations.
Data collected through all company web sites
We also collect personal data from users of our web sites. Our use and handling of this data are governed by the CityFleet Networks Limited Privacy and Data Protection Policy. Any personal data gathered through our web sites that are used in the Company general customer contact and marketing databases along with other Personal data are treated in accordance with the CityFleet Networks Limited Privacy and Data Protection Policy.
Changes to this record of processing activities
We reserve the right to amend this Privacy Notice from time to time consistent with the GDPR and other applicable data protection requirements.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) the UK supervisory authority for data protection issues.
If you wish to ask any data protection questions or raise any data protection issues with us, please contact us using the details below:
Data Protection Team, CityFleet Networks Limited, CDG House, 329 Edgware Road, Cricklewood, London, NW2 6JP
Tel: +44 (0)20 7432 1630