RiaTrop

PRIVACY AND COOKIES POLICY

RIA TROP

www.riatrop.com

The Owner of the Platform RIA TROP:

RIATROP LTD Bartłomiej Kacperski, Company Number 16464794, Alcombe 69A, Minehead, United Kingdom, TA24 6BD, e-mail: contact@riatrop.com.

Your privacy is important to us. It is our interest to respect your privacy and your right to deal with the information about you.

This Privacy Policy helps you to understand how we use your personal information, who we share it with and the rights that you have.

We change the terms of this Privacy Policy from time to time and you should check it regularly. The last updated date is shown at the end of this document. If we make any material changes we will take steps to bring it to your attention.

The legal rules about dealing with personal data are strictly followed by us.

I. GENERAL INFORMATION

1. This document specifies the privacy principles applicable in the Platform RIA TROP.

2. For the purposes of data protection legislation, we are the data controller of your personal data. RIATROP LTD Bartłomiej Kacperski, Company Number 16464794, Alcombe 69A, Minehead, United Kingdom, TA24 6BD, e-mail: contact@riatrop.com.

3. We are committed to complying with the Data Protection Act 2018 (DPA).

II. PERSONAL INFORMATION

1. The data controller collects information provided voluntarily by the Online Platform Users.

2. Moreover, the data controller may record the information about connection parameters, like IP addresses, for technical purposes, for server administration and for collection of general, statistical demographic information (e.g. about the region from which the connection comes), and for security purposes.

3. The data controller shall make an extra effort in order to protect privacy and information about the Online Platform Users provided to him. The data controller shall exercise due diligence when selecting and applying appropriate technical measures, including those of programming and organizational nature, in order to protect the processed data, and in particular he shall protect the data from unauthorized access, disclosure, loss and destruction, unauthorized modification, and also from their processing with the breach of the applicable provisions of law.

4. Personal data will be:

  • a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).
  • b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’).
  • c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’).
  • d) accurate and, where necessary, kept up to date (‘accuracy’).
  • e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’).
  • f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

III. INFORMATION AND DATA WE COLLECT

1. We ensure that the collection and use of your personal data is lawful. Therefore, for the purposes listed below, we only use your personal data if one of the following conditions apply:

  • a) You have given us your consent.
  • b) We need your personal data for the performance of a contract you enter into with us, such as when you purchase a product through the website.
  • c) We need to comply with legal obligations.
  • d) We need to protect your vital interests.
  • e) Your data is necessary for the public interest, or
  • f) We have a legitimate interest in processing the personal data.

2. The Controller processes your personal data in the following scope:

  • a) Passenger: first name, surname, e-mail address, password, telephone number, payment details (processed by Stripe), profile photo, photo of identity card. Purpose: booking journeys, processing payments, communicating with customers.
  • b) Driver: first name, surname, contact details, vehicle details, legally required documents (licence, insurance). Purpose: verification and enabling the provision of transport services.
  • c) username, e-mail address and password, phone number, in order to register the account when using an external provider such as Facebook, Google, Apple.
  • d) username, e-mail address, information regarding the time and frequency of logging in to the Application, the type of browser used by the User, the IP number of the device used to log on, the type and parameters of the device on which the Application is installed.
  • e) e-mail address for marketing purposes.
  • f) details of your use of our services including but not limited to metrics data about when and how you use the services, traffic data.
  • g) details about your use of social networks and our services (if you have linked our services to a social networking account or you visit our official profiles in social media). This may potentially include certain data from Facebook/LinkedIn or other social networks in the extent necessary to provide you with all functions of Platform/Application.
  • h) information stored locally: Some of our web-enabled desktop services synchronize with the information on your computer. In doing so, we may collect information such as device information, product usage, and error reports. We may also store personal information locally on your device.
  • i) information collected by our mobile app (iOS and Android): RIA TROP uses the GPS device on your phone to store its location and display this on your mobile device. This data is only collected if the mobile app is being used. Your mobile device operating system may provide additional options for you to control the collection and use of this information by mobile app.
  • j) data stored in cookies, including data on the time and frequency of logging in to the Application, the type of browser used by the User, the IP number of the device, the type and parameters of the device on which the Application is installed, in order to personalise the content displayed and to compile anonymous statistics.

3. If you make a purchase, our third-party payment service provider (STRIPE) may require additional personal information. This information, which is required to process your payment, is not collected or stored by us. We do not store credit or debit card details or share customer data with any 3rd party unless it is for the purpose of delivering the product or service you have purchased. During the payment process, you will be able to familiarize yourself with the privacy terms of payment providers.

IV. THE LAWFUL BASES WE USE TO PROCESS DATA

1. We will only ever process your data if we have a lawful basis to do so. The lawful bases we rely on are:

  • a) Contract – This is where we process your data to fulfil a contractual arrangement, we have made with you or because you have asked us to carry out a service before entering a contract.
  • b) Consent – This is where we have asked you to provide permission to process your data for a particular purpose.
  • c) Legitimate Interests – This is where we rely on our interests as a basis for processing.
  • d) Legal Obligation –This is where we have a statutory or other legal obligation to process the data, such as to comply with regulatory requirements and/or requests.
  • e) Vital interests –This is where the processing of personal data is necessary to protect someone’s life.

V. HOW LONG WE KEEP YOUR PERSONAL DATA

  • 1. We will hold personal data including but not limited to name, address and contact details for the period we are required to retain this information by applicable UK tax law currently seven years.
  • 2. We may store other personal information that you have provided us for as long as it is reasonably necessary taking into consideration our need to provide you with the services you have signed up to, to resolve any disputes, enforce our rights and/or respond to queries.

VI. YOUR RIGHTS

1. You have a number of “Data Subject Rights”, we have explained below what they are and how you can exercise them. You can read more about these rights on the UK Information Commissioner's Office website at https://ico.org.uk/for-the-public/.

  • a) Right of access –You have the right to request a copy of the personal data that we hold about you.
  • b) Right to rectification –If you think any of your personal data that we hold is inaccurate, you have the right to request it is updated. We may ask you for evidence to show it is inaccurate.
  • c) Right to erasure– (also known as the right to be forgotten) – You have the right to request that we delete your personal data that we hold.
  • d) Right to restriction of processing –You have the right to request we restrict or suppress the personal data we hold about you.
  • e) Right to data portability –You have the right to ask us to electronically transfer your personal data to another organisation in certain circumstances.
  • f) Rights with regards to automated decision making, including profiling – You have the right not to be subject to a decision that is based solely on automated processing if the decision affects your legal rights or other equally important matters and to object to profiling in certain situations, including for direct marketing.
  • g) Right to withdraw Consent – Where we are relying on your consent for processing you can withdraw or change your consent at any time.

2. The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal data about another person, if you ask us to delete data which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your data for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal data.

3. We encourage you to get in touch if you have any concerns with how we collect or use your personal data. You have the right to lodge a complaint directly with a Data Protection Authority. The Data Protection Authority in the UK, where we are based, is the Information Commissioner's Office (ICO), you can contact the ICO here: www.ico.org.uk

VII. RECIPIENTS OF PERSONAL DATA

1. Recipients of the User's personal data: drivers, accounting companies, suppliers of the goods, assembly services, providers of IT solutions, payment processing companies, banks, companies providing marketing services, telecommunication providers, law offices, authorised state authorities.

2. Online payments are processed by Stripe.

  • a) Stripe Payments Europe, Ltd., a company incorporated in Ireland and with offices at 1 Grand Canal Street Lower, Grand Canal Dock, Dublin).

3. Transaction data, including personal data, may be transferred to Stripe to the extent necessary to handle payment for the order. The User has the right to access their data and correct it. The provision of data is voluntary and at the same time necessary for the use of the website.

4. We do not allow third-party suppliers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

5. In order to process your personal data for the purposes set out in this Privacy Policy, we may transfer your personal data to third parties that are based outside of the EEA or the UK. For any personal data transfers to the EEA, we will continue to follow all regulatory and legal requirements set out EU-UK Trade and Cooperation Agreement, and any subsequent arrangements that are agreed.

6. Whenever we transfer your personal data out of the EEA, we attach a similar degree of protection to it (as it would receive in the EEA) by ensuring at least one of the following safeguards is implemented:

  • a) We will only transfer your personal data to countries, territories or sectors within a country that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • b) The transfer is subject to a legally binding and enforceable commitment on the recipient to protection the personal data (e.g. through the use of European Commission approved standard contractual clauses).
  • c) The transfer is made subject to binding corporate rules.
  • d) The transfer is based on a derogation from restrictions on transferring personal data outside of the EEA (such as where you give your consent, the transfer is necessary for the performance of contract with you, or the transfer is necessary for the establishment, exercise or defence of legal claims).

VIII. EXTERNAL LINKS

1. The Platform may contain links to third party websites whose information and data protection practices are different to those of our company. RIA TROP is not liable for the information or data protection practices used by third parties on their websites. It is recommended, before using other websites, to read and understand the terms of use and their privacy policy. The company does not check the availability, content, privacy policy, quality and completeness of other web sites that the Platform may refer to through \"links\", hyperlinks, or banners. RIA TROP shall in no case be deemed to embrace or accept the content or services of the websites and pages to which it refers to or that it is in any way affiliated to them.

IX. COOKIES

1. We use cookies on our website.

2. When viewing the Online Service websites “cookie” files are used, which are small text files recorded in the User’s target device in connection with using the Online Service. They are used in order to improve the experience with the Online Service websites.

3. The “cookie” files used by the Controller are safe for the User’s devices. In particular, it is not possible for viruses or other unwanted or malicious software to enter the User’s devices in that way. Those files allow to identify the software used by the User and to adjust the Online Service to each User individually. “Cookie” files sometimes contain information about the domain name of their origin, how long they are kept in the device and the ascribed value.

4. Due to the purpose of collecting cookies, we distinguish the following Cookies:

  • a) necessary Cookies: necessary for the proper functioning of the service - files processed on the basis of the legitimate interest of the controller.
  • b) statistics Cookies: they allow us to study website traffic, learn about our users' preferences, analyse their behaviour on the site and enable interactions with external networks and platforms - files processed based on the user's voluntary consent.
  • c) marketing Cookies: they allow us to tailor the advertising and content displayed to our users' preferences and to conduct personalized marketing campaigns - files processed based on the user's voluntary consent.

5. “Cookie” files may be used by advertisement networks, by the Google network, in order to display advertisements adjusted to the way the User uses the Online Service. To that end, the information may be retained about the User’s navigation path or the time spent on the given website.

6. As regards the information about the User’s preferences collected by the advertising network Google, the User may view and edit the information related to cookie files by means of the following tool: https://www.google.com/ads/preferences/.

7. The User may, by himself and at any time, change the “cookie” files settings, specifying the conditions of their storing and of their access to the User’s device. The settings referred to in the previous sentence may be changed by the User through the web browser settings or through configuration of the service. Those settings may be changed in particular so as to block automatic support for “cookie” files in the web browser settings or to inform each time they are introduced to the User’s device. Detailed information about the possibilities and ways of supporting cookie files is available in the software (web browser) settings.

8. To learn how to manage cookies, including how to disable them in your browser, you can use the help section of your browser. You can learn more about this by pressing the F1 key while in your browser. In addition, you will find appropriate tips on the following pages, depending on the browser you are using: Firefox, Chrome, Safari, Internet Explorer / Microsoft Edge.

9. The User may remove “cookie” files at any time, using the functions available in the web browser he uses.

10. Limitation of the “cookie” files application may affect some functionalities available on the Online Service website.

11. We use the services of: Google Analytics, Google ADS, Meta Pixel.