Privacy Policy

We respect your privacy

 

Cheetah Limited (CRN 02005174) of 148 Manor Park Road, London NW10 4JR is the data controller for the purpose of the Data Protection Act 1998. Our Privacy policy will explain how personal data we collect is processed,stored and used. We are happy to hear your thoughts and views – so please take time out to read and share your feedback.

User Data Collection and Handling

 

We have a legal requirement to process your data in order to satisfy TFL regulations and ensure accuracy in the booking process.

Cheetah Limited collects the following user data:

  • data provided by users - for example, data given in the process of app account registration.
  • data created by users in the process of using app services, like geopositioning, data about app operation and data about user's device.
  • data gathered from other sources - like business partners, financial services providers and state authorities.
  1. Data provided by users
  • user profile data, such as: first name, last name, email, mobile number, physical address, payment and bank account data, driving license data, user vehicle data, user photos. User photo needs to be provided in order to meet requirements of TFL regulations.
  • user profile data, such as: first name, last name, email, mobile number, physical address, payment and bank account data, driving license data, user vehicle data, user photos. In some cases it is required by the law to provide driver photo.
  • checking documents and verifying driver's identity might require checking licenses, photos, user name and last name.
  • some data can be provided when users turn to technical support, this might include bank details, user device information, user app information, recordings of telephone calls in case of a user calls support, trip data (date and time, physical addresses, flight information).
  1. Data created by users in the process of using app services
  • Geopositioning data. We track geoposition of drivers and passengers in order to organise a ride, provide maximum comfort and service level, provide safety and identify and prevent any fraud activity. Geopositioning is collected from mobile devices and only if users allow. Users can disable geopositioning, but this may result in poor service.
  • Transaction data. We collect data on transactions made due to using our services, this includes type of transaction, amount, date and time of transation, card holder name.
  • App usage data. We gather data on how users interact with our app and services. This data includes data and time of logging in and logging out, app functionality, app failures and system data needed to improve app quality and performance.
  • Device data. We may collect data about the device which is used for access to our services, such as device model, IP address, unique device id, geo data and connection quality data.
  1. Data collected from other sources
  • This is data from business partners which provide additional services: payment providers, apps and web-sites which use our API or which API is used by our app.
  • This is data from business partners, such as travel data, including information about passengers or drivers.
  • State authorities data.

All Transaction Details are recorded to assist with future bookings with us and for compliance (TFL). These details aid speed the booking process working.

  

How Data is Used

 

Personal user data is used for:

  • service providing.
  • security providing.
  • customer support.
  • research and development.
  • sending non-marketing messages.
  • fulfilling legislation requirements and court orders.
  • business process automation.
  1. Service Providing

Cheetah Limited uses data for proving, personification, support and improving of its services. Such as:

  • Creating accounts and changing its data.
  • Providing riding service (geopositioning data for service improvement), data exchange (calculation of arriving time, security providing, routes calculation, linking to flight information, tracking and sending information about a ride).
  • Payment processing and other financial data.
  • Performing operations which are neededin order to improve service and customer support, testing, analysis and also monitoring of services used.
  1. Security Providing

Cheetah Limited uses data for providing security and protection of users and also security for our services. This includes:

  • in order to comply with government requirements we may ask to provide driver photo and also passing it to passengers.
  • using data from drivers and passengers devices in order to evaluate journey safety and reminding to subcontractors to make their driving safer.
  • using data from drivers and passengers devices in order to identify and prevent any fraud activity. For example, we detect fraud accounts and cases when our services are used for illegal purposes, and prevent unauthorised access to our users accounts.
  • using rating system for evaluation of driver and passengers in order to prevent colliding users with potentially high risk of conflict.
  • sending information about serious violations to third parties such as police authorities - in accordance to legislation requirements.

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. Booking online at Cheetah Cars is completely secure. We even transmit your booking information to us using 256 bit SSL encryption (not just when it comes to payment part of the process). Your data is stored via our Cordic Technology Ltd (See Privacy Policy https://www.cordic.com/privacy-policy)

  1. Client Support

Cheetah Limited uses personal data, application data, systems and devices in order to provide technical support and improve quality of its services.

  1. Research and Development

Cheetah Limited uses personal data in order to perform testing, research, analysis, development and improvement of its services. This helps us to make our services better and more secure and develop new functionality.

  1. Sending Non-Marketing Messages

We can use personal data in order to inform our users about changing of terms and rules, and also for sending non-marketing messages which are needed to provide services.

  1. Fulfilling Legislation Requirements and Court orders

We can use personal data in order to settle litigations and court orders associated with using of Cheetah Limited services, fulfilling law orders, in cases when data is required by public authorities, including police.

  1. Automation of Business Processes

Cheetah Limited uses personal data for automation of business processes, such as:

  • finding eligible drivers. Drivers can be found on the basis or availability, nearest position and other factors, as well as on the basis of statisticaluser data.
  • Users who are suspected in fraud activity or any other activity which may cause harm to Cheetah Limited. In cases when users provide false information or fake license details this may lead to disabling user account after a specialist performs their checks.
  • using of driver's data (their geoposition, rating) and passenger's data (departure location, rating) in order to eliminate collisions of users with high risk of conflict.

The Lawful Basis we use to process your data

We will only ever process your information if we have a lawful basis to do so. The lawful bases we rely on are;

Contract – This is where we process your information to fulfil a contractual arrangement, we have made with you.

Consent – This is where we have asked you to provide explicit permission to process your data for a particular purpose.

Legitimate Interests – This is where we rely on our interests as a reason for processing, generally this is to provide you with the best service in the most secure and appropriate way.

Legal Obligation – This is where we have a statutory or other legal obligation to process the information.


Sharing your information

We do not sell, rent or lease your personal information to others except as described in this Privacy Notice. We share your information with selected recipients. These categories of recipients include:

  • cloud storage providers located in the UK or EU, which store your personal data in and for disaster recovery services, as well as for the performance of any contract we enter into with you;
  • IT Services providers that provide us with SaaS and IaaS services
  • analytics and search engine providers located in the UK or EU that assist us in the improvement and optimisation of the Websites and Apps; merchant acquirers located in the UK or EU and which store your personal data in the UK or EU for the purpose of processing payments.
  • IT support service providers who support and maintain our booking platform and have access at our premises working on a secure server.
  • Claims handling companies, for the purpose of investigating and settling any insurance claims.
  • provided you have consented, advertisers and e-marketing companies located in the UK or EU and which store your personal data in the UK or EU that require the data to select and serve relevant marketing and adverts to you and others.
  • The use of a third party who may contact you via email to invite you to review any services you received from us in order to collect your feedback and improve our services.

We will share your information with law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:

  • comply with a legal obligation, process or request.
  • enforce our terms and conditions and other agreements, including investigation of any potential violation thereof
  • detect, prevent or otherwise address security, fraud or technical issues; or
  • protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).

We will also disclose your information to third parties:

  • in the event that we sell any business or assets, in which case we will disclose your data to the prospective buyer of such business or assets; or
  • if we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.

YOUR RIGHTS AS A DATA SUBJECT

You have rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances. We have described these situations below, as well as how you can exercise your rights. To exercise any of your rights, please contact us at [email protected]

Access: You have the right to ask us to access the personal data we hold about you and be provided with certain information about how we use your personal data and who we share it with.

Correction: You also have the right to ask us to correct your personal data where it is inaccurate or incomplete.

Portability: Where you have provided your personal data to us under contract, you have the right to ask us to share (port) this data to another data controller in a structured, commonly used and machine-readable format.

Erasure: In certain circumstances, you have the right to ask us to delete the personal data we hold about you.

Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal data, save for storage.

Objection: In certain circumstances, the right to restrict or object to our processing of your personal information (e.g. where you request correction or erasure, you also have a right to restrict processing of your applicable data while your request is considered). You can object to our processing of your personal data based on our legitimate interests and we will no longer process your personal data unless we can demonstrate an overriding legitimate ground.

Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals or company trade secrets or intellectual property, where there are overriding public interest reasons or where we are required by law to retain your personal data.

Other websites

Our website contains links to other websites. Our privacy policy only applies to this website, we would encourage you to read the privacy statements on the other websites you visit.

Using cookies

Cheetah Limited uses Cookie files in order to:

  • perform user authentication.
  • save user settings.
  • keep history of rides and other historical user data.
  • display a language in web-site interface according to your geographical position.

Cookie is a small piece of data which is sent by a web-service and stored on a user device (i.e. personal computer, mobile phone, tablet).

We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit https://www.aboutcookies.org for detailed guidance.

Google Analytics: We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This Analytics data is collected via a JavaScript tag in the pages of our site and is not tied to personally identifiable information.We therefore do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. You can find out more about Google’s position on privacy as regards its analytics service at https://policies.google.com/privacy?hl=en

Google AdWords: We use Google AdWords cookies so we are able to see which pages helped lead to bookings on our website. This allows us to make better use of our paid search budget. We also use the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to Cheetah Cars. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy. You can set preferences for how Google advertises to you using the Google Ad Preferences page.

Booking/Session Cookie: We use a session cookie to remember what you have told us during the booking process. We deem these cookies strictly necessary to the working of the website. If these are disabled then various functionality on the site will be broken and bookings will be unreliable.

Your IP Address, device information, browser type may be recorded – we cannot establish the individual but merely used as a form statistics and patterns – Our online site and mobile application may collect Cookies to distinguish customers – the customer can control this through their browser settings and preferences. This element allows customers to gain better experience when browsing our site. The Mobile App uses location tracking – this enables us to locate you as a customer and offer services – this feature can also be disabled but could affect accuracy in the offering.

  

Transfer and Disclosure of User Data

 

Cheetah Limited  performs data transfer to other users or provides data on demand in cases where it falls under law requirements or when it is required in order to satisfy claims or settle dispute resolutions. Cheetah Limited can transfer user data in the following cases:

  1. To Other Users:
    In order to perform a ride we may give to a driver your name, email, telephone, information about pickup location and destination location.
    In order to perform a ride we may give to a passenger your name, photograph, license number, vehicle brand and model and vehicle registration number.
  2. To Suppliers and Business Partners:
    Cheetah Limited may transfer ride details to its partners via API integrations.
    We also transfer data to credit card transaction providers.
  3. Providing Data Under Legislation Grounds or in Dispute Cases.
    Cheetah Limited may disclose personal data in cases when legislation requires to do so, in court disputes, or when public authorities, including police, require this.
  4. Cases When Users Allow Sending Data.
    Cheetah Limited may send data to third parties in cases that go beyond this Agreement, if we have informed you about our intention to send data and you have allowed this.

 

Storage and Extermination of Data

 

Cheetah Limited  stores personal data up to the point where goals of its processing which are described in this Agreement are met.

Users can any time send a request to delete their account. However Cheetah Limited  may store personal data even after performing a user request in order to meet legislative requirements.

To delete your account, send a request to the [email protected].

 

Data Access and Data Collection Refusal

 

Cheetah Limited  gives possibility to users to review settings of data collection and manage them through the following:

  • Device permissions. You can manage app permissions in Device settings -> Apps -> Permissions -> Choose permissions.
  1. Confidentiality Settings
    Users may set and manage settings of collection and transfering geopositioning data and getting notifications in the "Settings" > "Applications" > Name of the Cheetah Cars - London Minicabs"Rights" and "Notifications".
  2. Geopositioning data
    Users may allow or not allow collecting geopositioning of their mobile devices.
  3. Permission to camera
    The camera is used to scan credit card details at the time of booking payment. The payment process is provided through the financial service provider's SDK.
  4. Getting data on telephone status
    Users can allow/not allow access to telephone functions on their device. If this function is disabled, this will result in failure of sending requests from the Cheetah Cars app.
  5. Enable/ disable notifications
    Users can enable/ disable notifications about ride status changes or account actions. Disabling notifications may result in lower quality of user experience with the Cheetah Cars app.
  • Disabling Marketing Messages
    You can turn off the sending of marketing messages by contacting [email protected] subject title Data Control Team.

 

Changes in Confidentiality Agreement

 

Cheetah Limited has a right to make changes to this Confidentiality Agreement. If changes are significant, we will notify you via Cheetah Cars app or in any other available way, for example, by email.

Use of our services after an update constitutes consent to the updated notice to the extent permitted by law.

 

Card Payments

 

We are responsible for card payments stored or transmitted. There are two categories for payments which are defined below:

  1. a) Customer not present - Online/App/Telephone

The payments part of our booking process is handled by Stripe . You should refer to the Stripe privacy policy to learn more. https://stripe.com/gb/privacy

All Debit/Credit Card transactions use a Pre Authorisation process – and if any pre authorisation is unsuccessful we have the right not to offer the service or offer a cash option if available.

  1. b) Customer present - Face to Face

The payments part of our booking process is handled by SumUp. You should refer to the SumUp privacy policy to learn more.https://sumup.co.uk/privacy

 

Complaints

 

Cheetah Cars tries to meet the highest standards when processing and collecting your personal information. In the event that you wish to make a complaint about how we process your personal data, please contact us at [email protected] and we will endeavour to deal with your request as soon as possible.

If you are not satisfied with the response from Cheetah Cars or believe we are not processing your data in accordance with the law, you have the right to raise your complaint with the Information Commissioner’s Office (ICO)

Website: https://ico.org.uk/concerns/
Email: [email protected]
Telephone: +44 (0) 303 123 1113

 

How to Contact Us

 

Should you have further questions you can reach out to [email protected] subject title Data Control Team.
Registered Address - 148 Manor Park Road, London NW10 4JR

Revised on 08-01-2024