Privacy policy for the Taxi Deutschland app

Preamble

This service (hereinafter "App") is provided by Taxi Deutschland Servicegesellschaft für Taxizentralen eG, Heidelberger Straße 25 in 60327 Frankfurt am Main (hereinafter "we" or "us") as the responsible party within the meaning of the applicable data protection law. We are also a service provider pursuant to § 13 TMG.

You can reach our data protection officer, Mr Folkmar Schmidt, in writing at datenschutz@taxi-deutschland.net or at our postal address with the addition "Der Datenschutzbeauftragte".

Within the framework of the app, we enable you to retrieve and display the following services information:

Using the app allows you to order a taxi. The ordering process is started by you using the app. Based on the location data transmitted by your smartphone, the app offers you the direct taxi order via the local control centre. If no local control centre technically supports the app order, the app shows you the call number of the local taxi control centre or a local taxi company and enables you to order a taxi by phone directly from the app. You also have the option of paying the fare of a taxi ride non-cash (e.g. credit card or PayPal).

When you use the app, we process personal data about you. Personal data means any information relating to an identified or identifiable natural person.

With the following information, we would like to inform you about which personal data we process when you use the app and how we handle this data. Furthermore, we inform you about the legal basis for the processing of your data and, insofar as the processing is necessary to protect our legitimate interests, also about our legitimate interests.

You can access this privacy policy at any time under the menu item "Privacy" within the app.


1. Information on the processing of your data

Certain information is already processed automatically as soon as you use the app. We have listed exactly which personal data is processed for you below:

1.1Information collected during download

When downloading the app, certain required information is transmitted to the app store selected by you (e.g. Google Play or Apple App Store), in particular the user name, the email address, the customer number of your account, the time of the download, payment information and the individual device identification number may be processed. The processing of this data is carried out exclusively by the respective app store and is beyond our control.

1.2Information that is collected automatically

As part of your use of the app, we automatically collect certain data that is required for the use of the app. This includes: internal device ID, version of your operating system, time of access if applicable.

This data is automatically transmitted to us, but is not regularly stored,
(1) to provide you with the Service and related features;
(2) Improve the functions and performance features of the app; and
(3) prevent and eliminate misuse and malfunctions.

This data processing is justified by the fact that
(1) the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6 para. 1 lit. b) DSGVO for the use of the App, or
(2) we have a legitimate interest in ensuring the functionality and error-free operation of the app and in being able to offer a service that is in line with the market and interests, which here outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) lit. f) DSGVO.

1.3Creation of a user account (registration) and login

When you create a user account or log in, we use your access data (name, telephone number, device ID, e-mail address if applicable) to grant you access to and manage your user account. If you do not provide this data, you will not be able to use the services offered by the app.

We use this information to authenticate you when you use the app. The data you enter during registration or login will be processed and used by us or the system developer (GefoS Gesellschaft für offene Systeme mbH, Lohbachstraße 12 in 58239 Schwerte),
(1) to verify your authorisation to manage the user account;
(2) Enforce the terms of use of the App and all rights and obligations associated therewith; and
(3) to contact you in order to send you technical or legal advice, updates, security messages or other messages concerning, for example, the administration of the user account.

This data processing is justified by the fact that
(1) the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6 para. 1 lit. b) DSGVO for the use of the App, or
(2) we have a legitimate interest in ensuring the functionality and error-free operation of the app and in being able to offer a service that is in line with the market and interests, which here outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) lit. f) DSGVO.

1.4Use of the app

Within the framework of the app, you can enter, manage and edit various information, tasks and activities. This information includes, in particular, data about your current location, which is determined via the GPS function of your smartphone.

The app also requires the following permissions:

Internet access: This is required to process your entries on our servers or to forward the necessary information for the execution of the taxi order to the local taxi centre or the contracted taxi company.

The processing and use of usage data is carried out for the provision of the service. This data processing is justified by the fact that the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6 (1) lit. b) DSGVO for the use of the app.

1.5Payment profile for non-cash payment

If you use the offered "non-cash payment" function, further personal data will be collected and processed. The "payment profile" to be created by you in your smartphone requires information about your payment method (e.g. credit card number, PayPal account). We do not store this information. The credit card number you enter is forwarded via a direct and secure communication line to the payment service provider commissioned by us (Computop GmbH, Schwarzenbergstraße 4 in 96050 Bamberg). After checking the payment profiles you have provided, we receive a pseudo card number from the payment service provider, which is stored by us and which is the basis for billing your taxi journeys, insofar as you choose the non-cash payment method. In addition, we process your e-mail address, name, telephone number, the validity date for the credit card displayed with the payment service provider and the device ID in this context. The processing is done so that we can verify the eligibility to participate in the cashless payment of taxi rides and prevent any misuse in your interest. The above data (with the exception of the pseudo card number) is also processed by us if you process the payment via a PayPal account on file.

1.6Data processing in the rating system

The App offers you the voluntary participation in the rating of the taxi ride performed. If you decide to rate the taxi ride you have taken, we will process the rating you have given, your device ID and the order number assigned to your taxi ride.

The processing of this data is carried out for our legitimate interest, because we have a duty towards the assessed taxi companies and taxi drivers may have to account for the ratings displayed. Your personal data will not be passed on to third parties, in particular to the taxi companies or taxi drivers concerned, in connection with a rating you have submitted, unless this is absolutely necessary to safeguard our legitimate interests in connection with legal disputes.



2. Disclosure and transmission of data

In addition to the cases explicitly mentioned in this data protection declaration, your personal data will only be passed on without your express prior consent if this is permitted or required by law. This may be the case, for example, if the processing is necessary to protect the vital interests of the user or another natural person.

2.1

The data provided by you during registration will be passed on to third parties insofar as this is necessary for the proper execution of your taxi order. These third parties include in particular the respective local taxi centres or the taxi companies commissioned by them with the execution.

A transfer of personal data is justified by the fact that it is necessary for the functioning of the app and the fulfilment of your taxi orders and that we also have a legitimate interest in transferring the data for administrative purposes within our group of companies and that your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) lit. f) DSGVO are not overridden.

2.2

Insofar as you choose the non-cash payment method for the payment of a performed taxi ride, the pseudo card number and the fare will be transmitted by us to the payment service provider.

2.3

f it is necessary to clarify illegal or abusive use of the app or for legal prosecution, personal data may be forwarded to the law enforcement authorities or other authorities and, if necessary, to injured third parties or legal advisors. However, this only happens if there are concrete indications of unlawful or abusive behaviour. A transfer may also take place if this serves the enforcement of terms of use or other legal claims. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offences subject to fines and the tax authorities.

Any disclosure of personal data is justified by the fact that

(1) the processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art. 6 (1) lit. f) GDPR in conjunction with national legal requirements for the disclosure of data to law enforcement authorities, or
(2) we have a legitimate interest in disclosing the data to the aforementioned third parties if there are indications of abusive behaviour or in order to enforce our terms of use, other conditions or legal claims and your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) DSGVO are not overridden.

2.4

We rely on contractually affiliated companies such as GefoS Gesellschaft für offene Systeme GmbH and the respective local taxi centres to provide our service. You can find the local taxi centres that are connected to our app switching system at https://www.taxi-deutschland.net.

Any disclosure of personal data is justified by the fact that
(1) we have a legitimate interest in passing on the data for the execution of your taxi orders to the local taxi centres and your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) DSGVO do not outweigh this and
(2) we have carefully selected our third-party companies and external service providers as processors within the scope of Art. 28 (1) of the GDPR, regularly reviewed them and contractually obliged them to process all personal data exclusively in accordance with our instructions.


3. Data transfers to third countries

We do not process or transfer your data to countries outside the European Economic Area.


4. Changes of purpose

Your personal data will only be processed for purposes other than those described if a legal provision permits this or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.


5. Data storage period

We delete or anonymise your personal data as soon as it is no longer required for the purposes for which we have collected or used it in accordance with the above paragraphs. As a rule, we store your personal data for the duration of the usage or contractual relationship via the app plus a period of 30 days, during which we keep backup copies after deletion, unless this data is required for longer for criminal prosecution or to secure, assert or enforce legal claims.

Specific statements in this data protection declaration or legal requirements for the retention and deletion of personal data, in particular data that we are required to retain for tax law reasons, remain unaffected.


6. Your rights as a data subject

6.1Right to information

You have the right to receive information from us at any time upon request about the personal data processed by us that concerns you within the scope of Art. 15 DSGVO. To do this, you can submit a request by post or e- mail to the address below.

6.2Right to rectify inaccurate data

You have the right to ask us to correct your personal data immediately if it is inaccurate. To do so, please contact us at the addresses below.

6.3Right to erasure

You have the right to request that we erase the personal data concerning you under the conditions described in Article 17 of the GDPR. These conditions provide in particular for a right to erasure if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to erase under Union law or the law of the Member State to which we are subject. For the period of data storage, please also see section 5 of this data protection declaration. To exercise your right to erasure, please contact us at the addresses below.

6.4Right to restrict processing

You have the right to demand that we restrict processing in accordance with Art. 18 DSGVO. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the duration that the verification of the accuracy requires, as well as in the event that the user requests restricted processing instead of erasure in the case of an existing right to erasure; furthermore, in the event that the data are no longer necessary for the purposes pursued by us, but the user requires them for the assertion, exercise or defence of legal claims, as well as if the successful exercise of an objection is still disputed between us and the user. In order to exercise your right to restrict processing, please contact the addresses given below.

6.5Right to data portability

You have the right to obtain from us the personal data concerning you that you have provided to us in a structured, commonly used, machine-readable format in accordance with Art. 20 DSGVO. To exercise your right to data portability, please contact us at the addresses below.


7. Right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out, inter alia, on the basis of Article 6(1)(e) or (f) DSGVO, in accordance with Article 21 DSGVO. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.


8. Right of appeal

You also have the right to contact the competent supervisory authority in the event of complaints. The competent supervisory authority is:

The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1 in 65189 Wiesbaden
Phone: (+49 611) 1408 - 0 Fax (+49 611) 1408 - 611


9. Contact

If you have any questions or comments about our handling of your personal data, or if you wish to exercise the rights as a data subject set out in sections 6 and 7, please contact Mr Dieter Schlenker using the following contact details:

Heidelberger Straße 25 in 60327 Frankfurt am Main
Phone +49 69 252025 Fax +49 69 250000.

Our data protection officer can be reached at the following contact details:

You can reach Mr Folkmar Schmidt in writing at datenschutz@taxi-deutschland.net or our postal address with the addition „The Data Protection Officer“.


10. Changes to this privacy policy

We always keep this privacy policy up to date. Therefore, we reserve the right to change it from time to time and to update any changes in the collection, processing or use of your data. The current version of the data protection declaration is always available under the menu item „Data protection“ within the app.





Status: 18.05.2021