New EU General Data Protection Regulation update for Stroheim Capital
The Data Protection Act Directive 95/46/EC is to be superseded by a new EU regulation under the title of EU GDPR (European Union General Data Protection Regulation). The GDPR aims to prevent security breaches and the loss of personal data by any organisation that holds or processes that data. This regulation change will affect any organisation that processes personal data of EU citizens. This EU GDPR has a live date set for the 25th May 2018.
Find out more on the GDPR – www.ico.org.uk
Stroheim Capital Ltd trading as Go Cars and Spearhead Cars is a Private hire operator providing licenced private hire transportation.
The company is registered in the UK with the company registration number 07119023 and our contact details are: Registered office address – Prospero House, 46 – 48 Rothesay Road, Luton, Bedfordshire, LU1 1QZ.
We can also be contacted at First Floor. 193-197 Marsh Road Luton. LU3 2QQ.
Your personal Identifiable information (PII) is data which by itself or with other data available to us can be used to identify you. We are Stroheim Capital Ltd, and are the data controller in regard to the new GDPR legislation. You can contact us via our contact us page or by email email@example.com
The type of data we collect.
We offer you many different means to request our services and book your next private hire vehicle to collect you from your desired location, and then deliver you safely to your final destination. You may contact us by phone and speak to one of our friendly operators who will process the necessary details from you, in order to book your transportation. We also have an APP available where your details are stored for swift future bookings. Our simple to navigate website, also offers you the facility to book online from any internet connected device.
The personal data we use may include:
• Your name is recorded, for all methods of booking and account set up online or via our APP.
• We will ask you for a phone number that you can be contacted on.
• We may ask for the flight number if we are collecting you from an airport. This is to check if the flight is on time, or delayed.
• We will ask you for your email address. This is for our online booking account set up, this is also required to be submitted twice for verification reasons. We send you an email to verify we have the right information processed for your account to be active.
• We won’t ask for your data of birth, but will need you to confirm you are over the age of 16 to book transportation from us. If you are under 16 years of age, we will need to speak to parent or legal guardian before we can book the transportation for you.
• We may ask you to provide payment details or an invoice address if you’re a corporate customer. Any payments processed via credit card will be via a secure payment service provider which are outlined in the following sections.
• We may record your ip address in our logs when you submit your registration form.
• We will ask you where you wish to be collected and transported to, this however isn’t considered personal identifiable information, but is a requirement if we are to fulfil are obligation to you.
• Personal data may also be stored on the registration of an account you fill in on behalf of others. You must have the authority to provide their personal data to us.
Why do we ask for your data?
Stroheim Capital Ltd trading as Go Cars and Spearhead Cars provided private hire vehicle’s for pleasure and business transportation. In order for us to engage in a contract with you and fulfil the contractual obligation we have with you as a customer (data subject), we need to have certain key information from you to take you where you desire. Our App needs you to register an account in order for this to function. This also makes future bookings faster, and keeps a log of your journey. We are also legally obliged to keep a record of the journey you have taken with us, this may be required for crime prevention and is also a requisite of our private hire licence with the government. Data will be stored for 7 years. If you setup an account us with us online or on our App, you can view a history of the journeys you have taken, and also update any of your personal details at any time by logging in.
Using your personal data: the legal basis and reason
We may process your personal data:
• For a lawfulness consent perspective when you fill in our account registration form, you consent to us processing your information for the purpose of fulfilling the obligation we have with you. This means we need to know where to pick up from, and where you wish to be driven to (final destination). This may include your home address if that is a collection or destination location. More detail on this is in the GDPR Articles 4, 6,7,8 and 9.
• Processing is required for the performance of a contract with you. We need to relay the information electronically to one of our drivers, to inform them where to collect you and where to take you. More detail on this is in the GDPR Article 6.
• Necessary for the purpose of legal obligations we have with regard to the licencing authorities which are a mandate from the licencing service, Town Hall, Luton. More detail on this is in the GDPR Article 6
• Processing in some cases is required to safeguard the vital interests of our customers (data Subjects). Our drivers have a duty of care to all our travelling customers.
• Processing is necessary to perform a specific task carried out in the public interest.
Sharing of your personal data
We will share your data with the following;
• A licenced driver – we need to inform our driver of who they are collecting, from where and to where they are going. We do this via an electronic system known as and referred to here after as iCabbi. iCabbi is the web based data platform we use to fulfil the bookings we have. More on iCabbi can be seen at their website icabbi.com
• Our systems may share your data with card payment service providers. We use judopay and stripe for the transactional gateways to process card payments. Both of these services mean that we do not store any card data about you. Tokenization is used for card payments which ensures that your card information is collected and stored in a secure PCI-DSS compliant manner, minimizing our PCI liability as no card information is stored on our backend. –More on judopay and stripe.com can be seen on their web pages.
• When you have a successful booking, we will send you a text notification confirming the details of your booking, this may include details of the vehicle that is collecting you, and the registration number of the vehicle. This text message is delivered by EE mobile services. The only information processed by EE is the phone number provided to us for the booking.(this is only operational if the number provided is a mobile phone number)
• Our website is a wordpress system. When you book your private hire vehicle online, we will move you to a more secure https certified environment. Once your booking is complete we will send you a confirmation email or text message from our system.
• You may book via our App and this connects to the icabbi infrastructure for the routing of a private hire vehicle and service you have requested.
Your personal data may be transferred electronically to our secure servers which may be located outside the EU.
We will retain your data as long as necessary to deal with any queries with regard to your booking. We are legally obliged to store your data for the requirement of our private hire licence agreement K52-152424 with the licensing service, Town Hall, George Street, Luton. LU12BQ. You can contact us at any time to request your account be deactivated, and any personal data be removed from our system. This we will action via pseudonymisation which means that we remove personal information but retain information on the job number, the pick-up and drop off details, the driver who fulfilled the job and any other non-personal identifiable date attached to the job.
• The right to be informed about our processing of your personal data
• The right to have your personal data corrected in the case of inaccuracy and to have incomplete data completed.
• The right to object to the processing of your personal data
• The right to restrict processing of your data
• The right to have your personal data erased (known as the right to be forgotten)
• The right to request access to your personal data and information about how we process it.
• The right to move, copy or transfer your personal data (data portability)
• Rights in relation to automated decision making including profiling.
You have the right to complain to the information commissioner’s office. It has enforcement powers and can investigate compliance with data protection law. Ico.org.uk
We take account security very seriously and this section will outline the steps we take in keeping your data safe when you set up an account with us.
When you set up an account online or via our App the process is simple and limited to only ask for information necessary for the fulfilment of the service which we are operating and providing to you. Our website has been certified with https validation and our security certificate was awarded by https://www.comodo.com/ you can trust that the information we take and store is safe and treated with the utmost respect and security.
When you call us
When you call to book one of our private hire vehicles, one of our team will take information from you and populate this into our icabbi software to provide a speedy and reliable service to you. If payment is taken over the phone we will process the transaction within the transaction guidelines specified by our payment gateway provider. We do not store any credit card details.
Should you have any questions regarding this statement, please contact us. We will review this policy through the year, and update it where required in line with the new GDPR.