Effective Date: November 2023
LuxeRides (London) Limited (“LuxeRides,” “we,” or “us”) is committed to compliance with the General Data Protection Regulation (GDPR), which governs the processing of personal data within the European Union (EU) and the European Economic Area (EEA). This GDPR Policy outlines our commitment to the following GDPR principles:
GDPR Policy - Lawfulness, Fairness, and Transparency
We collect and process personal data lawfully, fairly, and transparently. We inform individuals about the data we collect, the purposes for which we collect it, and their rights regarding their data.
Purpose Limitation
We gather and handle personal data only for clear, specific, and legitimate reasons. Additionally, we use the data exclusively for the purposes stated at the time of collection, ensuring that there is no incompatible use.
Data Minimisation
We only gather the data that is essential for its intended processing purposes. We do not collect excessive or irrelevant data.
Accuracy
We regularly update and verify personal data to keep it accurate and relevant for its intended purposes. Individuals can request corrections to their data.
Storage Limitations
We keep personal data only for as long as needed to achieve its intended purpose, in accordance with our Data Protection Policy and in compliance with legal and regulatory requirements.
Integrity and Confidentiality
We take proactive steps to implement appropriate technical and organizational measures to safeguard personal data against unauthorized access, disclosure, alteration, or destruction. Furthermore, we make it a priority to uphold the confidentiality and integrity of all personal information.
Accountability
We are accountable for complying with GDPR principles. We have designated a Data Protection Officer (DPO) responsible for ensuring GDPR compliance. Our DPO can be contacted at compliance@luxeridesldn.co.uk
Data Subject Rights
Under GDPR, individuals have specific rights regarding their personal data. Individuals have the right to access their data, request corrections, seek erasure, restrict processing, object to its use, and transfer their data to another service. To exercise these rights or make inquiries about their personal data, individuals can contact us at compliance@luxeridesldn.co.uk.
Data Protection Impact Assessment (DPIA)
We conduct DPIAs when processing activities are likely to result in a high risk to the rights and freedoms of individuals. DPIAs are used to assess and mitigate risks associated with data processing.
Breach Notification
If a personal data breach happens and threatens individuals’ rights and freedoms, we will quickly inform the relevant regulatory authorities and, when required, notify the affected individuals in accordance with GDPR.
Training and Awareness
We provide training to our employees to ensure awareness and understanding of GDPR compliance.
Review and Updates
We routinely assess and revise this GDPR Policy to ensure it aligns with GDPR regulations and industry best practices.Additionally, by using our private hire mini cab services, you explicitly acknowledge and agree to our processing of personal data in full compliance with this GDPR Policy.