top of page

Privacy Policy

In 2026, privacy policies for taxi companies must comply with current data protection regulations (such as the UK GDPR or EU GDPR). These policies are designed to inform passengers and drivers how their personal data is collected, used, and protected. 

1. Key Information Collected

Taxi companies typically collect several types of personal data to facilitate bookings and ensure safety: 

  • Identity & Contact Data: Name, phone number, and email address.

  • Journey Details: Pick-up and drop-off addresses, dates, times, and journey history.

  • Location Data: Real-time GPS location of both passengers and drivers during a trip.

  • Financial Information: Payment card details (often processed via encrypted third-party gateways like Stripe).

  • Audio/Visual Records: Call recordings from phone bookings and CCTV footage from inside vehicles for safety. 

2. Legal Basis for Processing

Companies must have a valid legal reason to use your data: 

  • Contractual Necessity: Processing is required to fulfill the booking (e.g., giving the driver your pick-up location).

  • Legitimate Interests: Used for business administration, preventing fraud, and improving services.

  • Legal Obligation: Retention of records for licensing authorities or tax purposes.

  • Vital Interests: Emergency situations where data is needed to protect someone's life. 

3. Data Sharing and Security

  • Sharing with Drivers: Booking details are shared with the assigned driver to complete the trip.

  • Third-Party Providers: Data may be shared with payment processors, dispatch software providers, and map services.

  • Security Measures: Technical safeguards include SSL encryption for data in transit and secure servers for storage. 

4. Data Retention

  • Duration: Most companies retain booking records for a minimum of 6 months to 7 years, depending on local licensing and tax laws.

  • Marketing: Contact details for marketing are often kept for shorter periods (e.g., 36 months) unless consent is withdrawn earlier. 

5. Your Rights as a Data Subject

Under modern privacy laws, individuals have the following rights:

  • Right to Access: Request a copy of the personal data held about you.

  • Right to Rectification: Correct any inaccurate or incomplete information.

  • Right to Erasure ("Right to be Forgotten"): Request that your data be deleted, subject to legal retention requirements.

  • Right to Object: Opt-out of data being used for direct marketing.

  • Right to Portability: Request that your data be transferred to another service provider. 

For further guidance or to report a concern, users can contact the Information Commissioner’s Office (ICO). 

bottom of page