We are Albatross Cars Derby Ltd, our registered address is 14a Midland Road, Derby DE1 2SN and our Company registration number is: 10935374.

 

Albatross Cars Derby Ltd is the controller of your personal information and is responsible for this information.

This privacy notice sets out how we process your personal information as a passenger who is using our booking services and booking platforms.

​

Your right to Object

1. Right to Object to Direct Marketing: You have the right to request that the organisation stops using your personal data for marketing purposes. If you make this request, we must comply and stop using your data for marketing.

 

2. Right to Object to Processing Based on Legitimate Interests: You can also object to how your personal data is being processed if it's being used based on legitimate interests. The organisation must consider your objections and assess whether your rights and freedoms outweigh their legitimate reasons for processing the data.

 

Information About Other Individuals

1. Authority to Act on Behalf of a Third Party: You need to prove that you have the proper authority from the third party to share their information with the organisation. This could mean, for example, if you're submitting personal information for a family member or a colleague.

2. Consent for Processing: You confirm that the third party has given you permission to provide consent on their behalf for the processing of their personal information. Essentially, you're agreeing that the third party knows and approves of their data being used in this way.

3. Awareness of the Data Protection Notice: You’re also agreeing to make the third party aware of the data protection notice, which includes how their information will be used, their rights, and other relevant details about data processing.

4. Consent for Transfer Abroad: If their personal data might be transferred to another country, you're confirming that the third party has agreed to this as well.

In short, this section is making sure that if you're acting on behalf of someone else, you have their consent for the actions you're taking and are responsible for informing them of how their data will be used.

 

What Personal Information Do We Collect?

​

Categories of Personal Information:

• Basic Info: This includes personal details like your name, addresses (residential, pickup, destination), email, and phone number.

• Payment Information: Any financial information you provide, such as bank account or credit card details, is also processed.

• GPS Location: Your real-time location may be collected, likely for navigation or to track your trip.

• Communication Information: Details about any enquiries you make through their website or by phone, as well as recorded communications (calls, emails) for service improvement, fraud prevention, and compliance purposes, are included.

Monitoring and Recording: Albatross Cars Derby Ltd monitor and records all calls and emails. The recordings are primarily for service provision, quality assurance, investigating complaints, and fraud prevention. These records are added to your existing data and used for the same purposes.

Please note that in compliance with data protection legislation, we will process your personal information without your knowledge or consent where this is required or permitted by law.

When Do We Collect Your Personal Information?

When using our website, web booking portal, mobile device booking application, contact us by telephone call, sign up with us to receive our alerts or create an account with us when using our services.

Why Do We Collect Your Personal Information?

• Provide Services: We require your data to deliver the services you've requested, such as processing your order, managing payments, and issuing receipts.

• Administration Services: We may also use your data for administrative tasks related to the services we provide.

• Billing and Payments: Handling the payment process, issuing invoices, and chasing unpaid bills.

• Communication: Sending you important service-related information like receipts, alerts, or notifications via SMS, email, or phone.

• Addressing Queries or Complaints: If you have any issues with the service or website, we need your data to respond, investigate, or resolve those issues.

• Improve Service Delivery: We may use your data to ensure the website is presented effectively to you, enhancing the user experience.

• Monitoring Service Usage: We may track how often and how long you use our services (and those of the Driver Partners). This helps us to ensure everything is running smoothly and that we can provide you with a consistent, quality service. 

• Interactive Features and Feedback: We may use your data to let you participate in interactive parts of the website or booking app. This could include things like:

o Inputting information (such as trip details or preferences).

o Providing feedback (such as ratings or reviews of the service or driver).

By collecting this data, we can improve your user experience, tailor the service to your needs, and make adjustments based on your feedback.

​

a) Consent:

​

You’ve given your consent for the organisation to process your personal data in two main ways:

1. Marketing Purposes: We may use your personal data for marketing (e.g., promotional emails, offers). However, you have the right to withdraw this consent at any time. 

2. Sensitive Personal Information (Health Data): If you've shared sensitive information (like health-related details to request a vehicle tailored to your needs), we will process that information. For example, if you need a vehicle that accommodates a specific health need, we will use the information to make sure we can provide the right type of vehicle.

b) Legitimate Interests:

We also process your data based on what’s called legitimate interests, these may include the following;

Marketing: We may contact you for marketing purposes based on our legitimate interest in growing and promoting our business. You will be given an option to opt-out anytime, so you can stop receiving marketing communications.

1. Research and Service Improvement: We use your data to better understand how you use our services and improve them. This could include things like personalizing your experience (e.g., remembering your past addresses) and making changes to the website or services to meet our customer’s needs.

2. Website Changes: We may notify you about important updates or changes to our website or services.

The processing is necessary to comply with a legal obligation Albatross Cars Derby Ltd is under, for example:

Law Enforcement and HMRC Requests: 

If law enforcement agencies or HMRC request information about you in connection with an investigation (for example, to prevent unlawful activity), the organisation may be required to share your data with them.

This would typically happen when:

• There’s a legal obligation or request for information from authorities.

• The request is made to prevent or investigate illegal activity, such as fraud or tax evasion.

In such cases, the organisation is bound to comply with the request as required by law, and this could override other privacy considerations, as the sharing of information is mandated by legal or governmental authority.

​

DISCLOSURE OF YOUR INFORMATION

​

We will disclose your personal information to:

• Our service providers who are providing services under a separate contract with you, such as our Driver Partners, or our third-party contractors and advisors such as DiSC telephony and iCabbi dispatch providers (and any business partners, service providers or third-party contractors) to enable them to undertake services for us and/or on our behalf;

• our third-party payment providers such as Stripe and Airpay

• any prospective buyer or seller (and their representatives) in the event that we sell or buy any business or assets;

• HMRC, other government departments and regulators, in order to comply with any legal obligation;

• other lawyers, insurers or other advisers in respect of any claims brought by passengers / driver partners / general public. This includes sharing information in connection with legal or insurance claims to protect the rights and safety of others;

• (in the case of aggregated/anonymous information i.e., information from which you cannot be personally identified, or insights based on such anonymous information), selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the website. In such circumstances we do not disclose any information which can identify you personally.

• (if our whole business is sold or integrated with another business) our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.

 

 

 

This section explains how the company communicates with passengers for both service-related and marketing purposes.

1. Service-related communication: The company will contact you for non-marketing reasons such as:

o Providing updates on the progress of your booking.

o Requesting feedback on your experience.

2. Marketing communications: The company may also send you marketing messages, especially if you're a consumer, sole trader, or a non-limited liability partnership. Marketing can happen via post or email (especially to business email addresses). 

o If you’ve previously purchased services, we may reach out with similar offers.

o If you’ve consented to receiving marketing emails.

3. Opt-out: If you no longer wish to receive direct marketing, you have the right to ask the company to stop processing your information for this purpose.

​

TRANSFERRING PERSONAL DATA OUTSIDE OF THE UK 

​

We may transfer your Personal Data to countries outside of the UK and these countries may have data protection rules that are different from the UK. To ensure that any of your personal information that is transferred outside of the UK receives an adequate level of protection, appropriate measures are in place to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects UK law on data protection.

How Do We Keep Your Personal Information Secure?

1. Compliance with Standards: The company follows the UK GDPR, the Data Protection Act (DPA) 2018, and the ISO 27001 Information Security Standard to protect your data.

2. Third-party processing: Any third parties who handle your personal data do so under strict instructions from the company. These parties must also agree to treat the data confidentially and keep it secure.

3. Preventing unauthorized access: The company has implemented security measures to prevent your data from being accidentally lost, accessed, or altered without permission.

4. Restricted access: Only employees, agents, contractors, and third parties who need access to your data for business purposes will have it. They will process your data on the company’s behalf and are bound by confidentiality agreements.

These steps aim to ensure that your personal information is safe and handled responsibly. If a breach occurs, the company will take action to address it and, if legally required, notify both you (the data subject) and any relevant regulators.This is in line with data protection laws like the GDPR, which require companies to notify individuals and authorities about certain types of data breaches within specific time frames.

How Long Do We Store You Information For?

This section explains the company's data retention policy:

1. Retention period: The company will keep your personal information only for as long as necessary, such as for legal, regulatory, or accounting requirements.

o The maximum retention period is 7 years from when your data was last used. This helps comply with legislation and local authority rules.

o If the company is processing your data based on your consent, they will hold your data until you withdraw that consent.

2. Legal or regulatory obligations: In some cases, the company may be required to retain your personal information for longer periods to meet specific legal or regulatory obligations.

​

Our Obligations

​

Data Controller: The company is a "Data Controller," meaning they are responsible for managing and controlling how your personal data is processed.

Data protection principles: The company must ensure your personal information is handled in line with key data protection principles, which include:

• Lawful, fair, and transparent use: Your data must be processed in a way that is legal, fair, and transparent to you.

• Valid purposes: Your data will only be collected for clear, legitimate purposes that have been explained to you, and not used for anything incompatible with those purposes.

• Data relevance: The data collected will only be relevant and necessary for the purposes communicated to you.

• Accuracy: Your data will be accurate and kept up to date.

• Retention: Your data will only be kept for as long as necessary to fulfill the purposes explained to you.

• Security: The company will ensure your data is kept secure.

Your Rights Regarding Your Personal Data

If you are an individual, you have the right to: 

• ask us to provide you with copies of personal information we hold about you.

• ask us to provide your personal information to a third-party provider of services. This right only applies where we use your personal information on the basis of your consent or performance of a contract and where our use of your information is carried out by automated means.

• ask that we correct any personal information if it is found to be inaccurate or out of date.

• ask that your personal information is erased where it is no longer necessary for us to keep it.

• request a restriction to be placed on further processing of your personal information where there is a dispute in relation to the accuracy or processing of your personal information.

• object on legitimate grounds to the processing of your personal information, where applicable i.e., where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority) and processing for the purposes of scientific/historical research and statistics).

There are some exemptions, which may apply, for example, information collected and processed for the prevention, investigation, detection or prosecution of criminal offences.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

Changes To Our Privacy Policy

Albatross Cars Derby Ltd may update its privacy policy from time to time. Any changes will be posted on the company's website, and in some cases, you may be notified directly by post or email. It’s a good idea to check back regularly to stay informed about any updates or changes to how your personal data is handled.

By using our services, including our booking platforms and systems, you agree to our terms and conditions.