Effective Date: November 2024
At Exec Chauffeur Group, we are committed to protecting your privacy and ensuring that
your personal data is handled in a safe and responsible manner. This Data Protection
and Privacy Policy outlines how we collect, use, and protect your personal information
when you use our services.
1. Information We Collect
At Exec Chauffeur Group, we collect various types of information to provide and
enhance our chauffeur services. This information may include personal data that you
provide directly, as well as information that we collect automatically or through
third-party sources. Below are the main categories of information we collect:
● Personal Identification Information
○ Contact Details:
■ Your name, email address, phone number, and residential address.
This information allows us to contact you regarding your bookings
and provide customer support.
○ Payment Information:
■ Credit card numbers, billing address, and any other payment details
necessary to process your transactions. This information is
collected through secure channels to ensure payment processing.
● Travel Information
○ Booking Details:
■ Information related to your bookings, including pickup and drop-off
locations, dates and times of travel, and vehicle preferences. This
helps us prepare for your journey and ensure your needs are met.
○ Special Requests:
■ Any specific requests you make regarding your ride, such as
preferences for vehicle type, additional stops, or special
accommodations (e.g., child seats, accessibility needs).
● Communication Records
○ Correspondence:
■ Emails, chat messages, and phone call logs between you and our
customer service representatives. These records help us track your
inquiries, feedback, and any resolutions provided.
○ Review and Feedback:
■ Any feedback you provide regarding our services, including ratings
and comments on your experience. This helps us enhance our
service quality and address any concerns.
● Usage Data
○ Technical Data:
■ Information about your device and internet connection, such as IP
address, browser type, operating system, and device identifiers.
This data helps us analyse trends, improve our website, and ensure
compatibility with various devices.
○ Website Interaction Data:
■ Details about your interactions with our website, including pages
visited, time spent on pages, and links clicked. We use this
information to optimise our website and provide a better user
experience.
● Location Data
○ Geolocation Information:
■ If you grant permission, we may collect precise location data to
provide real-time tracking of your chauffeur vehicle. This enhances
your experience by giving you updates on your driver’s location and
estimated arrival time.
● Third-Party Data Sources
○ Social Media Information:
■ If you choose to link your social media profiles (e.g., Facebook,
Google) to our services, we may collect certain information from
those platforms, such as your profile information and friends list, in
accordance with social media platform settings.
○ Public Databases:
■ We may also obtain publicly available information (such as
business directories) to verify the identity of our customers and
ensure compliance with legal requirements.
● Cookies and Tracking Technologies
○ Cookies:
■ Our website uses cookies and similar tracking technologies to
enhance user experience. Cookies are small data files stored on
your device. They help us remember your preferences, track your
visit patterns, and personalise content and advertisements.
○ Analytics Tools:
■ We may use third-party analytics tools (e.g., Google Analytics) to
collect and analyse data regarding your interaction with our
website. This information helps us improve our services and
understand how customers use our site.
2. How We Use Your Information
At Exec Chauffeur Group, we utilise your personal information for multiple purposes to
provide and enhance our chauffeur services, ensuring a seamless customer experience.
Below are the key ways we use your information:
● Service Provision:
○ To process your bookings and manage your transportation needs, we
collect and use your personal data, including your name, contact details,
and travel preferences. This allows us to ensure that your ride is
scheduled according to your specifications.
● Customer Communication:
○ We communicate with you regarding your bookings, such as
confirmations, reminders, and any changes or cancellations. This includes
reaching out through your provided contact information to ensure you
have all relevant details about your ride.
● Payment Processing:
○ Your payment information is collected and processed to facilitate secure
transactions for our services. We work with third-party payment
processors to handle your financial details in compliance with security
standards.
● User Experience Improvement:
○ We analyse usage data to better understand customer preferences and
behaviours. This information helps us enhance our website and service
offerings, ensuring we meet your needs effectively. We may also seek
feedback through surveys or reviews to refine our services.
● Marketing and Promotions:
○ With your consent, we may use your contact information to send you
marketing materials, including promotional offers, newsletters, and
updates about our services. You can opt out of such communications at
any time.
● Customization and Personalization:
○ We may use your information to personalise your experience with our
services. For instance, we can tailor recommendations based on your past
bookings or preferences to enhance your satisfaction.
● Customer Support:
○ When you reach out for support or inquiries, we utilise your personal data
to assist you effectively. This involves resolving issues, answering
questions, and providing information about your bookings or services.
● Fraud Prevention and Security:
○ We process personal data to enhance the security of our services and
prevent fraudulent activities. This includes monitoring transactions and
user behaviour to detect and mitigate any potential risks.
● Legal Compliance:
○ We may use your data to comply with applicable laws, regulations, or legal
requests, ensuring that our operations remain within the regulatory
framework. This includes fulfilling reporting duties to regulatory
authorities if required.
● Research and Analysis:
○ We may analyse aggregated data to understand trends and improve our
services. This research helps us make informed business decisions and
develop new features based on customer needs.
● Emergency Situations:
○ In the event of an emergency, we may use your contact information to
reach you or provide assistance as needed, ensuring safety during your
journey.
3. Legal Basis for Processing Personal Data
At Exec Chauffeur Group, we rely on several legal bases for processing your personal
data, ensuring compliance with applicable data protection laws. The primary legal
bases include:
● Consent:
○ We may process your personal data based on your explicit consent. This
applies when you provide your information voluntarily, such as subscribing
to newsletters, promotional communications, or consent to receive
marketing materials from us. You have the right to withdraw your consent
at any time.
● Performance of a Contract:
○ When you enter into a contract for our chauffeur services, we process your
personal data as required to fulfil the terms of that contract. This includes
processing your information to manage bookings, schedule rides, and
provide customer support.
● Legal Obligation:
○ We may process your personal data to comply with our legal obligations.
This includes obligations related to record-keeping, fraud prevention, and
law enforcement. We may also be required to retain certain information
for a specified period to adhere to legal requirements.
● Legitimate Interests:
○ We may process your personal data when it is necessary for our legitimate
interests, provided that those interests are not overridden by your data
protection rights. For example, we may use your data to:
■ Enhance your customer experience and improve our services (e.g.,
by analysing usage data to identify trends).
■ Conduct marketing activities that are relevant and beneficial to our
clients, where we have a balance between our interests and your
rights.
■ Maintain the security and integrity of our services, conducting any
necessary fraud detection and prevention mechanisms.
● Public Interest:
○ In some cases, we may process personal data to perform a task carried
out in the public interest or in the exercise of official authority. This could
apply in scenarios where we need to assist authorities.
● Vital Interests:
○ Processing may be necessary to protect someone’s life. For example, if we
need to process personal data during an emergency situation, we may do
so to safeguard your safety or that of others.
4. Data Retention
At Exec Chauffeur Group, we are committed to ensuring that your personal data is
retained only as long as necessary to fulfil the purposes for which it was collected, in
accordance with applicable laws and regulations. Below are the key principles regarding
our data retention practices:
● Retention Periods:
○ We retain your personal data for as long as is necessary to provide you
with our services and fulfil the purposes outlined in this policy. Once the
purpose for processing your data has been fulfilled, we will securely delete
or anonymize your information.
● Criteria for Retention:
○ The specific retention periods for different categories of personal data
may vary based on several factors, including:
■ Legal Requirements: Certain laws and regulations may impose
specific retention periods for particular types of data. For example,
financial transaction records may need to be retained for a set
number of years for accounting and tax purposes.
■ Business Needs: We may retain personal data that is necessary for
operational purposes, such as maintaining accurate records for
customer service, ongoing customer relationships, or for legal and
regulatory compliance.
■ Consent Withdrawal: If you withdraw your consent for us to process
your personal data, we will stop processing your information and
will delete it unless we have another legal basis to retain it.
● Data Minimisation:
○ We adopt a data minimization principle, meaning that we only collect and
retain personal data that is necessary for the intended purposes. This
approach helps limit unnecessary retention and mitigates risks associated
with data breaches.
● Secure Disposal:
○ When personal data is no longer required, we will securely dispose of it.
This includes employing appropriate security measures to prevent
unauthorised access or unlawful processing during the data deletion
process.
● Review of Retention Practices:
○ We regularly review our data retention practices to ensure compliance with
legal obligations and to reflect any changes in our business practices or
regulatory requirements. This review helps ensure that we are not holding
onto data longer than necessary.
● Special Categories of Data:
○ If we process special categories of personal data, we will maintain them
only as long as necessary for the specific purpose for which they were
collected and will limit access to such data in accordance with legal
requirements.
● Retention of Anonymous and Aggregated Data:
○ We may retain anonymous and aggregated data derived from your
personal information for research and analysis purposes. Such data will
not be linked to identifiable individuals and will be used to enhance our
services without compromising your privacy.
5. Data Security
At Exec Chauffeur Group, protecting your personal data is a top priority. We implement a
variety of security measures to safeguard your information against unauthorised
access, loss, or misuse. The following outlines our commitment to data security:
● Technical Measures:
○ Encryption: We use encryption technologies to protect sensitive
information, particularly during data transmission (e.g., using Secure
Socket Layer (SSL) technology) and while stored in our systems. This
ensures that your personal information is readable only to authorised
parties.
○ Firewalls: Our systems are protected by firewalls that help monitor and
control incoming and outgoing network traffic based on predetermined
security rules, providing an additional layer of protection.
○ Access Controls: We limit access to personal data to authorised personnel
only. Access rights are granted based on roles and responsibilities,
ensuring that only those who need your information to perform their job
functions can access it.
● Organisational Measures:
○ Employee Training: All employees undergo regular training on data
protection practices and security protocols. This ensures that staff
members understand their responsibilities regarding data security and are
aware of potential risks.
○ Data Management Policies: We have established internal policies and
procedures to manage data security effectively. This includes regular
audits and assessments of data handling practices to identify and
mitigate potential vulnerabilities.
● Incident Response Plan:
○ In the unlikely event of a data breach, we have a comprehensive incident
response plan in place. This plan ensures that we act promptly to contain
the breach, assess the impact, and notify affected individuals in
compliance with legal requirements.
● Third-Party Service Providers:
○ We may engage third-party vendors to assist in our operations (e.g.,
payment processors, data storage providers). We conduct thorough due
diligence to ensure these third parties implement appropriate security
measures to protect your personal information. We ensure that any
contractual arrangements include requirements for data protection
compliance.
● Data Tracking and Monitoring:
○ Our systems undergo regular monitoring and logging to detect any
unusual or unauthorised activities. We conduct vulnerability assessments
and penetration testing to identify potential weaknesses and enhance our
security posture.
● Physical Security:
○ We implement physical security measures in our facilities to safeguard
personal data stored in physical form. This includes restricted access to
secure areas, surveillance systems, and secure disposal methods for
paper records.
● User Responsibilities:
○ While we take extensive measures to protect your personal data, we also
encourage you to play a role in safeguarding your information. This
includes:
■ Using strong, unique passwords for your accounts and changing
them regularly.
■ Not sharing your login details or personal information with others.
■ Being cautious of phishing attempts and fraudulent
communications that may try to obtain your personal information.
● Data Minimisation and Anonymization:
○ We aim to minimise the amount of personal data we collect and retain.
Additionally, wherever possible, we will anonymise or pseudonymised data
to reduce the risk associated with potential breaches.
● Regular Security Assessments:
○ We conduct regular security assessments and updates to our security
protocols to keep pace with evolving threats and ensure that our data
security measures are effective and up to date.
6. Your Rights
As a data subject under applicable data protection laws, you have certain rights
regarding your personal data that we collect and process. This section outlines these
rights and how you can exercise them:
● Right to Access:
○ You have the right to request access to the personal data we hold about
you. This allows you to be informed about the data we process, the
purposes of processing, and the recipients of your data. You can request a
copy of your personal data in a structured, commonly used, and
machine-readable format.
● Right to Rectification:
○ If you believe that your personal data is inaccurate or incomplete, you have
the right to request rectification. We encourage you to keep your
information up to date and accurate. Upon receiving your request, we will
promptly correct any inaccuracies.
● Right to Erasure (Right to be Forgotten):
○ You have the right to request the erasure of your personal data under
certain circumstances. This may include instances where your data is no
longer necessary for the purposes for which it was collected, you
withdraw your consent, or you believe your data has been unlawfully
processed. We will assess your request in light of applicable legal
obligations.
● Right to Restrict Processing:
○ You have the right to request that we restrict the processing of your
personal data in specific situations, such as when you contest the
accuracy of your data or when you object to processing. When processing
is restricted, we may still store your data, but we will only process it with
your consent or for legal reasons.
● Right to Data Portability:
○ You have the right to receive your personal data in a structured, commonly
used, and machine-readable format and to transmit that data to another
data controller. This right applies when the processing is based on your
consent or a contractual obligation, and the processing is carried out by
automated means.
● Right to Object:
○ You have the right to object to the processing of your personal data based
on legitimate interests, including profiling, if you believe that your
fundamental rights and freedoms outweigh our legitimate interests. You
also have the right to object to direct marketing communications at any
time.
● Rights Related to Automated Decision-Making:
○ You have the right not to be subject to decisions based solely on
automated processing, including profiling, which produce legal effects
concerning you or similarly significantly affect you, unless such
processing is necessary for entering into a contract or is based on your
explicit consent.
● Right to Withdraw Consent:
○ If we rely on your consent to process your personal data, you have the
right to withdraw that consent at any time. Withdrawal of consent does
not affect the lawfulness of processing based on consent before its
withdrawal.
● Right to Complain:
○ If you believe that our processing of your personal data infringes upon
your rights, you have the right to lodge a complaint with a supervisory
authority. This may be the data protection authority in your country or
region.
● How to Exercise Your Rights:
○ To exercise any of your rights listed above, please contact us using the
contact details provided below. We may request specific information from
you to help us confirm your identity and to process your request. We strive
to respond to all legitimate requests within one month, though this time
frame may be extended in complex cases or where multiple requests are
made.
7. Changes to This Policy
At Exec Chauffeur Group, we recognize that data protection and privacy are evolving
fields, and our privacy practices may need to be updated from time to time to reflect
changes in legislation, operational practices, or technological advancements. This
section outlines how we approach changes to our Data Protection and Privacy Policy:
● Ongoing Review:
○ We periodically review our Data Protection and Privacy Policy to ensure
that it remains compliant with current laws and regulations, and that it
reflects our practices accurately. This includes any changes to how we
collect, process, or handle personal data.
● Notification of Changes:
○ When we make significant changes to our Data Protection and Privacy
Policy that may materially affect your rights or how your personal
information is handled, we will notify you through an appropriate method
of communication. This may include:
■ Sending an email to the address associated with your account.
■ Posting a notice on our website or application.
■ Updating the policy’s effective date at the top of the document.
● Version Control:
○ To help you understand the changes made, we will maintain a version
history at the bottom of this document that indicates the date of the
revisions and a summary of changes made. This way, you can easily
identify what has been updated and when.
● Continued Use of Our Services:
○ Your continued use of our services following the posting of changes
constitutes your acceptance of the revised policy. We encourage you to
review the policy regularly to ensure you are informed about how we
protect your personal information.
● Feedback and Queries:
○ If you have any questions or concerns about the changes made to our
Data Protection and Privacy Policy, or if you believe that the changes could
affect your rights, please do not hesitate to contact us using the provided
contact information below. We are committed to addressing any queries
you may have.
8. Contact Us
If you have any questions or concerns about our Data Protection and Privacy Policy or
our data practices, please contact us:
Exec Chauffeur group LTD
enquiries@execchauffeurgroup.co.uk
https://execchauffeurgroup.co.uk/