Privacy Notice:

All CityFleet Networks Limited Group Customers

This privacy notice describes how the CityFleet Networks Limited Group (We/Us) collects and uses information about its customers, before, during and after the contractual relationship, to the extent such information is personal data in accordance with the EU Regulation 2016/679 General Data Protection Regulation (GDPR). This document also satisfies our obligations under Article 30 of the GDPR and The Data Protection Act 2018 (DPA). It applies to all customers of the CityFleet Networks Limited Group (You).

Data Controller Details

The Company is a data controller for the purposes of the GDPR and DPA and every customer on behalf of itself and any of its directors, shareholders, members, employees, servants and agents (“associates”) acknowledges the use and processing of personal data described in this privacy notice.

CityFleet Networks Limited Group (“CityFleet”) means CityFleet Networks Limited and any of its subsidiaries including, without limitation, CityFleet Networks Limited, Computer Cab plc, Computer Cab (Aberdeen) Limited, Computer Cab (Liverpool) Limited, Flightlink International Limited (T/AS Comfort Executive) and Westbus Coach Services Limited, (further details of which can be found at http://cityfleetnetworks.com/) and CityFleet are committed to protecting the privacy and security of personal information. Within this policy the term ”the Company” is applicable to CityFleet Networks Limited and all its subsidiaries unless a specific company is named.

Categories of Data Subjects

Whilst the majority of our customers are “corporates”, some may be sole traders, partnerships or consumers. We may therefore collect personal data from those types of customers and any employees or individuals working for that customer (collectively “customers”).

Personnel Data we may hold

We limit the personal data held to what is relevant for supplying or marketing our servicers or otherwise conducting business.

Individuals from whom we retain personal data include customers, potential customers, suppliers, service providers industry experts and others with whom we have a business or professional relationship. We may collect the following categories of personal data about customers:

  • Personal details including name, address, pick up and drop off addresses, email, telephone number including mobile phone or other contact information.
  • Banking, payment and financial information
  • Credit information (through an external third party).
  • Electronic identification data including IP address collected through our websites;
  • Contractual details including the products and services provided, trading history with the Company;
  • Audio recordings of all telephone orders, enquiries and customer communications (Audio Data); and/or
  • Images (still or video) from the closed circuit television (CCTV) on the Company’s sites or from onboard vehicle monitoring (CCTV Data).
  • Other business or marketing related personal details (such as business or professional role and/or title)
  • Marketing channel preferences (such as individual’s preference to be contacted via email and not by telephone)

Sources of Personal data

We obtain Personal data when individuals:

  • are designated by their employer as our contacts for the purpose of including but limited to submitting proposals, managing the service relationship and paying invoices
  • use our services from the CityFleet Networks Limited Group of Companies
  • request information from us or
  • otherwise provide the Company or a Company employee with their contact details or other personal data.

Personal data may also be obtained from published sources.

Purposes of Data Processing

The Company collects and processes data about customers, some of which may be personal data as defined under GDPR and DPA, for purposes which include:

  • As necessary to perform a contract with a customer including:
    • To take steps at the customer’s request prior to entering into a contract;
    • To decide whether to enter into a contract;
    • To make credit decisions about the customer or its associates regarding the contract or the entering into of a new contract with us;
    • To manage, perform and operate the contract and the customer’s account;
    • To update our records;
    • To resolve any complaints in relation to the contract;
    • To recover debts.
  • As necessary for our own legitimate interests or those of other persons and organisation, for example:
    • For good governance, accounting and managing and auditing our business operations;
    • To search credit reference agencies;
    • To protect the health and safety of workers and others;
    • Maintaining, monitoring, improving and enhancing our products and services;
    • To monitor Audio Data and CCTV Data for quality control and training or for the detection and prevention of crime or unauthorised use of our systems.
  • As necessary to comply with our legal obligations for example:
    • Where disclosure is necessary for or in connection with any legal proceedings (including prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights;
    • For tax collection purposes;
    • To comply with any regulatory obligations to which we are subject;
    • Where we are required to do so by law (including under any legislation, or by a court or tribunal in any jurisdiction);
    • For fraud prevention and money laundering purposes in compliance with our statutory obligations.

How We Use Personal data

We use Personal data to:

  • provide customers with services or data they request,
  • advise customers and potential customers about services offered by the Company,
  • instruct our suppliers and service providers and compensate them for their services,
  • correspond with our Contacts.
  • Except as described further below under the heading Legal Matters, we disclose Personal data to others only with the individual’s prior permission or in the following limited circumstances:

In the course of customer work, we may disclose personal data concerning our customers to others in the same customer organisation or to third parties, or disclose third-party personal data to our customers, but only when we believe the disclosure is in the interest of both parties.

We sometimes provide personal data to other companies and individuals to perform functions on our behalf (for example, to a mailing service to process a large mailing, or to a service partner to provide a service to our customer). Such data will be used solely to perform the contracted services for the Company.

Categories of Personal Data Recipients

We disclose personal data to a number of recipients which includes the following categories of persons:

  • Other companies within the CityFleet Networks Limited Group;
  • Auditors and professional advisors, such as our bankers, lawyers and consultants;
  • Law enforcement officials and statutory or regulatory authorities;
  • Third-party service providers, such as providers of transport services; CCTV management; Audio Data management; IT system management; credit checks, debtor tracing; contractors or subcontractors or associated services necessary to perform the contract.

We may use and replace any third party which we wish to use to assist us in meeting its obligations under the contract, and where such third party is a processor of personal data, this constitutes prior general written authorisation as envisaged by Article 28(2) of the GDPR.

We may transfer personal data outside the EEA in accordance with the principles of the GDPR as necessary to perform the contract.

Data Security

We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access of personal data to those employees, agents, customers, contractors and other third parties who have a business need to know. They will only process the personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify the person and any applicable regulator of a suspected breach where we are legally required to do so.

Data Retention

We will only retain personal data for as long as necessary to fulfil the purposes that we collected it for, including for the purposes of performing the contract, satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights

You may change your marketing channel preferences, or request that you stop receiving all communications from us, at any time by contacting us as provided below. (See Contacts and Complaints.)

You may review your personal data at any time and instruct that it be corrected, updated, or deleted, by contacting us as provided below. We will take all reasonable steps to make the requested changes promptly. We may retain Personal data for a period in our backup systems. We may also retain some data for longer periods as required by law, contract, or auditing requirements.

Legal Matters

The Company may disclose personal data as we deem necessary to satisfy any applicable law, regulation, legal process, or governmental request. In this, we will strictly adhere to the relevant privacy laws and regulations.

Data Collected through all Company Web Sites

We also collect personal data from users of our web sites. Our use and handling of this data are governed by the CityFleet Networks Limited Privacy and Data Protection Policy. Any personal data gathered through our web sites that are used in the Company general customer contact and marketing databases along with other Personal data are treated in accordance with the CityFleet Networks Limited Privacy and Data Protection Policy.

Changes to this Record of Processing Activities

We reserve the right to amend this Privacy Notice from time to time consistent with the GDPR and other applicable data protection requirements.

Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) the UK supervisory authority for data protection issues.

Contacts

If you wish to ask any data protection questions or raise any data protection issues with us, please contact us using the details below:

Data Protection Team
CityFleet Networks Limited
7 Woodfield Road, London, W9 2BA
Tel: +44 (0)20 7432 1630
Email: dataprotectionofficer@cityfleet.co.uk