78 Thornbury Road M320QE

0800 994 9010

Facebook
Menu
Book Now

Data Protection

Policy for Private Hire Operator Licence

Introduction:

This Data Protection Policy outlines how we handle personal data to ensure compliance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). It applies to all employees, drivers, and anyone acting on behalf of the private hire operator.

Purpose:

The purpose of this policy is to:

  1. Ensure the protection of personal data.
  2. Comply with all legal requirements related to data protection.
  3. Provide a clear framework for responsible data management.

Scope:

This policy applies to all personal data processed by the private hire operator, including data relating to customers, employees, and drivers.

 

Legal Framework:

This policy adheres to the principles set out in the Data Protection Act 2018 and GDPR, which require that personal data:

  1. Is processed lawfully, fairly, and transparently.
  2. Is collected for specified, explicit, and legitimate purposes.
  3. Is adequate, relevant, and limited to what is necessary for those purposes.
  4. Is accurate and, where necessary, kept up to date.
  5. Is retained only for as long as necessary for the intended purposes.
  6. Is processed securely to ensure appropriate protection.

 

Data Collection and Use:

  1. Customer Data: This includes names, contact information, pickup and drop-off locations, and payment Such data is used solely for the provision of private hire services, payment processing, and ensuring customer safety.
  2. Employee and Driver Data: This includes personal identification, contact details, employment records, and background checks. The data is processed for employment-related purposes and to ensure compliance with legal and regulatory requirements.

 

Data Processing Principles:

We follow the following key principles when processing personal data:

  1. Lawfulness, Fairness, and Transparency: Personal data will always be processed lawfully, fairly, and with transparency.
  2. Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and will not be processed further for incompatible reasons.
  3. Data Minimization: We will collect only the data necessary for the specific purposes identified. 
  4. Accuracy: We ensure that data is accurate and, where necessary, updated regularly.
  5. Storage Limitation: Data will not be kept for longer than is necessary for the purposes for which it was collected.
  6. Integrity and Confidentiality: Personal data will be processed securely to ensure it is protected from unauthorized access, unlawful processing, accidental loss, destruction, or damage.

 

Data Subject Rights:

Individuals have the following rights concerning their personal data:

  1. Right to Access: Individuals may request access to their personal data and obtain information on how it is processed.
  2. Right to Rectification: Individuals have the right to have inaccurate data corrected or incomplete data completed.
  3. Right to Erasure: In certain circumstances, individuals may request the deletion of their personal data.
  4. Right to Restrict Processing: In specific situations, individuals can request the restriction of data processing.
  5. Right to Data Portability: Individuals can request their data in a structured, commonly used, and machine-readable format to be transferred to another data controller.
  6. Right to Object: Individuals can object to the processing of their personal data in certain circumstances.
  7. Rights Related to Automated Decision-Making: Individuals have the right not to be subjected to decisions based solely on automated processing, including profiling, where such decisions produce legal effects or similarly significant outcomes.

 

Data Security:

  1. Technical and Organizational Measures: Appropriate measures, including encryption and firewalls, will be implemented to safeguard personal data.
  2. Access Control: Access to personal data is limited to authorised personnel who require it for legitimate business purposes.
  3. Training: All employees and drivers will receive regular training on data protection and the importance of maintaining data security.

 

Data Breach Management:

  1. Reporting: Any suspected or actual data breach must be reported immediately to the Data Protection Officer (or designated responsible person).
  2. Response: A prompt investigation will be initiated to assess the breach, and appropriate actions will be taken to mitigate its impact.
  3. Notification: If necessary, data subjects and relevant authorities (e.g., the Information Commissioner’s Office) will be informed about the breach without undue delay.

Monitoring and Review:

  1. Regular Audits: Periodic audits will be carried out to ensure compliance with this policy and the applicable data protection laws.
  2. Policy Review: This policy will be reviewed annually, or sooner if required, to ensure ongoing compliance and effectiveness.

 

Conclusion:

We are committed to protecting the personal data of everyone we interact with. By adhering to this policy, we aim to comply with data protection regulations and build trust with our customers, employees, and drivers. All staff and drivers are expected to follow this policy and manage personal data responsibly.

Get Moving in Comfort

Book Your Ride Now!

0800 994 9010

D2DCars private cab hire service based in Trafford, UK. We’re dedicated to providing you with a seamless, reliable, and comfortable travel experience for all your transportation needs.

Facebook

Quick Links

Company Polices

Work Hours

  • 9:30 AM - 4:30 PM, Mon - Sat

© 2025 D2d Cars • All Rights Reserved