Website Privacy Notice
‘iGO’ is a trade name operated locally by Flash Drive Limited (hereinafter referred to as the ‘Company’, ‘Controller’ ‘We’). The Company is incorporated in Malta with registration number C88618 and has its registered office at ‘ONEONEO’, Pitkali Road, Attard. This Privacy Notice is to detail how the Company collects data and how as a data controller it processes your personal data, when this has been collected.
The Company provides customers with a quick and easy way of hailing a taxi across the Maltese islands by using an app or the website, www.igo.mt.
This Privacy Notice is intended to help you understand why and how we may use information which relates to you. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this Privacy Notice.
The Company is committed to respecting your rights under the General Data Protection Regulation (the ‘GDPR’) and the Data Protection Act Chapter 586 of the Laws of Malta (the ‘Act’).
1. Defining ‘Personal Data’
The term Personal Data refers to all information about you from which you may be personally identified, such as your name, surname, address and telephone number.
2. How we collect your data
The Company collects Personal Data from;
- Contact and/or feedback information;
- Web page download information;
- Information submitted when booking a taxi service;
- Information submitted when signing up for the newsletter.
3. How consent is obtained
When signing up to the Company’s website by creating an account, by subscribing to newsletters, or booking a taxi by web or app, the Company considers this as consent, given voluntarily from your end, thus the Company is able to review and process any Personal Data found therein.
The Company has the discretion to delete any Personal Data which appears to be inaccurate, false or otherwise fictitious. The Company reserves the right to also refuse to extend its services to the customer if the person has provided such incorrect information or has falsely declared that he/she was more than sixteen years old.
Any customer may choose to rectify, or even request the deletion of, any Personal Data which is being held and processed by the Controller. Your rights are listed in Clause 6, and details about our Data Protection Officer are available in Clause 11.
4. How we use your personal data
In order to be able to better understand your needs as our customer, and to be able to improve the services which we offer you, the Company uses your Personal Data for the following reasons:
- To carry out the service requested by customers;
- Internal record keeping;
- Company’s statistical research;
- To comply with our legal obligations;
- To improve our products and services;
- To send promotional emails about new products, offers or other information or for market research purposes, to which you would have explicitly opted into, and consented (and from which you can opt out at any time);
- To contact you by email, phone, fax or mail to obtain information how we can customise our services according to your interests and requirements.
5. Sharing of Personal Data
We will not sell, distribute, lease or otherwise share your personal information with third parties unless we have your specific permission, or are required by law to do so. As a Controller, we do not however exclude that employees and/or other representatives of our organisation are given access to Personal Data as required in order to be able to effectively carry out their duties. We may use your personal information to send you promotional information about third parties when you have expressly consented to receive such promotional content.
6. Your rights and remedies
The Data Subject has various rights in relation to their Personal Data as established by Chapter 3 of the GDPR. In particular, as a customer you have:
- The right to be informed; This means anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
- The right of access; this is your right to see what data is held about you by a Data Controller.
- The right to rectification; the right to have your data corrected or amended if what is held is incorrect in some way.
- The right to erasure; under certain circumstances you can ask for your personal data to be deleted. This is also called ‘the Right to be Forgotten’. This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
- The right to restrict processing; this gives the Data Subject the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- The right to data portability; a Data Subject has the right to ask for any data supplied directly to the Data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
- The right to object; the Data Subject has the right to object to further processing of their data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
- Rights in relation to automated decision making and profiling; Data Subjects have the right not to be subject to a decision based solely on automated processing.
Cookies are small data files stored in your device memory when you visit a website. Cookies and similar technologies are widely used by websites to make them work more efficiently, as well as to provide information to the website operator about how users are using their website.
Essential cookies are essential, as they enable you to move around the Service and use its features. Without these cookies we could not, for example, authenticate your login or remember that you are logged-in as you move through the Service.
Most devices allow you to block cookies by adjusting the settings on your browser. However, if you use your browser settings to block cookies (including essential cookies, such as those allowing you to log-in) you may not be able to access all or parts of our Service.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please refer to your browser ‘help’ section, or visit www.allaboutcookies.org.
8. Data Security
We consider that we have a legal duty to respect and protect any personal information we collect from you and we will abide by such duty. We take all safeguards necessary to prevent unauthorized access, unlawful destruction, accidental loss or any other unlawful processing of the Personal Data in our possession. We do not pass on your details collected from you as a visitor, to any third party or supplier, unless we are legally obliged to as a Company or unless you give us your consent to do so.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. The availability of physical files is kept to a strict minimum, nevertheless any physical files are under lock and key and not left stored in an unsecure manner.
9. Links to other websites
Our website may contain links to third party websites. When using the provided links to a third-party site, you are to note that we do not have any control over that other website. Therefore, we will not accept responsibility for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and carefully consider the privacy statement applicable to the website in question.
10. Retention of Personal Data
We aim to collect Data which is required to carry out our duties and meet our obligations, whilst ensuring that we keep providing satisfactory services to our customers. We only keep data which is necessary and such data is deleted from our system if there is no longer a legal basis for it to be retained. Typically, data relating to customer profiles is retained for a period of five years from the last usage date while data relating customer complaints, issues regarding damages, booking confirmations and payment details are retained for a period of ten years. Any data may be retained for longer if required so by law.
11. Data Protection Officer
We have appointed a Data Protection Officer (hereinafter referred to as ‘DPO’) who is responsible amongst other things for overseeing any questions relating to this Privacy Notice or if you wish to exercise any of your rights under data protection legislation. The Company’s Data Protection Officer may be contacted via e-mail on [email protected].
The Data Subject has the right to lodge a complaint about any issue regarding this Privacy Notice to the DPO and if not satisfied may proceed with such query to the Information and Data Protection Commissioner.
The Company warrants that it shall keep this Privacy Notice under regular review. Any changes and updates shall be made available on this website, and the date of such update shall be communicated through our website.
Policy updated 13 January 2020