GDPR Policy

Data and Privacy Policy

 

Data Processing & Storage

The following policies explain how NO.15 EXECUTIVE TRAVEL obtain, store and process your personal information. We are committed to ensuring that your privacy is protected and are registered with the information commissioner’s office (UK) to ensure transparency and GDPR provision compliance (GDPR (EU) 2016/679). Should we ask you to provide certain information by which you can be identified when using our products and services; you can be assured that it will only be used in accordance with this privacy statement.

Please note: All emails are stored for for monitoring purposes.

What Personal Data Do We Collect?

We may collect the following information when you use our products or services:

  • Name, telephone number and email address
  • Taxi booking information including the date & time, pickup location and destination
  • Additional information including Aeroplane flight number, luggage and child seat requirements

What Sensitive Data Do We Collect?

We will only collect the following information upon receiving specific authority to do so from individuals who have agreed to our terms & conditions and privacy policies.

  • Debit or credit card details (card number, expiry date, CVC and AVS)

How Do We Collect or Obtain Your Personal Data?

  • When you input your data through electron forms on our website
  • When you input data through our mobile booking application
  • When you contact us by phone, email and writing
  • When you order goods or services from us
  • When you post or react to our social media channels

How Do We Collect or Obtain Your Sensitive Data?

  • When you verbally tell us over the phone
  • When you input data through our mobile booking application

How Do We Process Your Personal Data?

All personal data relating to the booking of our services and products is processed using our cloud-based computer software.

How Do We Process Your Sensitive Data?

All sensitive personal data relating to the payment of our services and products is processed using our cloud-based merchant provider “Stripe”. Stripes are PCI data security standard (PCI-DSS) level 1 compliant. This is the most stringent level of security certification available for card payments and ensures GDPR provision compliance (GDPR (EU) 2016/679).

For full details of their privacy policies and terms & conditions please visit https://stripe.com/gb/privacy

How Long Do We Store Your Personal & Sensitive Data

As required by law, all data is stored for a minimum period of six months from the point of service or purchase. After this period has lapsed, data can be deleted upon request.

Who Do We Share Your Personal & Sensitive Data With?

All data that is collected, processed and stored is secure and we do not share it with third parties.

Upon lawful request from authorities, we are obliged to assist and share personal data.

What Happens In The Unlikely Case Of A Data Breach?

If a data breach was to occur the ICO and affected consumers would be notified within 72 hours. NO.15 EXECUTIVE TRAVEL.

How Do We Detect A Data Breach?

Although unlikely, we must remain vigilant that a data breach could occur. NO.15 EXECUTIVE TRAVEL has the latest cyber security and anti-virus software to ensure early detection and intervention.

NO.15 EXECUTIVE TRAVEL Group has kept the “supply chain” very compact, communicating directly with Stripe, so that we can work in partnership to detect and inform of data breaches. Stripe has stringent data policies and security and they have a duty of care to inform us of any data issues at the earliest possibility.

Data Protection Officer & What They Do?

We have a sole dedicated data protection officer who is registered with the ICO. You can contact our officer at anytime for enquiries or more information. The officer is responsible for overseeing the security and protection of both personal and sensitive data. Our data protection officer is the only person who has access to sensitive data for the purpose of refunds and monitoring.

What Measures Do We Take To Ensure The Security Of Your Personal & Sensitive Data?

All members of office staff & drivers have received training and adhere to strict privacy & data protection policies. NO.15 EXECUTIVE TRAVEL LTD have kept the “supply chain” very compact, working directly with Stripe, so that we have a complete overview of how data is collected, processed and stored. Our data protection officer is the sole person who has restricted access to your sensitive data.