This policy regulates the collection and processing of personal and other confidential data of individuals by the Taxi Omega service (hereinafter referred to as the Service) using automation tools via the Internet. General provisions 1. Within the framework of this of the document, the following terms are used:
1.1. Personal data – any information relating directly or indirectly to a specific or identifiable individual (subject of personal data).
1.2. Service – a person who independently organizes and (or) carries out the processing of personal data, as well as defining purposes processing of personal data, the composition of personal data to be processed, actions (operations) performed with personal data.
1.3. Site – a set of programs for electronic computers and other information contained in the information system, access to which is provided via the Internet via Domain names and (or) network addresses that allow identifying sites on the Internet used by the Service to provide services to Customers. Site addresses: https://taxiomega.ru/
1.4. Mobile application – a program for electronic computers “Taxi Omega: ordering a taxi”, installed on the Customer’s device under the control of mobile operating systems iOS, Android, integrated into the hardware and software complex of the Service and allowing to automate the process of forming orders for the provision of services.
1.5. Services – information services rendered by the Service to the Customer aimed at receiving, processing and transferring the Customer’s order to the Partner and informing the Customer about the execution of the order. The subject and procedure for the provision of services is determined by the terms of the public offer posted on the website.
1.6. Customer – an individual who orders services through a website, mobile application or a call to the subscriber’s phone number of the Service and provides his personal data for this purpose.
1.7. Partner – a person independently, on his own, providing the Customer with services for the transportation of passengers, delivery of goods (cargo), carrying out loading and unloading operations. At the same time, the Service is not a transport organization and does not independently provide the Customer with any transport services.
1.8. Order – a request formed by the Customer for the provision of transport services by the Partners.
1.9. Processing of personal data – any action (operation) or a set of actions (operations) performed with the use of automation tools or without the use of such means, with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction , use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
1.10. Automated processing of personal data – processing of personal data using computer technology.
1.11. Provision of personal data – actions aimed at disclosing personal data to a certain person or a certain circle of persons.
1.12. Blocking of personal data is a temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data).
1.13. Destruction of personal data – actions, as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) the material carriers of personal data are destroyed.
1.14. Personal data information system – a set of personal data contained in databases and information technologies and technical means providing their processing.
1.15. Cookies are pieces of data sent by the site and stored on a computer, mobile phone or other device from which the Customer visits the site, used to save data about the Customer’s actions on the site.
1.16. Device identifier – unique data that allows to identify the Customer’s device on which the mobile application is installed, provided by the device itself or calculated by the mobile application.
2. By ordering services through the website, mobile application or a call to the subscriber phone number of the Service, the Customer agrees to the terms of this policy, including giving consent to the Service to process his personal data, in cases where such consent is required by the provisions of the current legislation. Personal data
3. In the course of processing personal data, the Customer has the right:
3.1. To receive information regarding the processing of his personal data, including information containing:
3.1.1. Confirmation of the fact of personal data processing;
3.1.2. Legal grounds and purposes of personal data processing;
3.1.3. Purpose and applied methods of processing personal data;
3.1.4. Information about the name and location of the person processing personal data, information about persons (except for employees of the Service) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Service or on the basis of current legislation;
3.1.5. Processed personal data related to the relevant subject of personal data, the source of their receipt, unless another procedure for submitting such data is provided for by current legislation;
3.1.6. Terms of processing personal data, including the terms of their storage;
3.1.7. The procedure for the Customer to exercise the rights provided for by applicable law;
3.1.8. Information about the performed or intended cross-border data transfer;
3.1.9. Name or surname, first name, patronymic and address of the person who processes personal data on behalf of the Service, if the processing is entrusted or will be entrusted to such a person;
3.1.10. Other information provided for by applicable law.
3.2. Require the Service to clarify its personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights.
3.3. Appeal against the actions or inaction of the Service to the authorized body for the protection of the rights of subjects of personal data or in court if the Customer believes that the Service is processing his personal data in violation of the requirements of the current legislation or otherwise violates his rights and freedoms.
3.4. To protect their rights and legitimate interests, including compensation for losses and (or) compensation for moral damage in court.
4. In the course of processing personal data, the Service undertakes:
4.1. Provide the Customer at his request with the following information:
4.1.1. Confirmation of the fact of personal data processing;
4.1.2. Legal grounds and purposes of personal data processing;
4.1.3. Purpose and applied methods of processing personal data;
4.1.4. Your name and location, information about persons (with the exception of employees) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement or on the basis of federal law;
4.1.5. The processed personal data of the Customer, the source of their receipt, unless another procedure for submitting such data is provided for by the current legislation;
4.1.6. Terms of processing personal data, including the terms of their storage;
4.1.7. The procedure for the implementation by the Customer of the rights provided for by the current legislation;
4.1.8. Information about the performed or intended cross-border data transfer;
4.1.9. Name or surname, first name, patronymic and address of the person who processes personal data on behalf of the Service, if the processing is entrusted or will be entrusted to such a person;
4.1.10. Other information, provided for by applicable law.
4.2. Ensure that measures are taken to prevent unauthorized access to the personal data of the Customer.
4.3. Publish or otherwise provide unrestricted access to the document defining the policy regarding the processing of personal data, as well as to information on the implemented requirements for the protection of personal data.
5. The purpose of collecting and processing the Customer’s personal data is to conclude an agreement between the Customer and the Service for the provision of services to the Customer.
6. Personal data of the Customer is stored on electronic media and processed using automated systems for processing personal data.
7. The Service collects and processes the following personal data of the Customer:
7.1. Full Name;
7.2. Date of Birth;
7.3. Subscriber telephone number;
7.4. Location address;
7.5. E-mail address.
8. The following personal data can be provided by the Customer to the Service at its own discretion, and can also change and (or) delete them at its discretion:
8.1. Full Name;
8.2. Date of Birth;
8.3. Location address;
8.4. E-mail address.
9. Personal data of the Customer is destroyed by the Service in the following cases:
9.1. After three years from the end of the provision of the Services;
9.2. If the Customer withdraws consent to the processing of his personal data.
10. The destruction of the Customer’s personal data is carried out without the possibility of their subsequent recovery.
11. Access to the personal data of Customers is only available to persons directly related to the provision of the Services. In other cases, the Service does not distribute the personal data of the Customer, and also does not provide access to them to third parties without obtaining the prior consent of the Customer, except for the cases of providing personal data at the request of authorized state bodies in accordance with applicable law.
12. The Service takes the following measures to prevent unauthorized access to the Customer’s personal data:
12.1. Appoints employees responsible for organizing the processing of personal data;
12.2. Applies organizational and technical measures to ensure the security of the Customer’s personal data, namely:
12.2.1. Identifies security threats to personal data during their processing in personal data information systems;
12.2.2. Organizes a regime for ensuring the security of the premises in which the information system is located, preventing the possibility of uncontrolled entry or stay in these premises of persons who do not have the right to access these premises;
12.2.3. Ensures the safety of personal data carriers;
12.2.4. Approves the list of persons who have access to personal data necessary for the performance of their official (labor) duties;
12.2.5. Uses information security tools necessary to prevent unauthorized access to personal data;
12.2.6. Evaluates the effectiveness of measures taken to ensure the security of personal data;
12.2.7. Provides detection of facts of unauthorized access to personal data and taking measures;
12.2.8. Restores personal data modified or destroyed as a result of unauthorized access to them (if there is a technical possibility of such recovery);
12.2.9. Establishes the rules for access to personal data processed in the personal data information system;
12.2.10. Carries out control over the measures taken to ensure the security of personal data and the level of protection of information systems of personal data.
13. The customer has the right to demand that the Service clarify (update) his personal data, block or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as withdraw his consent to processing personal data by sending the Service a corresponding request and (or) a request in writing by registered mail with a receipt acknowledgment or its personal provision at the location of the Service. The addresses of the Service units are indicated in the corresponding section of the site. The specified request / requirement must contain the number of the main identity document of the Customer or his representative, information about the date of issue of the specified document and the issuing authority, the address of the Customer’s residence, information confirming the Customer’s participation in relations with the Service (contract number, date of the contract, conventional verbal designation and (or) other information), or information otherwise confirming the fact of processing the personal data of the Service, the requirement to clarify, block or destroy the personal data of the Customer or notification of withdrawal of consent to the processing of personal data, the signature of the Customer or his representative. The Service is obliged to give a reasoned answer on the merits of the Customer’s request / requirement within 30 calendar days from the date of its receipt. Geolocation data
14. The service receives through a mobile application data about the location of the Customer (geolocation data). Geolocation data is transmitted to the Service only when using the mobile application. The customer, at his discretion, can prohibit the transfer of geolocation data by changing the corresponding settings of his mobile device.
15. In order to fulfill the Order, the Service provides the Customer’s geolocation data to its Partners who have accepted the order for execution. Payment data.
16. To be able to transport services provided by the Partners, by non-cash payment using bank cards, the Customer can link the bank card to his subscriber telephone number. The linking of a bank card is carried out by the Customer independently in the mobile application by specifying the following data:
16.1. Bankcard number;
16.2. Bank card validity period;
16.3. Surname and name of the bank card holder;
16.4. Bank card security code.
17. Payment by non-cash payment using bank cards is carried out in accordance with the rules of international payment systems on the principles of confidentiality and security of payment. The security of the data provided by the Customer is ensured by the compliance of procedures with the requirements of the Payment Card Industry Data Security Standard, and no one, including the Service, can receive it. Bank card data is entered on the secure payment page of the acquiring bank, which provides the possibility of cashless payment for services. Cookies
18. The Service may use the following types of cookies:
18.1. Strictly Necessary Cookies. They are required to navigate the site and use the requested services. Cookies of this type are used when registering the Customer and logging in. Without them, the services requested by the Customer become unavailable. These cookies are essential and can be permanent or temporary. Without the use of this type of cookie, the site does not work properly.
18.2. Performance cookies. They collect statistical data on the use of the site. These files do not receive personal information from the Customer. All information collected by these cookies is statistical and anonymous. The purposes of these cookies are:
18.2.1. Obtaining statistics on the use of sites;
18.2.2. Evaluation of the effectiveness of advertising campaigns. These cookies are permanent and temporary, and can also refer to both primary and third-party cookies.
18.3. Functional cookies. They are used to remember information provided by the Customer (such as username, language or location). These files use anonymized information and do not track the actions of the Customer on other sites. The purposes of these cookies are:
18.3.1. Remembering information about whether the Customer was provided with any service earlier;
18.3.2. Improving the quality of interaction with the site as a whole by remembering the preferences chosen by the Customer. These cookies are permanent and temporary, and can also refer to both primary and third-party cookies.
18.4. Advertising cookies. They are used to manage advertising materials on the site, limit the number of views of advertising by the user, and also to evaluate the effectiveness of advertising campaigns. Advertising cookies are placed by third parties – for example, advertisers and their agents. These files are associated with advertisements on the site provided by third parties. They can be both permanent and temporary.
19. You can block or delete cookies, as well as restrict their action in the settings of the browser used by the Customer. Device identifier
20. Collected data on the device identifier does not contain personal data of the Customer.
21. The purpose of collecting information about the device identifier is the internal accounting of users of the mobile application. Data on the mobile operator
22. The Service, through a mobile application, receives data on the operator providing the Customer with mobile telephone communication (cellular) services.
23. The collected data about the cellular operator does not contain the personal data of the Customer.
24. The purpose of collecting information about a cellular operator is to automatically establish in the settings of the mobile application data about the country of the Customer’s location and the language of the application interface. History of orders
25. The Service saves the history of the Customer’s trips, namely the time when the order was created, the address of the place where the car was delivered, the intermediate and final addresses of the route, the tariff applied, the method of payment and other data specified when creating the Order.
26. The purpose of collecting information about the history of orders is to improve the quality of the services provided by automatically filling in the order parameters using previously provided data, which reduces the time for creating an order.