Privacy Policy

BookTaxiService ("we", "us", "our") is committed to protecting and respecting your privacy. This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

BookTaxiService is a UK-registered private hire and chauffeur service provider. Our registered address is London, United Kingdom. You can contact our Data Protection lead at privacy@booktaxiservice.com.

2. What data we collect

• Booking data: name, email, phone number, pickup/drop-off addresses, flight number, date, time, vehicle preference, special requirements.
• Payment data: processed by Stripe (PCI-DSS compliant). We never store your full card number.
• Communication data: emails, WhatsApp messages, live chat transcripts.
• Technical data: IP address, browser, device, pages visited, cookies (see Cookie Policy).

3. How we use your data

• To fulfil your booking (driver dispatch, route planning, contact during the journey).
• To process payments via Stripe.
• To send confirmation, reminder, and follow-up emails.
• To improve our service (analytics, A/B testing).
• To comply with legal obligations (HMRC, licensing authorities, law enforcement when required).

4. Lawful basis for processing

We rely on the following lawful bases under Article 6 UK GDPR:

• Contract: to perform our agreement with you (your booking).
• Legitimate interests: to operate, secure, and improve our service.
• Legal obligation: tax records, regulatory reporting, fraud prevention.
• Consent: for marketing emails and non-essential cookies. You can withdraw consent at any time.

5. Who we share your data with

• Drivers: assigned chauffeurs receive your name, pickup/drop-off, and contact number.
• Stripe: payment processing.
• Google Maps: route calculation (coarse pickup/drop-off only).
• Resend: transactional email delivery.
• Supabase: our database hosting provider (data hosted in EU).
• Authorities: only where legally required.

We never sell your data to third parties.

6. International transfers

Some processors (e.g. Stripe, Google) operate in the United States. Transfers are protected by the EU-US Data Privacy Framework, Standard Contractual Clauses, or equivalent safeguards.

7. How long we keep your data

• Booking records: 6 years (HMRC requirement).
• Account data: until you request deletion or 3 years of inactivity.
• Marketing data: until you unsubscribe.
• Live chat / call logs: 12 months.

8. Your rights

Under UK GDPR you have the right to:

• Access the data we hold about you.
• Request correction of inaccurate data.
• Request erasure ("right to be forgotten").
• Restrict or object to processing.
• Data portability.
• Withdraw consent at any time.
• Lodge a complaint with the Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email privacy@booktaxiservice.com. We respond within one calendar month.

9. Security

We use TLS encryption in transit, encrypted storage at rest, role-based access control, and routine security audits. No system is perfectly secure, but we follow industry best practices.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be communicated by email to active customers.

Contact

Data Protection Lead
Email: privacy@booktaxiservice.com
Phone: +44 7957 695697