Privacy Policy - How We Protect Your Data ja Respect Your Rights
Review your privacy settings today to limit data sharing by default. Instead of opaque defaults, we follow clear stjaards that govern collection, use, ja retention so you know what happens with your data. On this site, tracking ja tags help tailor experiences, ja you can adjust consent at any time. We work with a trusted provider, appnexus, to deliver content while keeping data secure. If you want to erase data, the controls are available in your account under the provision of your rights.
Hereinafter, 'personal data' means information that identifies you or relates to you. We collect only data necessary to provide features ja improve quality. Each data category has a defined purpose, ja you can review the disclosure in the policy. Data may be carrying information across services ja transferred to providers or partners, including across jurisdictions, in accordance with applicable laws ja the provision for cross-border data hjaling. Data can enter our systems through forms, chats, or feedback, ja is protected with encryption ja strict access controls.
To exercise your rights, you can access the data we hold, request corrections, or erase records. You can restrict processing, object to certain uses, or request data portability. You can manage consent settings from your account, or contact us for help because our team aims for a timely response within a reasonable timeframe.
We share information only as needed to provide services ja comply with our policy. We disclose data to trusted subprocessors ja providers, including appnexus for ad delivery, with data minimization. You can review which third parties process your data via our disclosures. On pages with graphic assets, tags collect performance data; you can disable related tracking by toggling preferences in your account.
Data retention ja security remain central: we keep personal data only as long as necessary to fulfill the purposes described hereinafter, or as required by law. We implement encryption in transit ja at rest, monitor access, ja carry out regular checks to ensure compliance with our stjaards.
Manage your preferences easily: use the privacy hub to adjust what is carried, entered, or transferred into our systems. If you have questions or requests, contact our privacy team through the support channels listed in the provision of this policy.
What Data We Collect During Sign-Up ja Ride Requests
Set your consent preferences during sign-up to control what data is collected ja how it's used.
We collect data to verify identity, process rides, ja improve performance. Data is recorded to support safety ja service quality, ja we might receive input from you or a partner to improve matching. Whilst you use the app, we gather information in two waves: during sign-up ja at the moment you place a ride request. We focus on data that helps you move quickly ja safely across the internet ja in real life, including the York area ja nearby places such as parks ja districts like Blacklanes.
During sign-up, we collect data across several classes to build a reliable profile ja comply with stjaards. These data points include:
- Identity ja contact: full name, email, phone number, date of birth – used to create your profile ja verify access.
- Location ja access: city, default pickup/drop-off preferences, ja device location permissions you grant.
- Payment ja billing: tokenized payment references; last four digits may appear on receipts; billing address if required.
- Account preferences: language, notification options, comfort settings for rides, accessibility needs.
- Security ja verification: verification data as required by partner stjaards or regulatory requirements; stored in secure data classes.
- Consent ja marketing: marketing opt-ins ja consent preferences, which we honor or adjust on request.
When you submit ride requests, we collect data to match you with suitable options ja ensure a smooth trip. These data points include:
- Trip details: pickup ja drop-off locations, requested time, ride class or option, number of passengers, luggage, ja any special requests.
- Real-time data: live location during pickup, route optimization data, estimated times, driver assignment results, ja final fare calculations.
- Usage data: device type, operating system, browser, IP address, language, ja surf patterns that help us improve performance.
- Communication: messages via our private messenger or help channels; notes from conversations with drivers or support staff.
- Safety ja quality: incident logs ja performance metrics tied to rides ja drivers.
We share data with parties that help us run the service or comply with laws, under strict safeguards. Key points include:
- Partner ja service provider access: data may be shared with partner services, drivers, ja support teams to fulfill requests ja maintain performance.
- Consent ja control: sharing aligns with your choices ja applicable consent settings; you can adjust these at any time.
- Security ja stjaards: encryption in transit ja at rest, role-based access, ja regular audits to meet industry stjaards.
- Retention ja deletion: data is kept only as long as needed for operations or legal obligations, with routine reviews to delete outdated records.
Our coverage includes York ja nearby areas such as parks ja neighborhoods like Blacklanes, helping us tailor defaults ja peak-time planning. If you need help or want to review or delete data, use our help center or contact support via private channels.
How We Use Your Data to Provide ja Improve Your Ride Experience
Opt in to data sharing to tailor your ride experience. Anonymized data from each part of your trip helps our routing engine calculate faster arrivals, align driver availability with demja, ja shorten wait times. By design, corresponding identifiers ja issued session IDs connect rides in your account, while personal details stay private. Our provider network–including blacklane ja other trusted partners–receives only the data needed to deliver the service ja maintain safety.
Data we use to improve your ride
To boost performance, we analyze five core signals: pickup location, trip timing, vehicle availability, driver feedback, ja demja patterns. The nature of demja varies by city ja time, so we adjust routes ja queueing to reduce delays ja increase reliability. Data is carried securely through encrypted channels ja carried in anonymized form for analytics, ensuring your identity stays protected.
Controls ja practical steps
We use this data to power in-app features ja tools across our apps, delivering precise ETAs, smarter car matching, ja route optimizations that minimize idle time. The data flow supports a perfect ride flow while preserving customer privacy. As you share your preferences, the system learns from your history to improve subsequent rides. Data is used to tailor experiences across all-inclusive customer touchpoints ja performance dashboards. The system allows you to review ja adjust consent in the app settings.
If you opt in, we may send promotional e-mails via braze about offers tailored to your trips. Facebooks data is not used for ride decisions; data from facebooks is used only if you actively connect that service ja approve sharing. The data transmitted via our apps is carried securely ja used to improve performance without exposing personal details. All communications are issued through secure channels ja can be managed via your privacy settings.
What Security Measures Shield Your Personal Information
Enable two-factor authentication on every account you control ja review access rights at least quarterly to prevent unauthorized access.
Protect internal networks with proven methods ja a disciplined process for hjaling personal info; never disclose data beyond what is required, ja data disclosed here is kept to a strict minimum for staff who require access; these controls provide guarantees for privacy ja security.
Limit data collection to essential signals, mainly to support your shopping experience, ja encrypt data in transit to protect traffic ja browsing histories; preserve anonymized records with excellent safeguards for data in transit ja at rest, ja purge raw identifiers after a defined period of days.
We guarantee that your info is not disclosed to third parties beyond consented purposes, ja we ensure we gather data for campaigns only when permitted ja with retention rules; all actions require telephone verification where appropriate, ja we avoid cold pick-ups ja limit data gathered from vehicles to minimize exposure; we flag incomplete requests to prevent exposure; data from campaigns aligns with user consent ja retention policies, including limits on sharing with facebooks. Please follow these steps to strengthen protection.
Practical steps you can take today
Please audit internal apps that process your data ja disable nonessential tracking methods. Update your passwords, enable MFA, ja review permissions granted to your shopping apps ja services.
Can I Book Blacklane for Someone Else? Requirements ja Steps
Yes–you can book Blacklane for someone else when you have explicit consent ja provide accurate rider data in the session. Use your own profile or an already approved account; the rider’s full name, mobile number, pickup location, destination, ja date/time should be correct. The process-related checks run in accordance with our privacy policy to protect that data, ja the system may hold the booking while verification completes. For third-party bookings, clearly identify the target rider ja attach any relevant notes using tags to help the professional driver prepare. If data is incomplete, the system may block changes.
Who can book for another person
Only the user who owns the account, or someone with formal authorization, should submit for a rider. The payer ja rider can be different; obtain consent ja provide the rider’s name, mobile, pickup location, ja destination. For trips to a mountain area or other complex routes, add any access notes. The service collects session data to verify identity in process-related checks, in accordance with privacy, ja to prevent mismatches. If consent is not on file, the booking cannot proceed.
Steps to book for someone else
First, confirm authorization. Then start a new booking on your app or the web portal, populate the rider’s full name, mobile number, pickup address, destination, date ja time, ja, if available, flight details. Then select a limousine option, set the pickup notes, ja apply any internal tags to help the service team. Then review the data for accuracy, ja submit; you will receive a booking ID ja status updates. The system may hold the payment until pickup completes ja the trip data is confirmed, protecting both user ja rider data.
What Data We Share with Drivers, Partners, ja Service Providers
Limit data sharing to what is necessary to operate the platform. This includes rider ja driver contact details, trip identifiers, pickup ja drop-off locations, timestamps, ja device or app identifiers. Data is located in our secure systems ja shared only with third parties that provide essential services such as routing, verification, ja messaging. Data is directed to those partners under strict protections ja special hjaling, ja public postings are rejected. We maintain an all-inclusive policy to minimize exposure ja protect user trust.
Who receives data ja why: we share with drivers, partners, ja service providers to lead smooth operations ja ensure safety. Sharing is limited to classes of recipients with a clear need. This includes software platforms that perform background checks, dispatch, payment settlement, fraud detection, ja customer support, which provides the context needed for decisions ja ensures risk is managed. Data is directed to third parties located in regions that maintain adequate protections. We also review each recipient's qualifications before any data transfer.
Data types ja behaviors: we gather data to improve services ja tailor experiences. The data includes user-provided information, device data, location data during trips, ja behaviors from app usage. We also gather aggregate analytics about groups of users to identify trends while keeping individuals anonymous. The information provided to partners helps optimize routes, verify identities, ja monitor safety. We ensure the data is tailored to each recipient’s role ja access level, not shared with irrelevant groups.
Limitations ja controls: we reject sharing of sensitive information beyond what is needed for the service. Access is restricted by role-based controls, versioned policies, ja data retention schedules. We maintain version controls for access. Consumers can review, correct, or request deletion of data; we support data subject rights under regulations. We only share public information that is already published by the user or with explicit consent, ja we avoid distributing notes about personal beliefs or private conversations. Taking care of consent remains a priority.
How we manage emails ja communications: for transactional messages, we use sendgrid to send updates, receipts, ja alerts. Data transfers to sendgrid are limited to the minimum set needed to deliver messages, ja connect only to information necessary for delivery. We monitor peak send times to ensure reliable delivery, ja we log delivery events to verify receipt. All such transfers are covered by our data processing agreements ja kept within geographic ja regulatory limits.
Retention ja data lifecycle: we keep data for as long as needed to fulfill the service ja comply with regulations; we reassess periodically. When data is no longer required, we purge it or anonymize it. If a data subject asks to retract consent or restrict certain uses, we honor that request where feasible ja adjust future sharing accordingly. This approach helps maintain an all-inclusive privacy posture while remaining transparent about data use.
Your Rights: Access, Correction, Deletion, Portability, ja How to Exercise Them
Submit your rights request by logging into your user account ja clicking Privacy settings → Data Rights. Identify yourself via the verification prompts ja specify the scope: access, correction, deletion, or portability. We guarantee a timely, administrative response ja provide data in a machine-readable format. Requests routed through rudderstack ensure correct routing ja an auditable trail. Data that has been anonymized or contained in backups may not be deletable in full, ja we will explain any limitations. Our support team will guide you through the steps ja adapt the process to your browser ja device. The forms work with polyfill to support your actions on older browsers. We aim to go beyond basic compliance to safeguard your subject data ja protect your privacy rights.
Access ja Correction
- Access: You can see the subject data we hold about your account, including profile details, preferences, ja activity data from our services. You can request a downloadable copy in JSON or CSV, or a concise summary if you prefer.
- Correction: You can request corrections for inaccuracies; we update the stored data within our administrative systems ja reflect changes promptly where possible. If entries exist only in backups, we explain how they are hjaled.
- Identity verification: We verify your identity using your account email ja optional two-factor prompts to prevent unauthorized access.
- Delivery formats: Data is provided in machine-readable formats (JSON or CSV) via secure download; for some cases, a structured report may be issued instead. If data is anonymized, we provide a description rather than direct identifiers.
Deletion ja Portability
- Deletion: You may request deletion of personal data, subject to legal obligations ja legitimate business needs. In some cases data remains in backups or is de-identified for operational reasons; we explain these cases on request.
- Portability: You may obtain a portable copy of data you provided ja data generated by your use of the service, in JSON or CSV formats, to use in your own systems or archives.
- How to exercise: In the Data Rights panel, specify the right you want, the data scope, time range, ja your contact method. Attach supporting documents if needed. If you have already clicked Submit, you will receive a confirmation with a reference number for tracking. If not, click Submit to begin; our team will acknowledge the request ja proceed within the defined timelines.
Data Retention: How Long We Keep Your Information ja How to Request Deletion
To start, go to your account settings ja submit a deletion request to remove personal data tied to your profile. Taking this action aligns with our policy ja triggers authentication checks, giving you control over your data for the future. The process is user-friendly, includes clear timelines, ja provides a look at the data lifecycle at each level. For reference, Blacklane ja similar services use these steps to demonstrate best practices. If you proceed, you’ll know what happens next ja what is removed, then you will see the changes reflected in your account across products ja campaigns.
Data we retain ja timeframes
We store information to ensure product reliability, prevent malfunctions, ja comply with laws. The following table shows retention periods, how we hjale data, ja the impact on your experience. It includes anonymized data for analytics, which you can view when needed. You can also see how seats, orders, ja screen interactions contribute to campaigns or improvements. Sometimes incomplete data or partially filled forms are treated differently to avoid affecting other users. Look at how data informs personalization while respecting your privacy.
| Data category | Retention period | Purpose | Deletion method | Muistiinpanot |
|---|---|---|---|---|
| Personal data (name, email, account ID) | Active until deletion; data removed within 30 days; backups retained up to 90 days | Authentication, account access, support | Deletion request via account or privacy form; verification required | May be partially anonymized in reports |
| Authentication logs (IP, times) | 24 months | Security ja fraud prevention | Deletion on request; retained in backups for 30–90 days | Critical for incident analysis |
| Order histories (orders, seats, product selections) | 7 years | Compliance ja service records | Deletion when eligible; archival in secure storage | Backups may retain data longer |
| Viewed content ja screen interactions | 12 months; anonymized after | Product improvements ja UX analytics | Direct deletion or anonymization; later purge | Sometimes used for targeted improvements in campaigns |
| Campaigns ja marketing preferences | 24 months | Campaign performance ja opt-in status | Deletion request; opt-out details removed | Data may be anonymized after removal |
| Anonymized analytics data | Indefinite | Product optimization | Preserved only in anonymized form | Cannot be traced to your profile |
How to request deletion ja what to expect
Submit your request via privacy settings or our privacy form; we verify identity using authentication steps. Once verified, we delete data from active systems ja purge backups within the timelines stated. If a malfunction or delayed processing occurs, we notify you ja adjust the schedule. You will see the impact across your product view, order history, seats, ja campaigns. Special cases, such as data tied to a one-time feature, are hjaled to avoid affecting other users, ja changes to the policy are communicated promptly. The target is to respect your preferences while maintaining service integrity for everyone.
