Fluidtime Data Services GmbH collects and uses your personal data exclusively within the framework of the Austrian data protection regulations. These are in particular the provisions of the Data Protection Act (DSG 2000) and the Telecommunications Act (TKG 2003). The DSG 2000 supplements the Data Protection Regulation (GPDR). We see it as our obligation to administer your data with the utmost care and to do everything to protect your information from misuse. Our employees and representatives are obliged to comply with data protection regulations in accordance with legal requirements.
The following information explains in detail what data is collected during your visit to our apps and how we use it. You can access this data protection declaration at any time in our app and on our website.
1. Who is the data controller?
The data controller is Fluidtime Data Service GmbH, Neubaugasse 12-14/25, 1070 Vienna.
2. Which data are processed and from which sources?
The following information is collected by or on behalf of Fluidtime:
2.1. Information you provide
This information is provided during the registration process:
User profile: We collect data when you create or update your account. This may include your name, email address, phone number and password.
2.2. Information created when you use our services
This information is collected while using our services:
Location data: The position is determined using the mobile device using mobile, Wi-Fi or other network related identifiers to show position on map and use location for search requests.
Profile data and history: We store user profile data such as favorites and history of searches and user inputs.
Contact form: We store the contact data provided by the user in the contact form.
Mobility account: Trips stored in the mobility account are stored with origin, destination, time, duration, modality and length.
Usage data during operation of the app: data about the usage of the app (e.g. login) are processed as logs to enhance our service and protect our system against malicious usage.
App usage statistics: statistic data of the usage of the app are captured using Google Analytics for Firebase.
Other data: The policy does not cover information that does not personally identify you, such as summaries of anonymous data, route searches, IP addresses, operating systems, personal preferences and the like. For data that does not identify you as an individual, we have the right to use them at our discretion.
We only process such personal information about you as is necessary with regard to our predetermined objectives. All our personal data processing has so-called legal basis according to law.
3. For which purposes are data processed?
We use the information provided for the following purposes:
3.1. Providing the services
For providing the services, the above-mentioned personal data have to be processed. This will allow us to:
Inform you about available services and routes options
Enable features to personalize your account, such as creating favorites and to enable quick access to previous destinations
Documenting your trips in the mobility account
Show news and information from corporate customers
Contact you about for more information when requested by the contact form
Perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems, testing, and to monitor.
3.2. Legal obligations
We may use the information we collect to investigate or address claims or disputes relating to your use of our services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.
3.3. Research and development
We may use the information we collect for testing, research, analysis and product development. This allows us to improve and enhance the safety and security of our services, develop new features and products, and facilitate insurance and finance solutions in connection with our services.
4. Who receives your data?
The entities listed below may receive your data as they have justified reasons.
We also may share non-personal data or anonymized statistical data to selected third parties.
4.1. Hosting providers
We store and process your personal data on third party servers. Those providers are chosen carefully by us to be compliant to all requirements regarding data protection and security.
4.2. Transport service providers
We transfer personal data to transport service providers with whom we have agreements, and which are necessary to use their services. This includes your personal information and data that is required for bookings.
4.3. Corporate customers users
Corporate customers can invite and add end users by e-mail to share news and info with end users and receive feedback from the user. We transfer your name and user account status to corporate customer that invite you.
4.4. Enabling service providers
We transfer personal data to enabling service providers. Those can be the following:
Authentication Providers: External providers to handle authentication processes.
E-Mail Gateway: External provider to handle e-mail verification and send e-mail information.
Transport Service Providers: External providers needed to provide certain transportation services (includes for example ride sharing platform, dispatching systems, car sharing)
Routing Provider and Geolocation Services: External providers to handle routing requests and geolocation services (e.g. geo-resolving, autocomplete.).
Push Notification Provider: External provider to enable push notifications to client.
4.6. For legal reasons or in the event of a dispute
We may share your information if it is required by applicable law, regulation, operating agreement, legal process or governmental request or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing your information with law enforcement officials, government authorities or other third parties as necessary to enforce our Terms of Service, user agreements or other policies, to protect our rights or property or the rights, safety or property of others, or in the event of a claim or dispute relating to your use of our services.
This also includes sharing your information with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing or acquisition of all or a portion of our business by or into another company.
5. How long are data stored?
We require user profile information in order to provide our services and retain such information for as long as you maintain your account.
We retain certain information, including transaction, location, device and usage information, for a minimum of 7 years, if required by regulatory, tax and other requirements in the places in which we operate.
You may request deletion of your account at any time through an email to email@example.com.
Following such request, we delete the information that it is not required to retain. In certain circumstances, we may be unable to delete your account, such as if there is an outstanding credit on your account or an unresolved claim or dispute. Upon resolution of the issue preventing deletion, we will delete your account as described above.
6. What data protection rights do you have according to the General Data Protection Regulation (GDPR)?
Right of revocation
You have the right to revoke your consent to the collection and use of personal data with effect for the future at any time.
Right to information
You have the right to request information about the data stored about you or your pseudonym. Upon your request, the information can also be provided electronically.
Right of deletion or correction
You have the right to request the deletion or correction of your stored personal data. In certain circumstances, we may be unable to delete your account, such as if there is an outstanding credit on your account or an unresolved claim or dispute. Upon resolution of the issue preventing deletion, we will delete your account as described above.
To exercise your rights of revocation, information, deletion or correction of your data, please contact Fluidtime Data Services GmbH, Neubaugasse 12-14-/25, 1070 Vienna, or send an e-mail to firstname.lastname@example.org. The use of your above rights is free of charge for you.
7. Data security
Your data security is our highest priority. Our declared aim is to take all necessary technical and organisational measures to ensure the security of data processing and to process your personal data in such a way that they are protected from access by unauthorised third parties.
By using the latest security software, coding and encryption methods, our IT infrastructure meets the highest international security standards. In addition, we promote the security of your data through the use of risk-minimizing measures and preventive precautions.
Our website and the associated IT systems are protected by technical and organizational measures against unauthorized access and modification of your data as well as against loss and destruction.
With our mobile apps you communicate exclusively encrypted, so that the transfer of personal data is protected.
Should you nevertheless encounter potential security gaps, please let us know as soon as possible! Send us a detailed description of the vulnerability to email@example.com. Please also send us the exact URL and a description of how the vulnerability was found – ideally with a screenshot or similar.
8. Changes to this privacy statement
As we want to ensure that this privacy statement properly reflects the way we handle your data, we need to reserve the right to make changes to it at our sole discretion whenever it is necessary. Although we will use reasonable efforts to notify you of all substantial changes to this privacy statement, you should also do your best to review this document on a regular basis.