Book a taxi mobile application customer database

1. Description of file

Description of file as referred to EU GDPR and local data protection law

2. Controller

Semel Oy
Business ID 0113821-2
Valimotie 21, 00380 Helsinki
Tel. +358 20 7429 400

3. Name of personal data file

Customer database of bookataxi service.

4. Purpose of processing personal data

Processing of personal data related to bookataxi services by the consent of the data subject or based on customer relationship.

5. Purpose of use of the personal data file

The personal data of the data subject are processed to maintain, manage, develop, analyze, and compile statistics of the customer relationships related to the provided service, and to provide, offer, and develop the service, and to carry out the marketing campaigns, market surveys and marketing competitions for Semel and its partners.

6. Data contained in the personal data file

The personal data file contains information within the scope of the following categories:

Basic information on the data subject, such as name, address, e-mail address and language
Information concerning service registration
Information concerning invoicing and debt collection
Information concerning the customer relationship and contractual relationship such as products and services, their activation and cancellation dates, details of the salesperson who sold the service, and information concerning means of communication
Payment card information
Order history
User IDs and other identification information
Authorization information and prohibitions, such as direct marketing consents and prohibitions
Event and user analysis information
Personal identity code for reliable identification in premium services or services requiring a high level of information security
Information about mobile device gps location and other information regarding the service

7. Regular sources of personal data

Personal data is collected in connection with registration, when a service is used by permission, or otherwise directly from the data subject. Personal details can additionally be gathered and updated from the Population Register, the prohibition registers maintained by the Finnish Direct Marketing Association, and similar registers.

8. Disclosure of information

Semel may disclose customer details within the limits allowed and required by the legislation in force.

Due to the technical manner in which the processing of the data is implemented, some of the information may be located in the systems of subcontractors to Semel or otherwise processed with the aid of a technical interface. Semel may also use subcontractors for the processing of data. The data will not be transferred outside the European Union or the European Economic Area, unless the implementation of the service so requires. Even in such a case, Semel will guarantee an adequate level of information security, as required by legislation.

Semel has the right to publish the e-mail address details of the data subjects by their consent either in a written or electronic catalogue. The information can also be used in a national or international directory service.

9. Protection of data file

As a general rule, right of access to the data file requires a user ID granted by the administrator of the customer database. The administrator in such a case also defines the level of access rights granted to the users. A personal password is required for logging in to the application. The use of the data file as well as the logins are controlled.

The data is collected to the shared databases of the service. These databases are protected by firewalls, passwords, and other technical means. The databases are located on locked and guarded premises. Only predefined persons have access to the information.

Everyone on Semel premises is required to have an ID card visible and entry is forbidden without an appropriate access control card.

10. Right of inspection and erasure

In accordance with Eu GDPR, the users have the right to check what information has been stored on them in the personal data file. You also have the right to request that inaccurate or incomplete personal data be corrected. The customer can check this free of charge once a year. The request for checking the data must be submitted in a personally signed document or a similarly certified document. You may also request that your personal data be erased.

The request must be sent in writing and signed to the address:

Semel Oy
Customer Feedback /GDPR
P.O. Box 1000, FIN-00380 Helsinki

The inspection request can also be presented at the address Valimotie 21, Helsinki.