We welcome you to BlueWeelz, our websites at www.Blueweelz.com, www.Driver.BlueWeelz.com and/or our iOS and Android Mobile applications (collectively our “Platform”).
In the below Privacy Policy, we inform you about the scope of the processing of your Personal Data.Blueweelz.com proceeds with all data processing procedures (e.g., collection, processing, and transmission) in accordance with the California Consumer Privacy Act (“CCPA”) and the subsequent amendments from the California Privacy Rights and Enforcement Act (“CPRA”). As well as the EU`s General Data Protection Regulation (“GDPR”).
Responsible for data processing
Responsible for data processing in accordance with the provisions of the DPA and GDPR is:
Blueweelz LLC
4073 W Rosecrans Ave # 2,
Hawthorne California 90250, USA
Web: www.BlueWeelz.com
E-Mail: info@BlueWeelz.com
What is Personal Data?
Personal Data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not Personal Data. This includes, for example, the number of users of a website.
What is processing?
"Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.
General information on data processing
In the course of our business and platform operations, we process data in our California based headquarters and this data is generally transferred to our GoDaddy.com, LLC server. We also use GoDaddy for the provision of our website, which means that processes all data in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our platform.
All Personal Data that we obtain from you via the platform will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent. In particular, the above-mentioned provisions specify when data processing is permitted. As such, we collect Personal Data if:
- you have given your consent,
- the data is necessary for the fulfillment of a contract / pre-contractual measures,
- the data is necessary for the fulfillment of a legal obligation or
- the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.
We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular California’s commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
Processing of Automatically Collected Data
a) Collection of access data and log files
We also collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.
b) Use of cookies
To improve the services provided on the website, we use cookies that collect information about your usage behavior. Cookies are files that your web browser stores on your hard drive when you visit a website. Cookies may, under certain circumstances, personally identify you either directly (for example, with an e-mail address) or indirectly (for example, with a unique identification code of a cookie, an IP address or the identification code of a device). The data stored may include the pages you visit, the date and time of your visit, and other tracking information. For more information, please refer to our Cookie Policy.
c) Downloading the APP
The APP can be downloaded from the "Google Playstore" a service offered by Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, US, if you are resident outside the EU and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland if you are a resident within the EU, or the Apple App service "App Store" a service of Apple Inc., 1 Infinite Loop, Cupertino, CA 95014, US, if you are resident outside the EU and Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill Ln, Knocknaheeney, Cork, Ireland, if you are a resident within the EU, to install our APP. Downloading it may require prior registration with the respective App store and/or installation of the respective App store software.
d) Installing the APP
As far as we are aware, Google collects and processes the following data: License check, network access, network connection, WLAN connections, and location information. However, it cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which Personal Data Google processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Google as the operator of the Google Play Store.
As far as we are aware, Apple collects and processes the following data: device identifiers, IP addresses, location information, it cannot be excluded that Apple also transmits the information to a server in a third country. This could in particular be Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. We cannot influence which Personal Data Apple processes with your registration and the provision of downloads in the respective app store and app store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store.
e) Device information
Google and Apple may collect information from and about the device(s) you use to access the APP, including hardware and software information such as IP address, device ID and type, device-specific and APP settings and properties, APP crashes, advertising IDs (AAID), information about your wireless and mobile network connection such as your service provider and signal strength; information about device sensors such as accelerometer, gyroscope, and compass.
f) Purchases
When you make In-app purchases, we (Google and Apple on our behalf) may collect the following data from you to process the purchase:
- Android or Apple user ID
- Email address
- Payment confirmation from the payment data collected by Apple or Google; and
- Device IP and device serial number to link the story history to the device.
g) Firebase
We use the Google Firebase developer platform and related features and services provided by Google LLC and Google Ireland Limited. Google Firebase is a platform for developers of apps for mobile devices. The Google Firebase developer platform offers a variety of features. A list of these features can be found at: https://firebase.google.com/terms/. Firebase's key security and privacy information can be found here: https://firebase.google.com/support/privacy
Data processing when you use our services
a) Contacting us
If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided it, and your message. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our overriding legitimate interest in processing your request.
b) Profile and account
If you create a user account, we will collect your full name, phone number, email address, mailing address. As a provider of services (“Driver”) this will include your driver’s license and other government identification documents. Further, we also send you a One-time password (OTP). Within your profile you are able to delete your account at any time. Your data will be processed on the basis of your consent.
Alternatively, you are able to sign up using the convenience log in and sign up from Facebook or Google. For Facebook and Google log in and sign up, you will be asked to provide your basic information (i.e., name, email address, and display picture) linked to your account. If granted, your username and password will be auto generated to fill in the rest of required user data. When registering via Facebook`s and Google`s connect function, you agree to the relevant terms and conditions and consent to certain data from your respective profile of being transferred to us.
c) When using our services
We process the data of our registered users in order to be able to provide our contractual services as well as to ensure the security of our services and to be able to develop it further. As such, we process:
Contract and passenger data (e.g., name of the passenger, contact number, e-mail address, pickup location, and destination, date and time, number of passengers, fare, payment method info, Earnings).
Usage data (e.g., pages visited, access times, Search location, Vehicle location, IP addresses, Geo Location, Map Location).
The legal basis for the processing of your personal data is the establishment and implementation of the user contract for the use of the service as well as your consent. We store the data until you delete your user account.
The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations as well as your consent.
d) Financial Data
If you make a ride request your payment will be processed via the payment service provider Stripe, payment data will solely be processed through the payment system of Stripe. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.
e) Reviews
Within your review you may be able to display certain information, share certain details, and insights, post in relation to the services you have received. Please be aware that review content and data are publicly viewable. Please do not post or add Personal Data in your review that you would not want to be available. The legal basis for processing any Personal Data you provide as part of a review is your consent.
f) Service Notifications
By using our services, you are giving your consent to receiving notifications and messages per email and SMS. Those typically include administrative information about your account and activity. The legal bases are to provide you with our services and your consent.
g) Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services (point a) to d) above). The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services.
Furthermore, based on our business interests, we store information on suppliers, and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.
h) Marketing
Insofar as you have also given us your consent to process your Personal Data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission, or sometimes your consent is implied from your interactions or contractual relationship. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us.
Our Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent by us or on our behalf will include a means by which you may unsubscribe or opt out.
Duration of data storage
We only store Personal Data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.
Obligation to provide Personal Data
You are not obliged to provide us with Personal Data. However, depending on the individual case as described above, the provision of certain Personal Data may be necessary for the provision of the services. If you do not provide us with this Personal Data, we may not be able to provide the requested service.
Do Not Sell
We do not sell data to third parties. However, we might, making available, transfer, communicate electronically, consumer’s personal information by the business to a business affiliated inclusive with a third party but not for monetary but for other valuable consideration.
Authorizations and Access
We may request permission to store your APP data including your Internet Connection and Network, Location, Push Notifications of your device. The legal basis for data processing is our legitimate interest and the provision of contractual or pre-contractual measures. You can deny access on your device via the Settings/Notifications/ options of your device; however, this means that our APP may not function as intended.
Push messages
When you use the app, you will receive so-called push messages from us, even if you are not currently using the App. These are messages that we send you as part of the performance of the contract. You can adjust or stop receiving push messages at any time via the device settings of your device.
Transfer of Personal Data
We will not disclose or otherwise distribute your Personal Data to third parties unless this:
· is necessary for the performance of our services,
· you have consented to the disclosure,
· or the disclosure of data is permitted by relevant legal provisions.
However, we are entitled to outsource the processing of your Personal Data in whole or in part to external service providers acting as processors within the framework of the above-mentioned laws. External service providers support us, for example, in the technical operation and support of the platform, data management, the provision and performance of services, marketing, as well as the implementation and fulfillment of reporting obligations.
The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the above-mentioned laws responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.
We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill our legitimate interests.
Automated decision-making
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place at BlueWeelz.
Social media
We are present on social media on the basis of our legitimate interest. If you contact us via social media platforms, you should note that the chat history can neither be deleted by us nor by you. And that, in accordance with the GDPR, the relevant social media platform and we are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. A Joint Controller Agreement itself is very legalistic and lengthy, but in a nutshell, it clarifies how the jointly responsible parties will fulfill the obligations arising from data protection laws that are applicable to them. The legal basis for the use of the relevant social media platform is our legitimate interest, your consent or, in the case of a (pre) contractual relationship with us, the initiation of a contractual service, if any.
Data Security
Our data processing is subject to the principle that we only process the Personal Data that is necessary for the use of our services. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Data are always guaranteed.
All transmitted data is protected by TLS encryption. Transport Layer Security (TLS) is a protocol used to ensure secure data transmission on the Internet. The public-private key procedure is used here. This means that data encrypted with a publicly accessible key can only be decrypted again with a separate private key.
We also use technical and organizational security measures (TOMs) throughout the company to protect the data we manage from you against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
Nonetheless, databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Your data subject rights
Under the CCPA and the CPRA amendment, you can exercise the following rights:
· Right to Know/Access
· Right to Delete
· Right to Opt-out of Sale
· Right to Non-Discrimination
· Right to Rectification
· Right to Limit Use and Disclosure of Sensitive Personal Data
Under the GDPR, you can exercise the following rights:
· Right to information
· Right to rectification
· Right to object to processing
· Right to deletion
· Right to information
· Right to data portability
· Right of objection
· Right to withdraw consent
· Right to complain to a supervisory authority
· Right not to be subject to a decision based solely on automated processing.
Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us using info@Leencon.com.
Access Request and updating your Personal Data
In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same using info@BlueWeelz.com.
We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).
Changes and updates
We kindly ask you to regularly inform yourself about the content of our Privacy Policy. We will amend our Privacy Policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification. This Privacy Policy was last updated on Saturday, January 7, 2023.
Concerns and Contact
If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us using info@BlueWeelz.com.
