Any transportation that you can book by clicking through the Citymapper App to open a third-party app (for example, Kapten or Uber) shall be referred to as a "Deeplink Affiliate Ride". Any transportation that you can book within the Citymapper App without opening another app shall be referred to as a "Native Booking Affiliate Ride".
This policy applies to anyone who uses our website, www.citymapper.com ("Site"), our app ("Citymapper App") and our transportation pass ("CM Pass"). We'll refer to the Site and the Citymapper App together as "the App".
"We", Citymapper Limited, a company registered in the UK, are the data controller as defined by the General Data Protection Regulation.
There are three categories of information we collect: (1) information you provide, (2) information created when you use our Native Booking Affiliate Ride or CM Pass; and (3) information from other sources.
When you use our App, a Native Booking Affiliate Ride or CM Pass, you might provide us with (a) personal information; (b) places and preferences; and (c) direct communications.
If you're a user of the Citymapper App and you choose to create a Citymapper account, you provide us with your name and email address, which we use to ensure your saved places and other personalisation features are synced across your multiple devices. When you log in using Facebook or Google, we do not send them any data about you, and we do not collect any information from them.
If you're a Native Booking Affiliate Ride passenger, you provide us with your name, your phone number (this enables you to communicate with your driver) and your email address (to provide customer service and help ensure the safety of the transport services). You must also provide us with your payment details.
If you sign up for a CM Pass, you provide us with your name, email address, home address, mobile phone number and date of birth so that we can verify your identity to prevent fraudulent or unauthorised use of our services. If we are not able to verify your identity using this initial check, we will ask you to provide additional information (such as a copy of your passport ID page or driving licence, proof of address or your photograph ("Additional ID Documents")) in order to verify your identity. You are also required to provide payment details to pay for your subscription and other fees as specified in the Citymapper Pass Terms.
Regardless of whether you have a Citymapper account, you may choose to provide us with information on your places and preferences, such as Home, Work, Saved Places, and other travel preferences. We process this information in order to provide you with personalised journey-planning services. We also store and analyse this data in aggregate to improve the Citymapper App (for example, by ranking certain journey results more highly than others).
Communications you might send to us include responses to in-App survey questions, reporting a problem, or submitting queries, concerns or comments regarding the App, a Native Booking Affiliate Ride, or CM Pass. These messages to us will also contain details such as the type of phone you're using, your service provider, and if you've enabled the location permissions in your device, the latitude and longitude of your location when you contact us. We process this information in order to fix problems in the App, with Native Booking Affiliate Ride or with CM Pass, to reply to your communications, and to help keep you safe.
The following are the types of information created when you use our App, Deeplink Affiliate Ride, Native Booking Affiliate Ride or CM Pass. We associate this information with an installation ID number that is randomly generated each time you install the Citymapper App. We use this installation ID to pseudonymise the data we collect from you, and do not access any permanent device ID numbers.
Users of the Citymapper App: We aggregate and analyse journey start and end points. Assuming you've enabled your device to provide location information and you haven't entered your start point manually, we collect and use your start location information as determined through data such as GPS, mobile phone towers, and WiFi. If you haven't enabled your device to provide location information, you will have to manually enter your start and end points, which is then the location information we collect and use.
When you tap GO in the Citymapper App, we collect your location information throughout your journey. We use this data to provide on-trip support, such as alerting you when to get off a bus. We also store and analyse this data in aggregate, as we do with the other types of location data described in this "Location Information" section, to improve the journey results we show to all users and to create and evaluate routes for our transportation services.
Passengers: If you are a passenger of a Native Booking Affiliate Ride, we collect your location information when the Citymapper App is running both in the foreground and background of your device during your journey. Knowing your location during your ride enables on-trip support and passenger and driver safety.
When you take a Native Booking Affiliate Ride, in addition to your location data, we collect and store your booking details, your driver and vehicle information, the date and time of your journey, the amount charged, your pick up and drop off location, cancellations and no-shows. We store and use this information for operational reasons, such as providing customer support, and to improve services.
CM Pass Users: If you are a CM Pass user, we will collect your location information as described above if you tap GO in the Citymapper App while using your CM Pass.
We collect information about the devices you use to access our App and to use Deeplink Affiliate ride and Native Booking Affiliate Ride, including the type of computer or device you use, the installation ID of the App on your device, the hardware models, operating systems and versions, software, file names and versions, the preferred languages, time zone settings, and device motion information. This information is necessary for us to diagnose bugs and improve the App.
Each time you interact with our App, we collect information about how and when you use it, such as the time and date when you opened the App, the searches you make, the features and journey results you click on, pages visited, app crashes and other system activity. We use this information to improve our App in multiple ways. For example, using App crash data, we can fix bugs and prevent future crashes, and by knowing what gets tapped or scrolled most often, we can replace unpopular features with other, more helpful features.
When you interact with the App, we try to make that experience simple and meaningful. When you visit our App, our server sends a cookie to your computer or mobile device, depending on how you access the site or App. Cookies are small pieces of information which are issued to your computer when you visit a website and which store and sometimes track information about your use of the site. A number of cookies we use last only for the duration of your web session and expire when you close your App. These are known as "session cookies". Other cookies are used to remember you when you return to the App and will last for longer. These are known as "persistent cookies".
remember that you have visited us before, which allows us to identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get; customise elements of the promotional layout and/or content of the pages of the App; and
collect information about how you use the App so that we can improve the App and learn which parts of the App are most popular to visitors.
Some of the cookies used by our App are set by us, and some are set by the third-party analytics and crash/error-reporting companies we've described in this policy who are acting on our instructions. For example, Mixpanel tracks what users do in the Citymapper App so we can improve the design and functionality.
Most browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browsers. By blocking or deleting cookies you may not be able to take full advantage of the App's features.
Citymapper collects the following types of information from other sources.
In order to pay for your CM Pass or your ride on a Native Booking Affiliate Ride, you will need to provide payment information to our third-party service provider, Stripe, such as your credit card details. They provide us only with the last four digits of your card number and expiration date, which we require in order to handle operational issues such as subscriber and passenger queries about charges.
If you log into your Citymapper account using Facebook or Google, those companies provide us with your name and email address, which are necessary for us to log you in to the Citymapper App. We do not collect or use any other information received from those two companies.
If you sign up for a CM Pass, we receive a due diligence report from third-party agencies that provide identity verification, in order to confirm your identity. This information is necessary to prevent fraudulent or unauthorised use of our services and to comply with relevant financial crime laws.
If you are a CM Pass user, we receive a "Cardholder ID" from the third-party company that issues your CM Pass card. The Cardholder ID is your unique identifier that allows us to know which CM Pass card has been issued to you. When you use the CM Pass, we also receive your transaction information from this third-party company, including the date, time, amount, and merchant details associated with the transaction.
If you are a driver for a Native Booking Affiliate Ride provider, we receive your name, vehicle information, photograph, phone number, and current location from that Native Booking Affiliate Ride provider. This information facilitates your communication with, and pick up of, your assigned passenger and is used to create transaction receipts for passengers.
In summary, we use the information we collect to:
Provide and improve our App, Deeplink Affiliate Ride, Native Booking Affiliate Ride and CM Pass;
Build a profile of your preferences so we can personalise the Citymapper App and provide you with relevant transport information;
Recommend transport options that match your stated preferences and previous use of the App;
Administer your account with us, if you have one;
Confirm your eligibility to use CM Pass;
Verify your identity (including processing of your identity documents in order to confirm your identity and to make an automated decision as to whether or not to provide you with CM Pass services);
Enable communication between drivers and passengers on any minicab or taxi service;
Process or facilitate payment (through third party payment processing services) for Native Booking Affiliate Ride and CM Pass;
Send you transaction receipts for your use of Native Booking Affiliate Rides and/or CM Pass;
Respond to your emails to discuss your use of the App, Native Booking Affiliate Ride and/or CM Pass and answer any support queries you may have;
Send you marketing communications by email or in-App notifications, and let you know about our policies and terms or when we launch in your city;
Identify issues with the operation of the App, and provide crash reports in order to find resolution for performance issues;
Improve the design, functionality and/or content of the pages of the App and customise them for you;
Carry out research on users' transport choices to improve the App and CM Pass; and
Disclose to lawful authorities when required to do so by law, or when appropriate, in our opinion, to respond to their request.
To the extent we share information with third parties, we do so to enhance your experience with the App, and we pseudonymise and minimize the data we send to them.
Search Partners: We have search partners like Google, Apple, and Foursquare in order for the App to send you to the places you want to go. They receive the text you have searched for, and in order to return results most relevant to you, they receive your current location if you have enabled location permission in your device.
Deeplink Affiliate Ride providers: These third-party transport providers in the App, such as Kapten and Uber, receive the pick-up and destination locations you enter in our App in order to provide travel time and fare estimates, and they receive that information if you choose to book a ride through their apps by clicking through the Citymapper App.
Native Booking Affiliate Ride providers: If you are a passenger of a Native Booking Affiliate Ride provider, we share your first and last name, your phone number and your pick up and destination locations with these providers to enable their provision of services. If you provide feedback on a driver, we may also send this to the relevant provider in order to improve the ride experience for future.
Analytics Vendors: We use Mixpanel, Flurry and Google Analytics to understand what you've tapped or clicked on the App, and we make features improvements based on this information. They receive information showing only that a person has tapped or used certain features in the App.
Crash/Error Reporting Vendors: We use Crashlytics to report on crashes you experience with the App so we can fix those, and Sentry to report on errors with our backend.
Messaging Apps: If you choose to use certain sharing features in our App, then you may be sharing your information with those companies, depending on factors such as that company's encryption policies. For example, if you use the "Share Directions" feature in the App, a link with your start and end points will be sent via messaging app. If the messaging app company you choose uses end-to-end encryption, your location link cannot be used or intercepted by that messaging app company.
Passengers and Drivers: To enable the provision of Native Booking Affiliate Rides, we share certain information between passengers and drivers. If you are a driver, we share the following information with your assigned passengers: your first name, photograph, licence information, vehicle information, current location, and pick up and drop off location. If you call your passenger, your phone number will be visible on that passenger's phone. If you are a passenger, we share the following information with your driver when you are assigned your driver: first and last name, route information, current location, and pick up and drop off location. If you choose to call your driver, your phone number will also be visible on that driver's phone.
Communication Platforms: To send you transaction receipts for your Native Booking Affiliate Rides and/or CM Pass subscription and to send you all other emails and update about our services, we use communication platforms such as Sendgrid and Mailchimp.
Identity Verification Service Provider: If you apply for a CM Pass, we use identity verification services like Onfido and credit reference agencies to verify your identity to prevent fraudulent or unauthorised use of CM Pass. They receive your name, home address and date of birth. If we are not able to verify your identity using this initial check, they will receive the additional information that you give us in order to verify your identity such as your Additional ID Documents. Identity verification agencies and credit reference agencies also use information from a number of different public sources (for example the electoral roll) to verify your identity. Credit reference agencies may also leave a 'soft' footprint on your credit file for the purpose of identity verification which should not affect your credit rating.
CM Pass card issuer: If you are a CM Pass user, we use Prepaid Financial Services (PFS) to issue and deliver the CM Pass card to you and to process transactions on your CM Pass card. PFS receives your name and home address. If you choose to use a mobile payment system for your CM Pass card, PFS will also receive your phone number. PFS may also undertake quality assurance checks of our identity verification process, in which case they will have access to your information available from public sources, your date of birth and any additional information that you give us in order to verify your identity such as your Additional ID Documents.
We'll only process your personal information where we have a legal basis for doing so. Our legal basis to process your personal data includes processing that is:
necessary for our legitimate interests, which are:
to research, develop, fix and provide new and tailored features for our Citymapper App users (e.g., ranking journey routing results in a way that surfaces more relevant routes at the top);
to provide on-trip support to users and to ensure that the App and CM Pass are secure for users;
to accept and administer payment from users for use of Native Booking Affiliate Ride and/or CM Pass;
to verify users' identity to prevent fraudulent or unauthorised use of our services; and
to prevent breaches of our terms and policies or to prevent harmful or illegal activity;
necessary for the performance of our contract with you (e.g., so passengers and drivers can find each other, and to find you the route options you've requested in the Citymapper App);
necessary to comply with relevant legal requirements (for example, to comply with applicable regulatory obligations, to comply with financial crime laws and to make mandatory disclosures to law enforcement); and
based on your consent (for example, where you provide us with marketing consents), which may be withdrawn at any time by contacting us at the email address specified below.
You have a legal right under the GDPR to request access to a copy of the personal information about you held by us. In order to do this, contact us at email@example.com. Please use the subject line "DSAR" and include details about what personal information you're looking for. You will need to have created an account in order for us to provide you with your information because without an account, we are not able to connect your Installation ID to a verifiable email address.
Subject to any legal obligations to keep your information longer, we store your personal information for as long as is necessary to provide our services and products, or until you ask us to delete it, whichever comes first.
If you ask us to delete your personal information by emailing us at firstname.lastname@example.org, please use the subject line "Account Deletion."
Note that residual copies may take longer to be removed from our backup systems. We will keep a record of your request in order to ensure compliance with legal obligations.
You have the right at any time to prevent the use of your personal information for direct marketing purposes. If you no longer want to receive marketing messages from us, please let us know by writing to us at email@example.com or clicking on the unsubscribe button at the bottom of marketing emails, and you will be unsubscribed accordingly. Please note that sometimes it can take a short amount of time to refresh our records for these purposes. Also, we may still send you non-promotional, transactional messages, or information about your account.
We may send you information we think you may find useful (e.g., tube line and subway disruptions and alerts about CM Pass relevant to you) or which you have requested from us by push notification and/or by email (if provided), and we or your device's operating system will give you the option to opt-out of receiving further notifications or emails.
We place great importance on the security of all information associated with our users. We use measures such as encryption, pseudonymisation, information access controls, and firewalls.
Keep in mind that submission of information over the internet and mobile networks is never entirely secure. We cannot guarantee the security of information you submit via the App whilst it is in transit over the internet or mobile networks and any such submission is at your own risk.
Information that you submit via the App is sent to and stored on secure servers located in the United Kingdom, other European Economic Area countries and in the United States. Information submitted by you may be transferred by us to our other offices and/or to the third parties mentioned in the circumstances described above, which may be situated outside the European Economic Area (for instance in the United States).
We work hard to handle your information responsibly. If you're unhappy about the way we do this, please contact our Data Protection Officer by email to firstname.lastname@example.org.
However, you also have the right to lodge a complaint about the data processing activities carried out by Citymapper with our lead supervisory authority, the UK Information Commissioner's Office. Our ICO registration number is ZA017660.