This policy applies to anyone who uses our website, www.citymapper.com ("Site"), our app ("Citymapper App"), our transportation services ("CM Ride"), our driver app ("Driver App") and our transportation pass ("CM Pass"). We'll refer to the Site, Citymapper App, and Driver App together as "the App".
"We", Citymapper Limited, a company registered in the UK, are the data controller as defined by the General Data Protection Regulation.
There are three categories of information we collect: (1) information you provide, (2) information created when you use our App, CM Ride or CM Pass; and (3) information from other sources.
When you use our App, CM Ride or CM Pass, you might provide us with (a) personal information; (b) places and preferences; and (c) direct communications.
If you're a user of the Citymapper App and you choose to create a Citymapper account, you provide us with your name and email address, which we use to ensure your saved places and other personalisation features are synced across your multiple devices. When you log in using Facebook or Google, we do not send them any data about you, and we do not collect any information from them.
If you're a CM Ride Passenger ("Passenger"), you provide us with your name and email address because private hire regulations require us to record your name, and we require your email address to provide customer service and help ensure the safety of our transport services. You are also required to provide payment details in order to ride on our services.
If you're a CM Ride Driver ("Driver"), you provide us with your name, email address, phone number, address, date of birth, photograph, driver licence information, vehicle information, insurance information, bank details, national insurance number, private hire licence information, vehicle inspection reports, history of tickets/fines/violations, your driving shifts and your driver log-in details. This information is required for us to comply with relevant legal requirements, including regulatory requirements and tax laws, as well as to perform our contract with you.
If you sign up for a CM Pass, you provide us with your name, email address, home address and date of birth so that we can verify your identity to prevent fraudulent or unauthorised use of our services. If we are not able to verify your identity using this initial check, we will ask you to provide additional information (such as a copy of your passport ID page or driving licence, proof of address or your photograph ("Additional ID Documents")) in order to verify your identity. You are also required to provide payment details in order to use our services and your mobile number if you choose to use a mobile payment system for your CM Pass card.
Regardless of whether you have a Citymapper account, you may choose to provide us with information on your places and preferences, such as Home, Work, Saved Places, and other travel preferences. We process this information in order to provide you with personalised journey-planning services. We also store and analyse this data in aggregate to improve the Citymapper App (for example, by ranking certain journey results more highly than others), and to create and evaluate routes for CM Ride.
Communications you might send to us include responses to in-App survey questions, reporting a problem, or submitting queries, concerns or comments regarding the App, CM Ride or CM Pass. These messages to us will also contain details such as the type of phone you're using, your service provider, and if you've enabled the location permissions in your device, the latitude and longitude of your location when you contact us. We process this information in order to fix problems in the App, with CM Ride or with CM Pass, to reply to your communications, and to keep CM Ride safe.
The following are the types of information created when you use our App, CM Ride or CM Pass. We associate this information with an installation ID number that is randomly generated each time you install the Citymapper App. We use this installation ID to pseudonymise the data we collect from you, and do not access any permanent device ID numbers.
Users of the Citymapper App: We aggregate and analyse journey start and end points. Assuming you've enabled your device to provide location information and you haven't entered your start point manually, we collect and use your start location information as determined through data such as GPS, mobile phone towers, and WiFi. If you haven't enabled your device to provide location information, you will have to manually enter your start and end points, which is then the location information we collect and use.
When you tap GO in the Citymapper App, we collect your location information throughout your journey. We use this data to provide on-trip support, such as alerting you when to get off a bus. We also store and analyse this data in aggregate, as we do with the other types of location data described in this "Location Information" section, to improve the journey results we show to all users and to create and evaluate routes for our transportation services.
Passengers: If you are a Passenger, we collect your location information when the Citymapper App is running both in the foreground and background of your device during your journey. Knowing your location at all times during your Ride journey enables us to provide on-trip support and maintain Passenger and Driver safety.
When you ride CM Ride, in addition to your location data, we collect and store your booking details, your Driver and vehicle information, the date and time of your journey, the amount charged, your pick up and drop off location, cancellations and no-shows. We store and use this information to comply with legal record-keeping requirements, for operational reasons, such as providing customer support, and to improve our service.
Drivers: If you are a Driver, we collect your location information throughout your shift, starting from when you log in to the Driver App and stopping when you log out of the Driver App.
CM Pass Users: If you are a CM Pass user, we will collect your location information as described above if you tap GO in the Citymapper App or ride CM Ride while using your CM Pass.
We collect information about the devices you use to access our App and to use CM Ride, including the type of computer or device you use, the installation ID of the App on your device, the hardware models, operating systems and versions, software, file names and versions, the preferred languages, time zone settings, and device motion information. This information is necessary for us to diagnose bugs and improve the App.
Each time you interact with our App, we collect information about how and when you use it, such as the time and date when you opened the App, the searches you make, the features and journey results you click on, pages visited, app crashes and other system activity. We use this information to improve our App in multiple ways. For example, using App crash data, we can fix bugs and prevent future crashes, and by knowing what gets tapped or scrolled most often, we can replace unpopular features with other, more helpful features.
Passengers: If you are a Passenger, you may choose to call your assigned Driver in order to help you find your CM Ride. If you use this feature, we will receive your phone number and the date and time of any calls made. However, the number will be masked so that the Driver does not receive this number.
When you interact with the App, we try to make that experience simple and meaningful. When you visit our App, our server sends a cookie to your computer or mobile device, depending on how you access the site or App. Cookies are small pieces of information which are issued to your computer when you visit a website and which store and sometimes track information about your use of the site. A number of cookies we use last only for the duration of your web session and expire when you close your App. These are known as "session cookies". Other cookies are used to remember you when you return to the App and will last for longer. These are known as "persistent cookies".
remember that you have visited us before, which allows us to identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get; customise elements of the promotional layout and/or content of the pages of the App; and
collect information about how you use the App so that we can improve the App and learn which parts of the App are most popular to visitors.
Some of the cookies used by our App are set by us, and some are set by the third-party analytics and crash/error-reporting companies we've described in this policy who are acting on our instructions. For example, Mixpanel tracks what users do in the Citymapper App so we can improve the design and functionality.
Most browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browsers. By blocking or deleting cookies you may not be able to take full advantage of the App's features.
Citymapper collects the following types of information from other sources.
We receive feedback on Drivers from users of CM Ride in the form of ratings, compliments or incidents. We use this feedback to improve the CM Ride experience for Passengers and to help ensure that CM Ride is safe and reliable.
In order to pay for your CM Pass or your ride on CM Ride, you will need to provide payment information to our third-party service provider, Stripe, such as your credit card details. Apple Pay and Google Pay are also enabled in the Citymapper App. These three companies provide us only with the last four digits of your card number and expiration date, which we require in order to handle operational issues such as Passenger queries about charges.
If you log into your Citymapper account using Facebook or Google, those companies provide us with your name and email address, which are necessary for us to log you in to the Citymapper App. We do not collect or use any other information received from those two companies.
If you are a Driver, we receive information relating to your insurance policies and licensing information. This information is necessary for us to comply with relevant legal requirements and to ensure the safety of CM Ride.
If you sign up for a CM Pass, we receive a due diligence report from third-party agencies that provide identity verification, in order to confirm your identity. This information is necessary to prevent fraudulent or unauthorised use of our services and to comply with relevant financial crime laws.
If you are a CM Pass user, we receive a "Cardholder ID" from the third-party company that issues your CM Pass card. The Cardholder ID is your unique identifier that allows us to know which CM Pass card has been issued to you. When you use the CM Pass, we also receive your transaction information from this third-party company, including the date, time, amount, and merchant details associated with the transaction.
If you are a Driver, we receive from a third-party navigation provider your route and your estimated time of arrival (ETA).
In summary, we use the information we collect to:
Provide and improve our App, CM Ride and CM Pass;
Build a profile of your preferences so we can personalise the Citymapper App and provide you with relevant transport information;
Recommend transport options that match your stated preferences and previous use of the App;
Administer your account with us, if you have one;
Confirm your eligibility to use CM Pass;
Verify your identity (including processing of your identity documents in order to confirm your identity and to make an automated decision as to whether or not to provide you with CM Pass services);
Process or facilitate payment (through third party payment processing services) for CM Ride and CM Pass;
Send you transaction receipts for your use of CM Ride and/or CM Pass;
Respond to your emails to discuss your use of the App, CM Ride and CM Pass and answer any support queries you may have;
Send you marketing communications by email or in-App notifications, and let you know about our policies and terms or when we launch in your city;
Identify issues with the operation of the App, and provide crash reports in order to find resolution for performance issues;
Improve the design, functionality and/or content of the pages of the App and customise them for you;
Carry out research on users' transport choices to improve the App, CM Ride and CM Pass; and
Disclose to lawful authorities when required to do so by law, or when appropriate, in our opinion, to respond to their request.
To the extent we share information with third parties, we do so to enhance your experience with the App, and we pseudonymise and minimize the data we send to them.
Search Partners: We have search partners like Google, Apple, and Foursquare in order for the App to send you to the places you want to go. They receive the text you have searched for, and in order to return results most relevant to you, they receive your current location if you have enabled location permission in your device.
Transport Partners: We also have transport partners in the App, such as Uber, Gett and Lyft. They receive the pick-up and destination locations you enter in order to provide travel time and fare estimates, and they receive that information for your convenience if you choose to book a ride through their apps by clicking through the Citymapper App.
Navigation Provider: If you are a Driver, we provide destination information to a third-party navigation provider to route you efficiently to destinations on CM Ride.
Analytics Vendors: We use Mixpanel, Flurry and Google Analytics to understand what you've tapped or clicked on the App, and we make features improvements based on this information. They receive information showing only that a person has tapped or used certain features in the App.
Crash/Error Reporting Vendors: We use Crashlytics to report on crashes you experience with the App so we can fix those, and Sentry to report on errors with our backend.
Messaging Apps: If you choose to use certain sharing features in our App, then you may be sharing your information with those companies, depending on factors such as that company's encryption policies. For example, if you use the "Share Directions" feature in the App, a link with your start and end points will be sent via messaging app. If the messaging app company you choose uses end-to-end encryption, your location link cannot be used or intercepted by that messaging app company.
Passengers and Drivers: To enable the provision of CM Rides, we share certain information between Passengers and Drivers. If you are a Driver, we share the following information with your assigned Passengers: your first name, photograph, private hire licence information, vehicle information, current location, and pick up and drop off location. If you are a Passenger, we share the following information with your Driver when you are assigned your Driver and during the course of your CM Ride: first name and last initial, route information, current location, and pick up and drop off location.
Communication Platforms: To send you transaction receipts for your CM Rides and/or CM Pass subscription and to send you all other emails and update about our services, we use communication platforms such as Sendgrid and Mailchimp. If you are a Passenger and you choose to call your assigned Driver, we use a third-party communication platform to mask your telephone number.
Identity verification platforms: We use identity verification agencies like Onfido and credit reference agencies to verify your identity to prevent fraudulent or unauthorised use of our services. They receive your name, home address and date of birth. If we are not able to verify your identity using this initial check, they will receive the additional information that you give us in order to verify your identity such as your Additional ID Documents. Identity verification agencies and credit reference agencies also use information from a number of different public sources (for example the electoral roll) to verify your identity. Credit reference agencies may also leave a 'soft' footprint on your credit file for the purpose of identity verification which should not affect your credit rating.
CM Pass card issuer: We use Prepaid Financial Services (PFS) to issue and deliver the CM Pass card to you and to process transactions on your CM Pass card. PFS receives your name and home address. If you choose to use a mobile payment system for your CM Pass card, PFS will also receive your phone number. PFS may also undertake quality assurance checks of our identity verification process, in which case they will have access to your information available from public sources, your date of birth and any additional information that you give us in order to verify your identity such as your Additional ID Documents.
We'll only process your personal information where we have a legal basis for doing so. Our legal basis to process your personal data includes processing that is:
necessary for our legitimate interests, which are:
to research, develop, fix and provide new and tailored features for our Citymapper App users (e.g., ranking journey routing results in a way that surfaces more relevant routes at the top);
to create and evaluate routes for CM Ride;
to provide on-trip support to users and to ensure that the App and the CM Ride are safe and secure for users;
to accept and administer payment from users for use of CM Ride and/or CM Pass;
to improve navigation and routing on CM Ride;
to verify users' identity to prevent fraudulent or unauthorised use of our services; and
to prevent breaches of our terms and policies or to prevent harmful or illegal activity;
necessary for the performance of our contract with you (e.g., so Passengers and Drivers can find each other, and to find you the route options you've requested in the Citymapper App);
necessary to comply with relevant legal requirements (for example, to comply with applicable regulatory obligations, to comply with financial crime laws and to make mandatory disclosures to law enforcement); and
based on your consent (for example, where you provide us with marketing consents), which may be withdrawn at any time by contacting us at the email address specified below.
You have a legal right under the GDPR to request access to a copy of the personal information about you held by us. In order to do this, contact us at firstname.lastname@example.org. Please use the subject line "DSAR" and include details about what personal information you're looking for. You will need to have created an account in order for us to provide you with your information because without an account, we are not able to connect your Installation ID to a verifiable email address.
Subject to any legal obligations to keep your information longer, we store your personal information for as long as is necessary to provide our services and products, or until you ask us to delete it, whichever comes first.
If you ask us to delete your personal information by emailing us at email@example.com, please use the subject line "Account Deletion."
Note that residual copies may take longer to be removed from our backup systems. We will keep a record of your request in order to ensure compliance with legal obligations.
You have the right at any time to prevent the use of your personal information for direct marketing purposes. If you no longer want to receive marketing messages from us, please let us know by writing to us at firstname.lastname@example.org, and you will be unsubscribed accordingly. Please note that sometimes it can take a short amount of time to refresh our records for these purposes. Also, we may still send you non-promotional, transactional messages, such as receipts for your rides or information about your account.
We may send you information we think you may find useful (e.g., tube line and subway disruptions and alerts about CM Ride relevant to you) or which you have requested from us by push notification and/or by email (if provided), and we or your device's operating system will give you the option to opt-out of receiving further notifications or emails.
We place great importance on the security of all information associated with our users. We use measures such as encryption, pseudonymisation, information access controls, and firewalls.
Keep in mind that submission of information over the internet and mobile networks is never entirely secure. We cannot guarantee the security of information you submit via the App whilst it is in transit over the internet or mobile networks and any such submission is at your own risk.
Information that you submit via the App is sent to and stored on secure servers located in the United Kingdom, other European Economic Area countries and in the United States. Information submitted by you may be transferred by us to our other offices and/or to the third parties mentioned in the circumstances described above, which may be situated outside the European Economic Area (for instance in the United States).
We work hard to handle your information responsibly. If you're unhappy about the way we do this, please contact our Data Protection Officer by email to email@example.com.
However, you also have the right to lodge a complaint about the data processing activities carried out by Citymapper with our lead supervisory authority, the UK Information Commissioner's Office. Our ICO registration number is ZA017660.