SPLT Data Protection Statement
Protecting our user’s personal data and privacy is of the utmost importance to Splitting Fares Inc (“SPLT”). With the following information, we would like to give you as a customer or as an interested party in our services an overview of the processing of your personal data by us and of your rights under data protection law.
SPLT complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. SPLT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
1. What is SPLT and how does it work for the user?
The purpose of the SPLT Platform is to provide the organization and coordination of shared rides to and from work among the staff of corporations.
To that end, users may set up recurring or non-recurring business or non-business routes at the time and place of their choosing, either one-way or roundtrip.
Users may select which routes and carpools to participate in, with the ability to communicate within the app, use a cashless reimbursement tool, and other functionality on Android or iOS. Please refer to our website at www.splt.io for more detailed information on the SPLT Platform and how it is used.
The SPLT Platform is not directed at children under 16 years of age.
2. What personal data does SPLT collect from its users?
2.1. Personal data is any information relating to an identified or identifiable natural person. We process personal data that we receive from our customers or other data subjects in the course of our business relationship. We collect and process personal data only if there is a legal basis for this or if you have given us your consent to do so, e. g. during your registration (for more information on this see section 4 below).
2.2. Upon registration, SPLT collects the following personal data from its users: name, photo (optional), work e-mail address, phone number, car model (Drivers only) and password.
2.3. To provide our service, particularly to facilitate the route-matching and reimbursement of payments among users (rider and driver), SPLT collects and processes information on individual carpools and their subsequent transactions. Thus, we collect information at start, at end and throughout the duration of a carpool route. The data collected is limited to addresses from the routes traveled, the times these routes are performed, the days they travel these routes, and whether or not it is a round trip as well as (optionally at the user’s discretion) the user’s car information (make, model, year, number of seats, and color).
2.4. The SPLT app lets you organize carpool trips by messaging other members of your carpool. Thus these messages are collected by SPLT.
2
2.5. In case a user activates location detection via GPS in the SPLT app, we collect and processes information regarding the location of the user including: latitude, longitude, direction, speed, and time of travel.
Once the ride ends by tapping the End Ride button, tracking ends as well. The GPS data collected is deleted after a maximum of six years.
2.6. In addition, SPLT retains the right to use anonymized data to improve its offerings, for product improvement purposes (however, this does not apply to carpool transactions that are settled on behalf of corporations). These improvements include using anonymized driving and route data to fine-tune and train the system to match people in a more intelligent way by tracking people’s preferences for route matches. This data is used internally by our matching and carpooling systems to provide better matching services and not explicitly provided to third parties.
2.7. The following data is primarily stored locally on the device and will be synchronized with the SPLT backend for backup purposes and for the purpose of matching users for their carpool: First name, profile photos, route stops, company information (name), as well as optionally at the user’s discretion the user’s car information (make, model, year, number of seats, and color). This data will be shared automatically within the app between the members of the same carpool for this carpools’ purposes.
3. What permissions does the SPLT app require?
Included below is a description of each permission that SPLT requests within the app, on both Android and iOS, from its users and the functional reasons why it is requested. Users can agree or disagree to any of the permission requests. However, permission requests that are needed for the app to run functionally are denoted by a “*”.
3.1. Android Permissions:
REQUEST
REASON
INTERNET*
Used to communicate with our API.
CAMERA
We use this to take your profile pictures.
SYSTEM_ALERT_WINDOW
A built-in React Native tool used for us to debug.
VIBRATE
Vibrates the phone when you get a notification.
ACCESS_NETWORK_STATE *
To stop network requests when you don't have network access and display a message saying you don’t have internet.
ACCESS_COARSE_LOCATION *
To see where you are during your carpool.
ACCESS_LOCATION_EXTRA_COMMANDS *
This allows us to see when you move and allow us to better update the carpool.
WAKE_LOCK
Used by react-native-push-notification.
RECEIVE_BOOT_COMPLETED
Added by react-native-push-notification.
BLUETOOTH
We use this to talk to bluetooth devices. Added by react-native-device-info.
NOTE ON Android PERMISSIONS: Android segregates its permission into normal permissions and not normal permissions. Normal permissions are defined as permissions that are granted automatically and which indicate that there's no great risk to the user's privacy or security in letting apps have those permissions. Normal permissions include: INTERNET, VIBRATE, ACCESS_NETWORK_STATE, ACCESS_LOCATION_EXTRA_COMMANDS, WAKE_LOCK, RECEIVE_BOOT_COMPLETED, and BLUETOOTH.
Some permissions are also added by third party libraries, but those that are most important are the Locations, which we use to track user locations to coordinate pickup locations and times. This is how the app knows where the driver is located. Camera is used to take profile pictures and access their pictures.
3.2. iOS Permissions:
REQUEST
REASON
Camera Usage
We require access to the camera to update your profile photo
NSLocationAlwaysAndWhenInUseUsage *
We require your location to track your carpool locations
NSLocationAlwaysUsage *
We require your location to track your carpool locations.
NSLocationWhenInUseUsage *
We require your location to track your carpool locations.
NSMotionUsage *
We require your location to track your carpool locations. This is the fitness data we request
NSPhotoLibraryUsage
We require your photo library to update your profile photo
Push notifications
Used to send you updates and reminders
4. For what purposes does SPLT collect and process personal data?
We will use the information we collect:
PURPOSES
LEGAL BASIS
4.1. to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you requested from us;
This processing is necessary for the performance of our mutual contractual obligations.
4.2. To provide you with additional and advanced functionalities of our service (examples are: use of the data described in section 2.3 for the purposes of providing carpool matches based on our unique solution for optimizing on-time trips to and from work; use of the data described in section 2.4 to validate the occurrence of a ride, for tracking and validating rides based on carpools and for providing estimated time of arrivals of drivers to riders)
This processing is necessary for the performance of our mutual contractual obligations and/or based on our legitimate interest (i.e. providing you with a better and competitive service).
4.3. to send you service-related information and other communication pertaining to your carpools by email and/or text message and/or any other communication means (e.g. your booking confirmation;
This processing is necessary for the performance of our mutual contractual obligations.
4.4. to facilitate the reimbursement of payments between you and other users (rider and driver), usually by way of third party (payment provider) services ;
This processing is necessary for the performance of our mutual contractual obligations.
4.5. to enable you to personalize your user profile on our Platforms;
This processing is necessary for the performance of our mutual contractual obligations and/or based on our legitimate interests (i.e. providing you with a better and competitive service).
4.6. to enable you to communicate and interact with other members about our services or about the trips(s) you have/will share with other members and/or to organize such trips via messaging and calling;
This processing is necessary for the performance of our mutual contractual obligations.
4.7. to give you access to our support services and to enable you to communicate with our member relations team;
This processing is necessary for the performance of our mutual contractual obligations.
4.8. to ensure compliance with (i) applicable laws, (ii) our Terms and Conditions, and (iii) our Privacy Notice. Certain breaches that we regard as inappropriate may lead to the suspension of your account;
This processing is necessary (i) for the performance of our mutual contractual obligations, (ii) for compliance with our legal obligations and/or (iii) for the establishment, exercise or defence of legal claims.
4.9. to notify you about changes to our services;
This processing is necessary (i) for the performance of our mutual contractual obligations, (ii) for compliance with our legal obligations and/or (iii) the establishment, exercise or defence of legal claims.
4.10. to administer our Platforms and for internal operations, including troubleshooting, data analysis, testing, research, analytic and survey purposes (e.g. we store the data described in section 2.4 for historical tracking purposes and to be able to anonymized report kilometers reduced by carpooling);
This processing is based on our legitimate interest (i.e. ensuring the security of our Platforms and improving its features).
4.11. to improve our Platforms to ensure that content is presented in the most effective manner for you and for your device (e.g. we use the data described in section 2.4 in order to create a smarter platform that can automatically trigger geolocation based actions, such as starting a ride automatically or notification of an upcoming ride);
This processing is based on our legitimate interest (i.e. providing you with meaningful content).
4.12. to allow you to participate in interactive features of our service (such as e.g. providing messages or call between you and other users in connection to your mutually shared rides), when you choose to do so;
This processing is necessary (i) for the performance of our mutual contractual obligations and/or (ii) based on your consent.
4.13. as part of our efforts to keep our Platforms safe and secure;
This processing is based on (i) our legitimate interest (ensuring the security of our Platforms), (ii) carried out for the establishment, exercise or defense of legal claims and/or (iii) for compliance with our legal obligations.
4.14. to allow you to participate in our rewards platform, where you can earn rewards based on the tons of CO2 saved by sharing your trips; as part of this participation your user name may appear on the rewards list and report.
This processing is based on your consent.
5. Who can access my personal data?
5.1. Within SPLT, access to your personal data is only possible under a strict need-to-know policy in order to fulfill our contractual and legal obligations. To that end, service providers and our agents may also receive your personal data, if they in particular maintain confidentiality and integrity. We have carefully selected the service providers and our agents and regularly monitor them, in particular their careful handling and safeguarding of the personal data stored with them. In compliance with the applicable data protection regulations, we in particular pass on required personal data to the following processors outside of SPLT for the provision of our services for the following reasons::
Processor Name
Data used by this processor
Why
Google Maps
GPS coordinates, and addresses
Used to make routes between some origin and destination. Also used to suggest places that are nearby the user.
Twilio
Phone number
Used to send text messages and phone calls to notify user of their rides and when they arrive. Also used to anonymize calls between users of the app
Mandrill/Mailchimp
Email address
Used to send emails to the users with information related to the application
Sentry
Phone OS, Phone device ID, email
Used to log important app information and to track internal errors
Nexmo
Phone number
Used to send text messages and phone calls to notify user of their rides and when they arrive. Also used to anonymize calls between users of the app
Pushwoosh
Phone device ID
This is used to send push notifications to the application. The Phone ID is used to route data
Stripe
Credit card information, billing address, name
Used to bill users. Also used to make payments through the application.
Paypal
Credit card information, billing address, name
Used to transfer money between users. We just use Paypal’s information
Amazon Web Services
IP address
Used for all data hosting of back-end services.
Desk.com
Name, Email
To log feedback from users
5.2. With regard to the transfer of data to third parties, it must first of all be noted that we only pass on required personal data in compliance with the applicable data protection regulations. As a matter of principle, we may only disclose information about you if required by law, if you have given your consent or if we are authorized to provide information. Under these conditions, recipients of personal data can be, for example: • public bodies and institutions (e. g., tax authorities, law enforcement agencies) in the event of a legal or official obligation,
• creditors or insolvency administrators who file a petition in the course of enforcement proceedings,
• auditors,
• service providers that we use to process personal data on our behalf (see section 5.1 above).
5.3. We may provide third parties with non-personally identifiable visitor information for marketing, advertising, or other uses. Additionally, reporting of key metrics such as rides completed are anonymized and reported on a collective basis, not individual.
5.4. The data exchange between the users is pseudonymized. Users only see first name and last initials. When calling one another through the SPLT app, user’s numbers are pseudonymized. The Users can see one another’s profile photos. Users can only see profile photos of suggested matches and not everyone at will.
6. Is personal data transferred to a third country or international organization?
6.1. In principle, all data will be stored on a server in Germany and will not leave Germany or the EU. However, as an exception to this general rule, personal data may be transferred to bodies in countries outside the European Union (so-called third countries) to the extent that it is legally required (e. g. tax reporting obligations), or to the extent the user has consented to such transfer of personal data. Furthermore, we may transfer personal data to bodies in third countries to the extent necessary for the purpose of customer support including Desk.com and to IT service providers in a third country to ensure SPLT’s IT operations while complying with European data protection standards.
6.2. The companies listed in the Processor Name column in the table under section 5.1 above are based in the United States and are certified EU-US Privacy Shield or have agreed to abide to the requirements of the EU data privacy model clauses of the EU commission.
7. How does SPLT protect personal data?
SPLT has taken strict security precautions to protect the personal data of its users. These security precautions include protection against unauthorized access, loss, destruction or manipulation by third parties. All security precautions are reviewed on an ongoing basis and adjusted to reflect the latest state-of-the art. Our app is scanned on a regular basis for security holes and known vulnerabilities in order to make it as safe as reasonably achievable. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are encrypted end to end and processed through a gateway provider and are not stored or processed on our servers.
EU users will have data hosted in servers located in Frankfurt on a VPC within Amazon Web Services hosting. Server data is encrypted at rest with secured connections between clients and the servers via SSL. API access is controlled via API keys and user keys. For reference, please see Amazon’s Data Protection in Germany: https://aws.amazon.com/compliance/germany-data-protection/
SPLT abides by the EU Privacy Shield, including the seven privacy principles and 16 binding supplemental principles as they relate to personal data received from the EU. For reference, see the Requirements of Participation here: https://www.privacyshield.gov/article?id=Requirements-of-Participation
8. How long will my personal data be stored?
8.1. We process and store your personal data as long as it is necessary for the fulfilment of our contractual and/or legal obligations.
8.2. If your personal data is no longer required for the fulfilment of our contractual and/or legal obligations, it will be deleted regularly, unless its further processing - limited in time - is necessary for the following purposes: • Fulfilment of commercial and tax law storage obligations (German Commercial Code (HGB), German Tax Code (AO), German Money Laundering Act (GwG)). As a rule, the periods for storage and documentation specified therein are between two and ten years.
• Preservation of evidence within the framework of the statutory limitation period (e.g. if we believe you have committed fraud or violated our Terms and Conditions, we may want to keep some of your information to avoid that you circumvent the rules applicable to the SPLT Platform). Pursuant to sections 195 et seqq. of the German Civil Code (BGB), the statutory limitation period can be up to 30 years, whereby the regular statutory limitation period is 3 years.
9. What rights do I have as a user and how can I assert them?
9.1. Every user has the right of access in accordance with Article 15 of the General Data Protection Regulation (GDPR), the right to rectification in accordance with Article 16 GDPR, the right to erasure in accordance with Article 17 GDPR, the right to restriction of processing in accordance with Article 18 GDPR, the right to data portability in accordance with Article 20 GDPR and the right to object under Article 21 GDPR. In addition, you have the right to lodge a complaint with the competent supervisory authority in accordance with Article 77 GDPR in conjunction with section 19 Federal Data Protection Act (BDSG-neu).
9.2. With regard to the right of access and the right to erasure, the restrictions according to sections 34 and 35 of the Federal Data Protection Act (BDSG-neu) apply.
9.3. Before responding to your request, we may ask you to (i) verify your identity and (ii) provide further details so we can better respond to your request.
9.4. You may revoke your consent to the processing of your personal data at any time. This also applies to the revocation of consent given to us before the application of the GDPR, i. e. before 25 May 2018. Please note that the revocation will only take effect for the future. Processing carried out prior to revocation is not affected.
10. Is there a statutory or contractual requirement for the user to provide data?
Within the scope of our business relationship, you must provide personal data that is necessary for the initiation, execution and termination of a business relationship and for the fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without this information, we will usually not be able to enter into, execute and terminate a contract with you.
11. Changes to this Data Privacy Policy
We reserve the right to change our security and data protection measures as necessary due to technical developments. In these cases, we will also adapt our Data Privacy Policy accordingly. Therefore, please always take note of the current version of our Data Privacy Policy.
12. Who is responsible for data processing and who can I contact?
Responsible for data processing is
Splitting Fares, Inc.
330 E Liberty, Lower Level
Ann Arbor, MI 48104
United States of America
In compliance with the Privacy Shield Principles, SPLT commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact SPLT’s data protection officer at:
Matthias Goebel
Group data protection officer
Information security and data protection Bosch group (C/ISP)
Robert Bosch GmbH
Kronenstrasse 20
70173 Stuttgart
Germany
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
SPLT has further committed to refer unresolved Privacy Shield complaints to JAMS an alternative dispute resolution provider located in the [United States]. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim, for more information or to file a complaint. The services of JAMS are provided at no cost to you.
SPLT is subject to the investigatory and enforcement powers of the United States Federal Trade Commission. We remain potentially liable if an agent that we engage to assist us does so in a manner inconsistent with the Privacy Shield Principles.