Privacy Policy

PRIVACY POLICY

 

Last updated: 2 August 2023

 

Welcome to GVRIDE. This policy describes our approach to dealing with personal data of GVRIDE users (“you” or “yours”). 

GV CAR VENTURES SDN. BHD. 202301028660 (1522583V) is the entity that provides GVRIDE and controls processing of data (“we” or “us”).

This policy applies when you use GVRIDE websites, mobile applications, products, content or services (collectively “Platform” or “GVRIDE”), or when you contact us. The policy does not cover how we handle information about our candidates, employees or business partners.

This policy applies wherever GVRIDE is available, except for the countries where a jurisdiction-specific privacy policy is in place. We will comply with applicable local laws in relation to all practices described in this policy. If there is an inconsistency between this policy and the local law, we will comply with the local law to the extent of the inconsistency.

Users that request or receive transportation, logistics, or courier services via GVRIDE are referred to as “Passengers”, and individuals who provide these services to Passengers are referred to as “Drivers”. 

 

What information we collect

We collect three categories of information about you: information you provide, information we collect automatically, and information we obtain from other sources.

We do not collect information about your racial or ethnic origin, political opinions or membership of any political association, religious or philosophical beliefs, trade-union membership, genetic data, or data concerning a person’s sex life or sexual orientation.
 

Information you provide

Registration and Passenger information may include first name, phone number, email, country, and city. Where permitted or required by law, we may collect your selfie image for liveness checks, national ID numbers and social media accounts for safety purposes, as well as emergency contact numbers. Without providing this information you will not be able to use GVRIDE or some of its features. If you wish, you may additionally provide your last name, and profile picture. 

Driver information may include driver’s full name, profile picture, license data and status, information about the vehicle (type, make, model, year of manufacture, color, registration certificate data, license plate, vehicle inspection report, vehicle image), proof of identity, state identification numbers, ID document (including driver license, passport), proof of residency, home address, date of birth, gender, taxation identifier number, relevant insurance, right to work, driving record, payment or banking information, and other documents which may be required by applicable regulation. Where permitted or required by law, we may additionally collect background checks and criminal records information. This information may be processed by authorized vendors on our behalf. Without providing such information, you will not be able to register as a Driver.

User generated content that you choose to upload on GVRIDE, such as comments, ratings, and reviews.

Information in correspondence you send to us may include chat messages, emails with any attachments, recordings of phone calls you make to us and the related metadata. 

Information for promotions. From time to time, we may run car branding, referral and other promotional programs. If you wish to participate in such programs and receive bonuses, payments or other benefits, we may ask you to provide information such as your name, email, user ID, phone number, payment or banking information, home address, social media account, vehicle type and image.
 

Information we collect automatically

Location information. We collect users’ location data to enable rides, provide user support, ensure safety, detect fraud, and comply with legal requirements. We collect location information (including GPS coordinates and WiFi data) based on your GVRIDE app settings and device permissions:

-  Passengers: We collect your device’s precise location when the app is running in the foreground (app open and on-screen) and when the app is running in the background (app open but not on-screen) from the time you request a ride until it ends. Passengers may use the app without enabling it to collect precise location data from their mobile devices by directly inputting the pick-up and drop-off address or coordinates into the app.

-  Drivers: We collect your device’s precise location when the app is running in the foreground (app open and on-screen) and when the app is running in the background (app open but not on-screen) in the Driver mode. We may also collect precise location for a limited time after you exit Driver mode to detect and investigate ride incidents.

Transaction information. We collect transaction information related to the services provided via GVRIDE, including amount charged, payment transaction information, date and time the service was provided, route and distance traveled.

Usage information. We collect data about your use of our Platform, such as access dates and times, features or pages viewed, Platform crashes and other system activity. We may also collect and use for marketing purposes the data related to third-party services you used before interacting with GVRIDE.

Communications information. We enable users to communicate with each other and with us through the Platform. To facilitate this, we receive data about the time and date of the communications and the content. We may use this data to provide user support and resolve disputes between users, identify violations of GVRIDE rules, ensure safety, and improve our Platform.

Device information. We collect information about the device you use to access GVRIDE, such as your device name, brand and model, user agent, IP address, mobile carrier, network type, time zone settings, language settings, advertising identifiers, browser type, operating system and its version, screen parameters, battery state, and installed applications that can be used for authentication and anti-fraud purposes. We may also collect mobile sensor data, such as speed, direction, altitude, acceleration, deceleration, and other technical data.

User and trip IDs. We automatically assign you a user ID when you create an GVRIDE account, and a trip ID for each trip. 

Cookies and tracking technologies. We collect information through the use of cookies, pixels, tags and other similar tracking technologies (“сookies”). To learn more about these technologies, please see our Cookie Policy.
 

Information we obtain from other sources

Third-party services. We may receive information about users from our service providers, which include background check and identity verification providers, insurance partners, financial services vendors and marketing service providers. If you choose to use a third-party communication application (such as WhatsApp) or sign up using a third-party service (such as Facebook), where this functionality is available, we may collect information from these services. 

State authorities. We may receive information about users from law enforcement agencies and other government authorities as required or authorised by law.

Other users or third parties. Third parties may provide us with information about you, for example in connection with referral programs or through user support (such as information related to an incident or complaint, including audio, video, images, documents).

 

How we use your information

We use the personal information for the following purposes:

1. To enable you to use GVRIDE

-  enable users to maintain an GVRIDE account, request and provide services via GVRIDE;

-  verify Drivers’ right and ability to provide services via GVRIDE;

- prevent and combat unsafe or unlawful behaviour, fraud and other violations of GVRIDE rules, suspend and deactivate users engaged in prohibited activities;

-  provide user support, handle user complaints;

-  send non-marketing communications (such as invoices, receipts or notifications about your ride);

-  maintain accessibility, security and stability of our Platform, prevent and resolve incidents and technical problems.

Legal basis: performance of our contract with you, necessity to comply with our legal obligations, and our legitimate interest to make GVRIDE a safe space.

2. To improve and develop features and products

-  perform testing, research, data analysis, development and machine learning;

-  collect your feedback.

Legal basis: our legitimate interest to give you the best GVRIDE experience. When express consent is required for certain uses, we will obtain it separately. 

3. To promote GVRIDE

-  send you marketing communications and ads, and make marketing calls to you;

-  provide you with personalised content and advertising on GVRIDE, and on third-party platforms;

-  organise contests, events, car branding and referral programs and other promotions.

Legal basis: our legitimate interest in promoting GVRIDE. When express consent is required for certain forms of direct marketing, we will obtain it separately.

4. To protect rights and comply with legal requirements

-  comply with license or permit requirements, and any other applicable laws and regulations;

-  respond to law enforcement requests, government inquiries, subpoenas, court orders, legal claims;

-  protect the rights and interests of the GVRIDE group, our users, or the public.

Legal basis: necessity to comply with our legal obligations, and our legitimate interests.

 

Automated decision-making

We use personal information to make automated decisions relating to your use of our Platform:

-  connecting Drivers and Passengers, based on such factors as availability and proximity;

-  determining user ratings, and deactivating users with low ratings;

-  flagging or temporarily suspending users who are identified as having engaged in fraud, unsafe or harmful activities. In some cases, such activities may lead to deactivation;

-  recommending an average fare, based on such factors as distance, location and time.

Where required by law, actions (including deactivation) based on such processing occur only after human review and/or the possibility to appeal. To object to a decision resulting from these processes, please contact us at https://gvride.com/contacts/support/.

 

How we share your information

With other Users. We share certain information about users to enable the scheduling and provision of rides:

-  Passenger information shared with Driver includes name, profile picture (if uploaded), rating, pickup and drop-off locations, number of trips, offered fare, comments and contact information. In regions where we require Passengers to submit a national ID number, we may also share with the Driver whether the Passenger has submitted this number (but we will not share the ID number as such).

-  Driver information shared with Passenger includes full name and profile picture, information about the vehicle and its photo, location before and during the trip, ratings and reviews, number of trips, age (for certain features) and contact information.

When required to provide Passengers with receipts and invoices, we may share information about the origin and destination of the trip, the total duration and distance of the trip, itemisation of the total fare, Driver’s name, taxation identifier number and other information required by law.

If you register with GVRIDE via a referral link, we may share certain information about you, such as your name and trip count, with the user who referred you. This is to enable the referring user to check whether they are eligible for the referral bonus.

For the purposes of services other than the transportation services provided via GVRIDE, we will share the information with other users that is necessary for the provision of such services. 

With service providers. We may share your personal information for business purposes with providers of the following services:

-  payment processing and transaction fulfilment;

-  user and technical support;

-  background checks, identity verification;

-  insurance;

-  cloud storage;

-  content delivery, in-app messaging, in-app calling, push notifications;

-  anti-fraud;

-  advertising, marketing, and analytics (including AppsFlyer);

-  research and surveys;

-  payment of bonuses and provision of other benefits related to our promotions;

-  consultants, lawyers, accountants, auditors, and other professional services;

-  airports.

The following partners process data for their own purposes as independent controllers and we do not control such processing:

-  Google, in connection with the use of Google Maps (see Google’s privacy policy);

-  social media companies (including Meta), in connection with our use of their tools (see Meta’s privacy policies).

Within the corporate group. We may share your information with a parent, subsidiary, or an affiliate of our corporate group as part of our global operations. 

In connection with a business transfer. We may transfer personal information in connection with a substantial corporate transaction in which personal information is among the assets to be transferred. 

For legal reasons. We may disclose your personal information when it is necessary to protect rights and comply with legal obligations.

With your consent. We may share your personal information for other purposes pursuant to your consent or at your direction.

When it is depersonalised. We may share aggregated or otherwise anonymised information which is no longer personally identifying.

 

Cross border data transfers

To support our global operations, we may share your information with members of GVRIDE corporate group and other entities outside of your country of residence as described in the section “How we share your information”. We do so for the performance of our contract with you, or based on consent, adequacy decisions for relevant countries, or other transfer mechanisms and appropriate safeguards under applicable law, such as the Standard Contractual Clauses approved by the European Commission. 

We will take reasonable steps to ensure that any overseas recipient deals with your personal information in a manner consistent with how we deal with it.

 

Your rights and choices

Accessing, receiving and updating your information. You may access, review and update your information either in your account settings in the app or by contacting us at https://gvride.com/contacts/support/. You may also request a copy of all information on you which we process. You may receive your data in a structured, commonly used and machine-readable format to the extent such data has been processed by automated means.

Deleting your account and data. You can delete your account through the app settings or request the deletion of your account and your data by contacting us at https://gvride.com/contacts/support/. You may be asked to verify your account and identity. We will not be able to delete your account if there is an unsettled debt or an unresolved issue related to your account (for example, an unresolved complaint). We may retain certain information after your account is deleted provided there is a legitimate basis for such retention (see section “How we store your information”). 

Sharing location information. Your device may have controls that determine what information we collect. For example, you can prevent your device from sharing location information through your device’s system settings. 

Objections and withdrawal of consent. You have the right to object to us processing your information where processing is based on our legitimate interests. You can also withdraw consent to processing at any time where processing is based on your consent. In particular, you may exercise these rights by:

-  Opting out of push notifications. You can opt out of receiving push notifications through your device settings or through the app settings.

-  Unsubscribing from marketing emails and messages. You can opt out of marketing emails and messages by using the “unsubscribe” link or the mechanism noted in such emails and messages.

-  Opting out of marketing calls. You can opt out of receiving marketing calls during a call or by contacting us at https://gvride.com/contacts/support/. 

-  Managing cookies. You can delete cookies and modify your cookie settings in your web browser settings. 

Restrictions. You can request that we limit our use of your data. We may continue to process your data after such a request to the extent required or permitted by law.

Right to complain to the supervisory authority. Under the local law, you may have the right to file a complaint with your local supervisory authority.

 

How we store your information

We keep your personal information for as long as you have an account with us. We may retain certain information after account termination for legitimate reasons:

-  We will retain transactional information (such as data about rides and payments) for as long as needed to meet our tax obligations. Tax law generally requires us to retain information for 10 years.

- We will retain the information for the period required by the licensing regulator (where applicable). The retention period will vary depending on your location and the type of data.

-  We will retain correspondence and other documentation for as long as this is required for compliance with statutory document retention obligations. Commercial law generally requires us to retain commercial correspondence for 6 years.

-  If there is a legal claim or dispute or any possibility thereof, we will retain corresponding information until the claim is satisfied/dispute is resolved or the statute of limitation expires. The statute of limitation will depend on your location but will generally require retention for 3-7 years.

-  We will also retain data relevant to prevent fraud, to ensure users safety, to comply with our legal obligations for a period needed to fulfil these purposes. 

 

How we protect your information

We take reasonable and appropriate technical, legal, and organisational security measures to protect your personal information from any unauthorised action including but not limited to access, disclosure, alteration, or destruction leading to loss, theft, or misuse of your data.

The security processes in our company are developed in accordance with the ISO/IEC 27001:2013 standard, and we do our best to affirm our commitment to safeguarding your information. We regularly review our security measures to consider available new technology and methods. Since absolute security does not exist either on or off the Internet, we cannot guarantee the absolute security of your information, especially against maliciously intended acts by third parties where the cost for the successful attack multiplies several times the value of the data possibly compromised. Nevertheless, we make commercially reasonable efforts to keep your information safe.

 

General disclosures

Protecting children. GVRIDE is not directed to children (as defined in the local laws). Should we discover that we hold personal information of a child we will use reasonable endeavours to delete this data and ensure that it is not further used or shared. If you believe a child has provided us with personal information, please contact us at https://gvride.com/contacts/support/.

Telephone monitoring. Telephone conversations may be monitored and recorded for quality assurance and training purposes.

Do Not Track. Some browsers transmit “do-not-track” signals to websites. Because of differences in how browsers incorporate this feature, we currently do not take action in response to these signals.

Third-party collections. Certain third parties may use automatic information collection technologies, including cross-site tracking technologies, to collect personal information. These third parties may include your internet service provider, web browser, mobile service provider, mobile device manufacturer, online advertisers, and data analytics companies. Additionally, our Platform may contain links to third-party platforms. Clicking on such links means that the respective platform may collect your personal information. We are not responsible for the privacy practices of third parties. 

 

Changes

We may update this policy from time to time to reflect the changes in laws or in how we operate. When we update this policy, we will notify you by updating the “Last Updated” date at the top of this page and by posting the new Privacy Policy and providing any other notice required by applicable law. When you use GVRIDE, you are agreeing to the most recent terms of this policy.

 

Contact us

Please, contact us at https://gvride.com/contacts/support/. We will respond to you consistent with applicable laws and subject to proper verification of your account and identity. 

GV CAR VENTURES SDN. BHD. 202301028660 (1522583V)