Private policy updated August 2024

Monochrome Convoy limited (“we”,“our”, “us”) are committed to protecting and respecting your privacy. Our company:

Monochrome Convoy limited, number 09865072 Registered Office: Unit 407 Oxgate house, London, NW2 7JA.

This privacy policy explains how we use any personal information we collect about you, as a past, present employee, a service user, Driver or when you use our website or mobile applications. This notice covers how we use your data on our mobile apps (Monochrome - The transport app, Monochrome Driver & agent app) and websites (www.monochromeapp.com).

Please read this notice carefully so that you understand your rights to your personal data, and how we will collect, use and process your personal data. If you do not agree or have any objections with this Privacy Notice in general or any part of it, you should not access the Websites, the Apps or use our services.

We have nominated a Data Protection Officer, and you can contact him at business@monochromeapp.com or you may post it to our registered address above to the attention of ‘Data Protection Officer’.

Purpose of processing

We process information that we need, so we can provide you with the best service. The term “you” or “your” refers to the passenger or rider who requests, hires and/or receives a transportation service either passenger or courier services through their Monochrome app account.

We process your personal data so we can provide you with one or more of our transportation services:

• We connect you with a driver, we collect and process personal data for the purpose of connecting passengers with drivers so you can be picked up and dropped off.

• We get you to where you want to go: We display geolocation data when ride-hailing to enable efficient pick-up and drop-off, and make the journey and route transparent. 

• Communication data is collected only when the Monochrome app is activated. The collection of geolocation data stops after closing the Monochrome app. In all cases drivers cannot see passengers' phone numbers.

• We make sure the app is optimal: We use contact details to notify passengers and riders of updates to the Monochrome app so you can keep using our services. We also gather limited data from the device that you use to connect you with our internet, mobile and telephone services, and to help keep your account safe through authentication and verification checks.

• We make sure your ride is the quickest, cheapest and most convenient to you: We collect data on the routes taken by our passengers and riders to analyze geographic coverage. 

• We collect your payment: We obtain payment details to process passenger payment on behalf of drivers for ride-hailing.

• We maintain and promote standards: We collect data about journey statuses, time and passenger ratings from driver feedback to encourage user safety, promote compliance with our terms and conditions, and make sure we’re providing a quality and enjoyable service to everyone. Customer support data and correspondence is collected for the purposes of feedback, and resolving disputes and service quality issues.

• We keep you informed: Your name, phone number and email address will be used to communicate with you for things like letting you know that your journey has been completed, sending you trip confirmation slips and receipts.

  
  

Personal data we process of customers

• Contact details: things like name, phone number and email address. For some of our services we may require a little more, like your home or business address.

• Limited identification data of the device, like the IP address, on which the Monochrome app has been installed

• Payment information like the total amount charged and the payment card details used.

• Profile information: profile picture, saved addresses, language and communication preferences. We may need a form of ID in special cases

• Geolocation: such as where you’ll be picked up and dropped off to, or any supplementary stops in between.

• Communication and correspondence records such as when you engage with our in-app chat, or speak with our customer service agents.

• Data about the usage of the transportation services: things like data about journey status, times and data about your conduct as assessed by drivers and star ratings

• Data related to communication through instant messages directly in the Monochrome app date and time of the communication and its content.

• Your IP address;

• device information including, but not limited to, identifier, name, and type of operating system (including versions);

• mobile network information.

• standard web information, such as your browser type and the pages you access on our Websites;

• mobile device UUID (Unique Download ID) and/or mobile device fingerprint; and

• hardware models, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, and device motion information.

Data we process from drivers and agents

Monochrome will collect the following personal data about you while you provide services to us:

• identity information such as title, full name, date of birth, photograph, private hire license if applicable depending on city and jurisdiction, all regulatory documents required legally from the Transport Regulator of the local authority you are part of and/or all proof of eligibility to enter into the driver contract.

• contact details such as home and work address, phone number(s), email address(es), emergency contacts and next of kin;

• data with respect to the driver contract, including commencement date, participation in driver training programmes, background checks (including criminal records, directorship and credit checks), membership of professional bodies and data relating to complaints.

• data regarding the location of the vehicle, rate of travel and other similar information transmitted from GPS trackers, telematics devices, Wi-Fi routers, forward-facing cameras and devices which are fitted to the vehicle, whether the vehicle is being used for the provision of passenger services or for personal use.

• financial data, including payments for bookings, your bank or building society account details and tax numbers.

• information about your physical or mental health or condition.

• your racial or ethnic origin or religious or similar beliefs in order to monitor compliance with equal opportunities legislation; and

• information relating to any background check, any criminal proceedings in which you have been involved or the commission of any potential criminal or civil offense for insurance or trust purposes, or when we have been notified of any relevant potential vehicle or driving offenses or where there is an allegation of parking, speeding, toll or other traffic-related offenses

Other searches we may make

Information provided to us by a third party and/or collected from public records in the case of fraud or suspected fraud. In the case of fraud or suspected fraud, we may obtain information from third parties and from public records to prevent and detect fraud.

We also receive information from other sources, such as from our group companies, from fraud prevention tools in the case of fraud or suspected fraud, from analytics companies in the case of in car wifi data usage and in the case of telematics data (including crash/impact detection, GPS location data, vehicle usage/driving style data and odometer readings), from third party data validation tools such as Experian and from publicly accessible data such as Companies House, the Land Registry, the Electoral Register and information you post online.

The lawful basis we use to process your data

We will only ever process your information if we have a lawful basis to do so. We generally in other circumstances process your personal data relying on legitimate interest grounds. Legitimate interests include our commercial interests in providing an innovative, personalized, safe and profitable service to our passengers and partners, unless those interests are overridden by other interests. 

Our legitimate interests also include things like investigating and detecting fraudulent payments and other malicious activities, maintaining the security of our network and systems, and responding to suspected or actual criminal acts.

• it is necessary to comply with a legal obligation such as for processing data when the law requires it, including, for example, if there is a valid legal request to disclose personal information to a third party such as a Court or regulatory authority;

• to protect your vital interests, or those of others, for example in the event of an emergency or an imminent threat to life; or

• you have given us clear consent to do so for another specific purpose in which you have been fully informed.

In countries where legitimate interest is not an available lawful basis for Monochrome's processing activities, we instead rely on an alternative valid legal basis available above.

We always make sure we have a good reason for doing anything with your data. The lawful basis we rely on to process your personal data is article 6(1)(f) of the UK GDPR, which allows us to process personal data when it's necessary for the purposes of our legitimate interests. We also rely on the following:

• Contract – This is where we process your information to fulfill a contractual arrangement we have in place  with you. Personal data is generally processed in order to provide the services contracted through the Monochrome app with you. This means that to give you the service we promised you, and to meet our terms and conditions.

• Consent – This is where we have asked you to provide permission to process your data for a particular purpose.

• Legal Obligation – This is where we have a statutory or other legal obligation to process the information.

How we use your information

We take your privacy very seriously. The Privacy Policy details what to expect when Monochrome collects your personal information. In most cases, any personal information provided, for example Contact Form submissions, are stored on servers in our UK Data Centres. We use a third party provider to help manage and maintain the security and performance of our corporate websites.

To perform our contract with you, we will use your information:

• to communicate with you;

• to provide you with ground transportation and/or courier services.

• to create records of bookings and to send you booking acknowledgments, confirmations, receipts and invoices; and

• to maintain records of lost property.

As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our services and organization, we will use your information:

• to detect and prevent fraud and crime;

• for reporting and data analysis purposes;

• to administer our membership and loyalty scheme(s);

• for insurance purposes;

• to comply with our legal and regulatory obligations imposed by Transport for London and any other licensing authority where we provide services;

• to meet customer service requirements and for complaint handling and feedback;

• to monitor and assess the quality of our service;

• to host events for our customers;

• to pass on feedback such as ratings or compliments about our drivers;

• to sign you up for our newsletters or alerts;

• to contact you via telephone, email, SMS or via our Apps;

• to identify our users;

• to personalize our services for you, for example, to provide you with an accessible vehicle where you request such a vehicle and if you have opted in to marketing, to send you promotions and offers tailored to your use of the services, for example, discounts on airport bookings where you frequently make airport bookings;

• to enforce our terms and conditions;

• if you have opted in to marketing, to communicate with you about products, services, promotions, events and other news and information we think will be of interest to you; or

• to provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information).

• Fraud prevention: We use a combination of risk screening tools and manual intervention to ensure that customer profiles are not fraudulent. To do this, we match the personal data provided by customers against data fields such as name, email address, mobile phone number, and we use this to accept or decline bookings.

• Marketing: We manually carry out customer segmentation for marketing purposes based on journey history. We use this to make our advertisements more relevant for market segments, such as promoting relevant journey types.

Sharing your personal information

We do not sell, rent or lease your personal information to others except as described in this Privacy Notice. We share your information with selected recipients. These categories of recipients include:

• IT Services providers that provide us with SaaS services

• analytics and search engine providers located in the UK or EU that assist us in the improvement and optimisation of the Websites and Apps; merchant acquirers located in the UK or EU and which store your personal data in the UK or EU for the purpose of processing payments.

• fraud prevention tools located in the UK and the USA for the purposes of preventing fraud.

• Partner drivers based in the territory in which you request services.

• IT support service providers who support and maintain our booking platform and have access at our premises working on a secure server.

• Our insurance company and claims handling companies, for the purpose of investigating and settling any insurance claims.

• provided you have consented, advertisers and e-marketing companies located in the UK or EU and which store your personal data in the UK or EU that require the data to select and serve relevant marketing and adverts to you and others.

• The use of a third party who may contact you via email to invite you to review any services you received from us in order to collect your feedback and improve our services.

We will share your information with law enforcement agencies, public authorities or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:

• comply with a legal obligation, process or request.

• enforce our terms and conditions and other agreements, including investigation of any potential violation thereof

• detect, prevent or otherwise address security, fraud or technical issues; or

• protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).

We will also disclose your information to third parties:

• in the event that we sell or transfer any business or assets, in which case we will disclose your data to the prospective buyer of such business or assets; or

• if we or substantially all of our assets are acquired by a third party, in which case information held by us about our users will be one of the transferred assets.

The security of your information

Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the Websites, Apps, over email or via our contact centers; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorized use, access or modification.

We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.

Duration of your data storage

To determine the retention period of your personal data, we consider several criteria to make sure that we do not keep your personal data for no longer than is necessary or appropriate. These criteria include:

• the purpose for which we hold your personal data;

• our legal and regulatory obligations in relation to that personal data of  local licensing authorities.

• whether our relationship with you is ongoing, for example, you have an active account with one or more of our brands, you continue to receive marketing communications, or you regularly browse or purchase off our Websites/Apps);

• whether you are no longer actively participating or engaging with our brands, for example, you do not open our emails, visit our Websites, or share user generated content;

• any specific requests from you in relation to the deletion of your personal data; and

• our legitimate business interests in relation to managing our own rights, for example the defense of any claims.

• Your personal data will be stored as long as you have an active passenger account. If your account is closed, personal data will be deleted (according to our retention schedule and rules), unless such data is still required to meet any legal obligation, or for accounting, dispute resolution or fraud prevention purposes.

• Financial data regarding transportation services provided to passengers will be stored for three years after the last journey. Data required for other accounting purposes will be stored for seven years after the last journey.

• In the event that there are suspicions of a criminal offense, fraud or false information having been provided, the data will be stored as long as necessary according to the internal, legal, and regulatory requirements.

• In case of payment disputes, data will be retained until the claim is satisfied or the expiry date of such claims.

• Journey history data and the data about usage of transportation services will be stored for three years, after which the data will be anonymized.

Monochrome retains user data for only as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the type of data, the transportation service it relates to, and the purposes for which we collected the data.

Please note that the deinstallation of the Monochrome app in your device does not cause the deletion of your personal data. If the Monochrome app has not been used for three years, we’ll get in touch and ask you to confirm whether you wish to keep your account active for future use. If no reply is received in a reasonable time, the account will be closed and personal data will be deleted unless such data is required for any purpose mentioned earlier in this privacy notice.

Recipients of data control

• The personal data of the passenger is only disclosed to the ride-hailing drivers when they engage with a ride on in the Monochrome app; in such a case, the driver will see the name, phone number (in some countries the number is masked), rating and geolocation data of the passenger.

• After providing the transportation service, the name and the telephone number (in some countries the number is masked) of the ride-hailing passenger will remain visible to the driver for 24-48 hours. This is necessary for drivers to resolve any issues with the passenger like getting something special back to you which might have been left in the car. Oops!

• Feedback given by passengers regarding the quality of the ride-hailing service is anonymous. Your rating is private between you and Monochrome.

• Depending on the location of the passenger, the personal data may be disclosed to the Monochrome group companies and partners (local subsidiaries, representatives, affiliates, agents etc). Processing of personal data by Monochrome group companies and partners will occur under the same strict conditions as established in this privacy notice. You can read more on your country page.

• In some circumstances we are legally obliged to share information with external recipients. For example, under a Court Order or where we cooperate with a data protection supervisory authority in handling complaints or investigations. We can also respond to requests, such as those from law enforcement agencies, when we have a good-faith belief that the response is required by law in that jurisdiction or furthers a public interest task, affects users in that jurisdiction, and is consistent with internationally recognised standards. In any scenario, we’ll always satisfy ourselves that we have a lawful basis on which to share the information, and we’ll make sure that we document our decision.

Security and access

• Any personal data collected in the course of providing our services is transferred to and stored. Only authorized employees of Monochrome group companies and partners have access to the personal data and they may access the data only for the purpose of resolving issues associated with the use of the services (including disputes regarding transportation services).

• Monochrome group companies and partners can access personal data to the extent necessary to provide customer support in the respective country.

• For our research and scientific purposes, all data, like bulk geolocation data, is anonymised so you can never be identified from it.

Your rights as a data subject

You have rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances. We have described these situations below, as well as how you can exercise your rights. To exercise any of your rights, please contact us at business@monochromeapp.com

• Access: You have the right to ask us to access the personal data we hold about you and be provided with certain information about how we use your personal data and who we share it with.

• Correction: You also have the right to ask us to correct your personal data where it is inaccurate or incomplete.

• Portability: Where you have provided your personal data to us under contract, you have the right to ask us to share (port) this data to another data controller in a structured, commonly used and machine-readable format.

• Erasure: In certain circumstances, you have the right to ask us to delete the personal data we hold about you.

• Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal data, save for storage.

• Objection: In certain circumstances, the right to restrict or object to our processing of your personal information (e.g. where you request correction or erasure, you also have a right to restrict processing of your applicable data while your request is considered). You can object to our processing of your personal data based on our legitimate interests and we will no longer process your personal data unless we can demonstrate an overriding legitimate ground.

Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals or company trade secrets or intellectual property, where there are overriding public interest reasons or where we are required by law to retain your personal data.
Our website contains links to other websites. Our privacy policy only applies to this website, we would encourage you to read the privacy statements on the other websites you visit.

Marketing and preferences

At any time you have the right to object to our processing of data about you in order to send you marketing communications, including where we build profiles for such purposes, and we will stop processing the data for that purpose. You can change your marketing preferences at any time by sending us an email.

• We may send direct marketing messages to your e-mail address and/or phone number when you have given us permission to do so, or under a soft opt-in basis. We may personalize direct marketing messages using information on how you use Monochrome's services, such as how frequently you use the Monochrome app, and your transportation preferences.

• If you no longer wish to receive direct marketing messages, please click the "Unsubscribe" link in the footer of one of our emails, or opt-out in the profile section of the Monochrome app. Easy.

Cookies 

Cookies are small text files that are stored on your computer or smart device when you access a website. They allow websites to recognise your visit and to store information on your preferences or past actions to improve your experience of using the website. Please see our Cookie Policy for full details on the cookies that we use on this website and your consent options.

Dispute resolution

Disputes relating to the processing of personal data are resolved through customer support (info@monochromeapp.com) in the first instance. You have the right to contact Monochrome's Data Protection Officer (Business@monochromeapp.com).

We may also use automated decision-making in order to undertake fraud checks which are necessary for us to perform our services, ensure that the services are paid for and ensure the protection of riders from fraudulent transactions on their payment cards.

We may use automated decision-making in order to verify you which is necessary to ensure the safety of our platform and the enforcement of our terms and conditions.

You will always have the right for human review of the decision and to contest the decision, express your point of view and obtain an explanation by contacting our customer support in our app.

Complaints

Monochrome tries to meet the highest standards when processing and collecting your personal information. In the event that you wish to make a complaint about how we process your personal data, please contact us at info@monochromeapp.com and we will endeavor to deal with your request as soon as possible.

If you are not satisfied with the response from Monochrome or believe we are not processing your data in accordance with the law, you have the right to raise your complaint with the Information Commissioner’s Office (ICO)

• Website: https://ico.org.uk/concerns/

• Email: casework@ico.org.uk

• Telephone: +44 (0) 303 123 1113

Future changes to our privacy notice

We keep our privacy notice under regular review, and we will place any updates on this web site. The last update to this privacy policy was August 2024.