OTS Taxi Logo
Hello!

Login into your account to manage your airport transfers.

Login to your account Register account

Data Processing Agreement

This Data Processing Agreement (DPA) is an integral part of the Terms of Use between OTS Taxi ("Data Controller") and its users ("Data Subjects"). This DPA ensures compliance with data protection laws, including the General Data Protection Regulation (GDPR).

This Data Processing Agreement (“DPA”) constitutes a legal agreement between you or your organisation (“Customer”) and OTS Taxi Limited known as OTS Taxi (“OTS Taxi”, “We”, “Us” and “Our”) with respect to the terms governing the Processing of Personal Data under the OTS Taxi User contract (the “Agreement”). This DPA is an addition to the User Agreement and is effective from midnight at the start of 30/07/2024 (the “Variation Date”)

Any terms not explicitly defined in this DPA have the meaning set forth in the Agreement, unless otherwise stated.

  1. Definitions

“Data Protection Law” means GDPR unless and until GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK; and (iii) any successor legislation to the GDPR. The terms "Data Controller", "Data Processor", “Data Subject”, "Personal Data", "Process" and "Processing" have the meanings set out in the Data Protection Law.

“GDPR” means the General Data Protection Regulation (EU) 2016/679a.

  1. Details of Processing

2.1 Roles of the Parties.

Each Party shall comply with applicable requirements of the Data Protection Law. This paragraph is in addition to and does not replace a Party's obligations under the Data Protection Law.

The Parties acknowledge and agree that with regard to the Processing of Personal Data, the Customer is the Data Controller, OTS Taxi is the Data Processor and that OTS Taxi will engage sub-processors pursuant to the requirements set forth in section 4.6 below. Where OTS Taxi Content forms part of the services, OTS Taxi will be joint Data Controller with the Customer in order for Us to determine training outcomes and retain records of OTS Taxi certifications. OTS Taxi analyse learning content and system usage, and further Process the Personal Data of Authorised Users in order to improve OTS Taxi products are services and respond to evaluation comments and support queries.

2.2 The purpose of Processing by OTS Taxi, the duration of the Processing and the types of Personal Data and categories of Data Subject are set out below:

Purpose of Processing.

Personal Data will be Processed for purposes of providing the Services set out and otherwise agreed upon in the Agreement. Typically, this will be the provision of account and user services to the Customer offered by OTS Taxi to search, contact, review, comment about businesses and interact to get quotations, save by purchasing through offers, deals of local and national business providers from all sectors.

Categories of Data Subjects.

Authorised Users of the Customer (employees, customers, partners or any other authorised user as defined by the Customer).

Types of Personal Data.

Contact information, ultimately determined by the Customer at its discretion. Common information includes name, email, company, job title, application usage information, or any other electronic data received during the usage of the services.

Duration of Processing.

Personal Data will be processed for the duration stipulated within the Agreement. Where Services include OTS Taxi Content OTS Taxi will retain relevant Personal Data beyond the termination of the Agreement ad infinitum, under Our commitment to provide public a view of the information made available to make analysis to keep providing the services and make amendments to develop the service, i.e. best reviewed businesses, photos of customer experiences for the service they received, customer testimonials etc. This is in line with OTS Taxi best practice and Guidance on Managing User Records.

  1. Customer Obligations

3.1 Customer Personal Data.

The Customer’s instructions to OTS Taxi for Processing any Personal Data shall comply with the Data Protection Law. The Customer will ensure that any Personal Data provided by Customer or Customer’s Authorised Users to OTS Taxi will not violate the Data Protection Law. If the Customer finds out it is carrying out activities contrary to the Data Protection Law, it will immediately notify OTS Taxi.

  1. OTS Taxi’s Obligations

4.1 Instructions.

Where the Customer is sole Data Controller, OTS Taxi is instructed to Process Personal Data only for the purposes of providing the data Processing services set out within the scope of the Agreement. OTS Taxi will only process Personal Data on the written instructions of the Customer. If OTS Taxi is required by any applicable laws to process Personal Data it shall, to the extent legally permitted, notify the Customer before doing so. This is not applicable to public content on the basis of providing public information about services and products that is for information purposes.

If OTS Taxi considers an instruction from the Customer to be in violation of the Data Protection Law, OTS Taxi shall immediately inform the Customer about this.

4.2 Confidentiality.

OTS Taxi shall keep Personal Data confidential and will ensure that persons authorised to process the Personal Data have completed relevant training, committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

4.3 Security.

OTS Taxi will maintain appropriate organisational and technical security measures to prevent the Personal Data being accidentally lost, destroyed or damaged, processed unlawfully or on an unauthorised basis , appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected.

OTS Taxi will be responsible for the sufficiency of the security, privacy, and confidentiality safeguards of all OTS Taxi personnel with respect to Customer Personal Data.

4.4 Data Breach.

OTS Taxi will without undue delay of a Personal Data breach (which has the meaning given to it in the Data Protection Law) notify the Customer about any suspicion or finding of breach of security that results in accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed by the Processor under the Agreement.

4.5 Data Subject Requests.

OTS Taxi will provide reasonable assistance, including by appropriate technical and organizational measures and considering the nature of the Processing, to enable Customer to respond to any request from a Data Subject. If such request is made directly to OTS Taxi, we will promptly inform Customer and will advise the Data Subject to submit their request to the Customer.

4.6 Sub-processors.

OTS Taxi shall be entitled to engage sub-processors to fulfil its obligations in the Agreement only with the Customer’s written consent. For these purposes, the Customer consents to the engagement as sub-processors of OTS Taxi’s affiliated companies and the third parties listed in Exhibit A. For the avoidance of doubt, the above authorisation constitutes the Customer’s prior written consent to the sub-processing by OTS Taxi for purposes of the Data Protection Law.

Where We engage sub-processors, the sub-processing shall be carried out in accordance with the Data Protection Law and with at least the same level of protection for the Processing of Personal Data as the OTS Taxi under this DPA.

  1. Transfer

OTS Taxi shall not transfer Personal Data outside of the European Economic Area without the prior written consent of the Customer and OTS Taxi shall ensure that the transfer is made in accordance with the Data Protection Law and that the organisations to which the Personal Data is transferred ensure an adequate level of protection.

  1. Destruction of Personal Data

At the written direction of the Customer, where the Customer is sole Data Controller, OTS Taxi shall delete or return Personal Data to the Customer on termination of the Agreement unless OTS Taxi is required by law to store the Personal Data for public information/view.

  1. Audits

OTS Taxi shall maintain complete and accurate records and information to demonstrate its compliance with this DPA. Upon written consent and within a reasonable time period, in order to ensure OTS Taxi complies with this DPA, the Customer has the right from time-to-time to but not more than once in any year to: (i) request information from the OTS Taxi; and (ii) appoint an independent third-party consultant to conduct an onsite inspection.

In the event of the above OTS Taxi shall provide the Customer with all information necessary for such audit, provided such information is within OTS Taxi’s control and is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party.

Furthermore, the Customer agrees that any audit will not disrupt normal business operations and any individual – whether employed by the Customer or an independent third-party consultant – is of the required professional qualifications and bound by a duty of confidentiality.

  1. General Provisions

This DPA is an amendment to and forms part of the Agreement.

In case of any conflict, this DPA shall take precedence over the regulations of the Agreement. Where individual provisions of this DPA are invalid or unenforceable, the validity and enforceability of the other provisions of this DPA shall not be impacted.

Exhibit A

List of Sub-processors

  • Microsoft
  • Stripe
  • Worldpay
  • Amazon Web Services
  • Google
  • LinkedIn
  • Facebook
  • Twitter

If you require a signed copy of this agreement, please contact your Account Manager or email [email protected]