MOBILITY adopts the technical and organisational measures necessary to guarantee the security of personal data and to prevent the alteration, loss or unauthorised processing of or access to such data, taking into account the state of the art, the nature of the data and the risks to which the data are exposed. You may also confirm the presence of the SSL certificate by checking the Website’s properties in your browser. A connection will be secure when "https://" appears in the browser's address bar instead of "http://" and a padlock symbol is displayed. You can look up more features of the SSL certificate in the Legal Notice section.
The Data Protection Officer is a point of contact between you and the data controller; for any questions relating to the processing of personal data, you may if you wish contact him at: email@example.com
Personal data are considered to be data that identify persons or that may be used to identify them. Channels through which we can collect personal data:
Website.Sometimes personal data is obtained from the User when they visit our website. This website, in addition to using necessary cookies, will use its own and third-party analytical cookies to learn how our website is used; to evaluate and improve its operation; analyse traffic; personalise content and advertisements; or offer social media functions, only if the User configures it this way and depending on the selection the User makes (see our Cookies Policy).
Mobile APP. Through the APP we can receive the personal data provided directly by the User when downloading and using the APP to register and when using our service.
Upon registration, we can process the following data categories:
|Identification and contact data.||First name and surname, valid national ID or identification document, user ID, driving licence, address, country of residence, telephone number, email, IP address OR ID.|
|Data relating to personal characteristics:||Age and gender|
If to register for our service and to use it, you use the authentication services of a third party based on federated identity, such as those provided by some social networks, we will receive personal data from this third party if you authorize it to share data with us.
The SDK IDs that are currently implemented are ID Salesforce, Appsflyer, Firebase and to provide determined features to the App.
When using the service, we may process the following data categories:
|Special data||In the case of accidents or claims, and for the management of these, some health data could be collected, included in the medical reports.|
|Financial data associated to the service||Billing information, type of credit/debit card, expiration date and only certain card numbers.|
|Data related to the service provided||Number of trips, vehicle, minutes of use, date and time of start and end of each service per journey, billing information or traffic fines, if applicable.|
|Geographical data||City, GPS location, place of start and end of the service provided|
Social networking sites. Data from the User could be obtained indirectly when they subscribe to any of the MOBILITY profiles on the different social networks or interacts with us through them, either with comments, opinions or by sharing the content published in each profile. In social networks, we act as the data controller responsible for what we publish, always processing such data in accordance with the conditions established in each one of the social networks.
Other channels. Users may also receive personal data when they contact the User Service Centre (USC) or the Customer Service Centre (CSC), either by email or by phone, when they request information from us, send requests or complaints, report incidents, etc.
In any event, Users are solely responsible for the veracity and lawfulness of the personal data provided.
|PURPOSES||BASIS FOR LEGITIMATION|
In general, the data will be kept i) for as long as is necessary for the purpose for which the data were collected and ii) during the applicable limitation periods, if liabilities might be incurred as the result of the processing.
Depending on the activity performed by MOBILITY, the following data transfers are provided for, whenever necessary:
To Bodies of the Public Administration with competence in matters of communications and the provision of information services, Bodies with competence in tax matters, Bodies with competence in consumer matters to deal with possible claims from users and Bodies with competence in matters of traffic, mobility and road traffic, such as the corresponding Provincial Traffic Headquarters, or the City Council, in order to identify the driver in case of a violation.
To other public administrations and/or competent authorities, such as State Law Enforcement Agencies if this is required or necessary and/or is called for by the applicable regulations.
To financial institutions and payment gateways, for the management of collections and payments.
To insurance companies and insurance and reinsurance brokers, for the handling of claims and/or accidents including the processing of special personal data.
We may communicate personal information to different service providers, who are in some cases hired to perform services on our behalf. In these cases, the corresponding data processor agreements are signed whenever necessary, as established by the regulations on matters relating to data protection.
Likewise, MOBILITY would inform you that some of these service providers, third parties or Group companies may be located in territories outside the European Economic Area that do not provide a level of data protection comparable to that of the European Union. In such cases we transfer Users’ data with appropriate safeguards, maintaining at all times the security of such data; these may include via the formulation of Standard Contractual Clauses approved by the Commission, the content of which may be examined by clicking on the following link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_es.
Based on the standard contractual clauses and with an adequate level of data protection according to the European Commission, an international transfer is made to Appsflyer in Israel.
Data subjects may exercise their rights of access, rectification, erasure, portability and restriction or objection by writing to the Data Protection Department of ACCIONA MOBILITY, S.A. at Avenida de Europa18, 28108 de Alcobendas (Madrid), or by sending an email to the following email address: firstname.lastname@example.org. When necessary, to be able to identify you, we may request that you provide a copy of your national ID or other identification document.
Likewise, you may at any time withdraw the consent given by writing to the address indicated above, and by complaining to the Supervisory Authority (Spanish Data Protection Agency www.aepd.es ).
In addition, specifically for commercial communications sent by MOBILITY, you can configure the consents given, where appropriate, or unsubscribe from them, by accessing your user profile on the APP, in the "My Data" section. Here you can configure your choice, if you accepted at any time, the sending of these types of communications.
You can also unsubscribe from these communications through the opt-out system included in each of the communication of this type that you receive (for example, a link in which you can unsubscribe).
Observation: During periods of an exceptional nature such as States of Alarm or Emergency, which imply periods of confinement, or other external disturbances such as natural disasters, extreme weather conditions or wars, rights which are exercised by ordinary mail rather than through the email account will have a longer response time than usual, with response times being re-established once the recommended confinement period has been lifted.
We have provided you below with a series of links where you can obtain additional information that might be of use to you in relation to any other processing of personal data,
Last updated on 2 February 2021