GDPR Compliance Statement for Heathrow Rides
Heathrow Rides is committed to protecting the privacy and personal data of our users. We comply with the General Data Protection Regulation (GDPR), which regulates the collection, use, and processing of the personal data of EU citizens.
- Lawful Basis for Data Processing
We collect and process personal data only when we have a lawful basis for doing so. This includes obtaining consent from users or when processing is necessary for the performance of a contract, compliance with legal obligations, or our legitimate interests.
- User Rights
Under GDPR, users have the right to access, rectify, erase, or restrict the processing of their personal data. Users can also object to the processing of their data or request data portability. We provide users with these rights and ensure that they can exercise them easily.
- Data Protection Officer
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing GDPR compliance and ensuring the protection of personal data. Users can contact the DPO at heathrowrides@gmail.com with any questions or concerns.
- Data Breach Notification
In the event of a data breach, we will notify the appropriate supervisory authority within 72 hours and notify affected users without undue delay.
- Third-Party Data Processing
We only share personal data with third-party processors who comply with GDPR and who have provided sufficient guarantees of data protection.
- Data Retention
We retain personal data only for as long as necessary to provide our services and as required by law. We regularly review our data retention policies to ensure compliance with GDPR.
- Privacy Policy
Our privacy policy is available on our website and provides users with detailed information on how we collect, use, and protect their personal data.
If you have any questions or concerns about our GDPR compliance, please contact our Data Protection Officer at heathrowrides@gmail.com.