Basic information regarding Data Protection
Fostering Mobility S.L.
Data protection contact:
Paseo de la Habana 26, 1º-2, 28036 Madrid, email@example.com
- Managing the Application and providing the Meep Services.
- Providing customer services and technical support through the means established for this purpose.
- Sending information and news about the Meep Services.
- Improving the Services and preventing fraud and abuse.
Implementation of the contractual relationship, and fulfillment of legal obligations, legitimate interest, and consent
We will share your personal data with the providers and operators of the services offered in the Application, with payment providers and financial institutions where appropriate, and with those to whom we have a legal obligation. Data will also be shared with the competent authorities where appropriate.
You have the right to access, rectify, delete, oppose, and request restrictions or portability regarding your personal data. You also have the right not to be subject to automated individual decisions regarding your data, as explained in detail below.
Additional information on the Application can be found here:
- Conditions of Use
Fostering Mobility S.L. (hereinafter “Meep“) respects the privacy of the users of the “Meep” application (hereinafter, respectively, the “User” or “Users“, as applicable, and the “Application“) and is committed to protecting their personal data.
Likewise, with regard to the downloading and usage of the Application and the Services, the relevant Terms and Conditions shall apply.
1. DATA CONTROLLER
The organization responsible for the processing of Users’ personal data is Fostering Mobility S.L. with N.I.F. number B87971735, with its registered office at Paseo de la Habana 26, 1º-2, 28036 Madrid, Spain and e-mail address firstname.lastname@example.org
2. PERSONAL DATA CATEGORIES
Identification and contact details. In order to create an account on the Application, the User must provide his/her first and last name(s), date of birth, a valid email address, and a valid mobile phone number.
Meep Service provision data. Meep will have access to information relating to the booking or the purchase of Services from the Operator.
Payment method. The User can add a payment method in the Application itself, or choose a new payment method at the moment of contracting a particular Operator Service. When the User adds a credit card to their account, any sensitive information will be handled by the payment provider and is completely unrelated to Meep. In order to keep your financial data secure, Meep will only store an encrypted card identifier and some additional data such as the card expiry date or a card mask that will allow the User to identify the card in the Meep application.
Optional information. The User may voluntarily add information to complete their profile (e.g. including a picture as a profile image, as well as transport and contact preferences).
Location information. Subject to their prior consent, when the User uses the Application on their mobile device, Meep receives their location information. Meep may also collect the precise location of the User’s device when the Application is running in the foreground or background.
In addition to this, if the User authorizes Meep by means of their device or Application settings, Meep may also collect their location information while the Application is disabled in order to identify location-based suggestions for services at their current location.
The User can prevent their device from sharing their location at any time through their device’s operating system settings. However, the User’s location is essential to the Application, and without it, Meep cannot provide the User with their Meep Services.
Additional information and notifications. If the User contacts Meep directly, Meep may receive additional information about the User.
3. THE LEGAL BASIS FOR DATA PROCESSING AT MEEP
- Article 6 (1)(b) of the European Parliament and Council EU Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR“): in accordance with this provision, the processing of personal data is lawful if it is necessary in order to fulfill a contract you are party to, or in order to take the necessary steps in response to your application, prior to the completion of a contract (e.g. in connection with a booking or the purchase of an Operator Service).
- Article 6(1)(c) of the GDPR: according to this clause, the processing of data is lawful when Meep requires it to perform a legal obligation.
- Article 6 (1)(f) of the GDPR: according to this provision, the processing of personal data is lawful when it is necessary for the purposes of the legitimate interests of the controller, i.e. Meep, or a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subjects, i.e. the Users.
- In cases where the User’s consent is required for the processing of their personal data, according to the clause in Article 6(1)(a) of the GDPR, the processing of personal data is permitted when you have given your consent to it.
4. THE PURPOSES OF PROCESSING THE COLLECTED PERSONAL DATA
Meep uses the identification data (both contact and contractual data), payment method, location information, as well as any other voluntary information provided by the Users to provide the Meep Services through the Application and to enable the User to book and purchase the Services from the Operators via the Application.
Meep also uses the identification data, contact data, and contractual data for customer support services, and to provide technical support in the event of the User contacting Meep.
Meep may use the identification and contact data provided by the User to communicate with the User or to send text messages and push notifications with information about Meep Services.
Meep uses User data for the safety purposes of Meep, the Operators, and the User.
In addition, Meep may use automated systems to monitor communications for security purposes, fraud prevention, compliance with legal and regulatory requirements, investigations of potential abusive conduct, product development and improvement, research, customer engagement, including providing the User with the information and offers that Meep believes may be of interest to the User, as well as technical support.
5. HOW MEEP SHARES THE INFORMATION COLLECTED
In certain circumstances, Meep may share Users’ personal data with third parties.
Service Providers and Operators. At the time of booking or purchasing a Service from an Operator, Meep transfers the relevant details of the booking or purchase to the corresponding Operator for the purpose of validating that transaction and facilitating and managing the provision of the Operator’s Service, in accordance with the contracted terms and conditions. In addition, such information is shared with the Operator in order to calculate the payments due to Meep under the contractual relationship with the Operator and the issuance of invoices when requested by the User.
The information shared with the relevant Operator may include the User’s identification details, contact details, contractual information, payment method, and any voluntary information (e.g. preferences) specified by the User when booking or purchasing the Service from the corresponding Operator. If the User has a query about their booking, Meep may contact the Operator to process their request.
Payment providers and other financial institutions: When the User or the holder of the credit card used to make a booking requests a refund, Meep may need to share certain details of the booking with the relevant payment service provider and financial institution. This may also include a copy of the User’s booking or purchase confirmation. Meep may also share relevant information with financial institutions if deemed strictly necessary for fraud detection and prevention purposes.
Competent authorities: Meep will disclose personal data with law enforcement authorities to the extent required by law or as strictly necessary for the prevention, detection, or prosecution of criminal acts and fraud. Meep may need to disclose additional personal data to law enforcement authorities in order to protect and defend its rights or property.
6. OTHER CASES WHERE MEEP MAY SHARE INFORMATION
Meep may share User information with third parties in the following situations:
- When Meep is discussing a change of corporate control in Meep;
- If a government authority requests information and believes that disclosure is warranted in order to comply with applicable regulations;
- To comply with a legal requirement or process, including, but not limited to, civil and criminal injunctions, court orders or other mandatory disclosures.
- To provide information about the use of the Application to potential business partners on a general or anonymous basis, and in specific instances where the User has agreed to share their information.
7. THE DURATION OF THE DATA PROCESSING
In accordance with applicable laws, Meep will comply with its obligation to delete personal information when it is no longer required for the purpose or purposes for which it was collected. The information will not be used or accessed, but the company will retain it to address any potential liability that may arise from data processing during the required statutory periods. Once these periods have expired, the information will be permanently and securely deleted.
Where Meep is obliged by law to store personal data, this storage is carried out for the period of time required by law.
8. EXERCISING ACCESS, RECTIFICATION, CANCELLATION OR REFUSAL RIGHTS
Meep guarantees the right to exercise the following rights granted to data subjects in relation to data controllers by the Organic Law 3/2018, of 5 December, on Personal Data Protection and the Data Protection Regulation (EU) 2016/679 (hereinafter, the “GDPR“).
The right to information (Art. 15 GDPR)
The User has the right to obtain confirmation as to whether or not their personal data is being processed and if so, to request access to it. However, this is not an absolute right and the interests of other persons may restrict the User’s right of access. To obtain this confirmation, the User may send an email to email@example.com Meep will reply to such a request within 30 days.
The right of the amendment (Art. 16 GDPR)
If the User wishes to amend inaccurate personal data held by Meep, the User may send an email to firstname.lastname@example.org. Meep will respond to such a request within 30 days.
The right of cancellation and blocking (Art. 17 GDPR)
The User has the right to block and delete their personal data stored by Meep. As a general rule, your personal data will be deleted within a maximum of 30 working days after receiving the request and confirming your rights.
If the deletion contradicts legal, contractual, fiscal, or commercial storage obligations or other legal grounds, then the User’s data may only be blocked, and not deleted. Once the User’s data has been deleted, it will no longer be possible to provide the User with information.
Rights to data transfer (Art. 20 GDPR)
If the User requests the personal information that he or she has provided to Meep, Meep will transmit it to the User or to another entity without restrictions in a structured, current, and machine-readable format. The latter shall only be carried out if this is technically possible.
Right of objection
The User has the right to object at any time, and without giving any reasons, to the processing of data for the purposes of direct marketing. Furthermore, it should be noted that the implementation of the framework agreement; as well as the handling of individual contracts, may be restricted, or no longer possible, due to the objection to all data processing operations.
The right to lodge a complaint
The User also has the right to lodge a complaint with the competent supervisory authority, specifically, in the EU Member State of his or her habitual residence, or of the alleged breach of the GDPR.
9. SECURITY MEASURES
Meep has adopted the personal data protection security standards required by the applicable regulations, which include: (i) the GDPR; (ii) Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights; and any other legal provisions applicable to the processing of personal data, as well as any others that modify, replace, or develop the above.
Meep has also implemented other additional technical procedures, and put other measures in place, in order to prevent the alteration, loss, or unauthorized processing of, or access to, the personal data submitted. Meep is committed to protecting Users’ data, but cannot guarantee that your data will be 100% secure.
10. CHILD PRIVACY
The Application is not directed at children, and Meep does not knowingly collect personal data from children under the age of 14. If Meep discovers that a child under the age of 14 has provided Meep with personal information, Meep will take steps to delete that information. If the User believes that a child under the age of 14 has provided Meep with personal information, the User should contact Meep via the email address email@example.com.
11. CONTACT DETAILS