For transfers to and from
IMPORTANT INFORMATION GDPR –Update Data Protection Policy
On 25th May 2018 legislation relating to Data Protection is changing and although the changes do
not alter what we use your personal information for, it does make it easier for you to have more
control over how your data is handled, stored, and protected. Your Data is important to us and
the change in the law only builds on what we already do – keeping your information secure.
You have the right to request a copy of your information we hold.
Should you wish to do this, requests must be in writing to Philip Bradley who is the nominated
Data Controller as Proprietor of Phils-taxis-Bodmin
You do not need to take any further action – however you can review a full GDPR Policy
GDPR – Policy Statement
This policy covers personal and confidential information held by Philip Bradley
The Data collected
Including name, address, email, telephone numbers,
Bank card payments are processed securely by a Processor (Third Party) in line with Payment
Card Security as currently regulated. Copies of your card details are not collected, stored or
This may include details of services provided and type of payment made by you, for the purpose
of accounting and will held as required by currently UK Legislation to fulfil my duties particularly
in relation to supporting income and expenditure to HM Revenue & Customs.
Special Categories Data is NOT collected. This is specified as details about you, such as: your
race, ethnic background, religious or philosophical beliefs, sexual orientation, political opinion,
trade union memberships, health and genetic/biometric data, or details of criminal activities and
Where there is a need to collect personal data by law, under the terms of the contract we have
or are trying to enter into with you – and you fail to provide that information we will be unable to
perform that contract, i.e. to provide you with services.
How the Data is Collected
Different methods to collect information, but including primarily:-
Where you give us personal information by requesting booking for Taxi services, or by
corresponding with us via email or telephone. This information may be held on paper, computer
Third Party Information:
Financial, Identity and contact data may also be collected from publically available sources such
as Companies House, based within the EU.
CCTV imaging for security purposes is in operation within the Taxi and this is widely advertised in
being in operation. This is normally overwritten daily and only downloaded if Evidence is required
by an interested Authority such as the Police.
How your Data is Used
Your information is used primarily to provide you with services, and as part of our accounting
function. This recognises you as a customer, and allows us to perform a contract with you,
processing bookings, manage payments, collect monies owed. This is a lawful basis for
legitimate interest in running a business – to keep records updated, to provide security for our
driver and customers.
Disclosure of your Data
Third Party Payment Processors;
You (the Customer) consent to our transfer of your data via certified Payment Processors via PDQ
terminal processing upon production of Bank Payment Card. We do hold full details of this
transaction in line with Payment Security Standards
IT and Systems Administrations:
I may have to share your personal data with External Third Parties in exceptional instances such
as data recovery, where Systems Providers require a backup of data held, and Accounting
systems require a backup data file transmitted in order to rectify an IT problem. This is deemed
to be sharing of your data, but these Third Party Providers are not allowed to use this data for
their own commercial or personal use, and Security
Standards maintained by Third Party software providers are robust and can be relied upon for
security. Any such transfer is for a specified purpose and with our permission for each necessary
This data is solely transferred within the UK.
We may share your data when required to assist other professional Data Processors or joint
Controllers you may have authorised; to include but not limited to; lawyers, bankers, auditors,
insurers, bookkeepers and accountancy services based in the UK.
Regulatory Authority Processors:
HM Revenues & Customs, and other Regulators and Authorities who may require reporting to in
certain circumstances where we have a lawful duty to comply.
We DO NOT sell or issue your personal data to any third party solely for the purposes of
You have the right to implement a “data subject access request” - to receive a copy of the
personal data we hold.
You have the right to request “Erasure” of your personal data. You have the right to ask us to
remove the processing of your personal data – this is “successfully exercising your right to
objection of processing of Personal Data” However, we may not be able to erase your data for
specific legal requirements where historical information must be held in order to us to fulfil our
legal requirements. In such instances however we will notify you of such reasons if applicable.
All such requests must be made in writing to our nominated Data Controller.
The Data Controller is Mr Philip Bradley
Licenced to Operate Under North Cornwall District Council
Chy Trevail, Beacon Technology Park, Dunmere Road, Bodmin PL31 2FR