डेयट्रिप: ड्राइवर गोपनीयता नीति

for business partners of Daytrip Global (not applicable if you contract only with Daytrip U.S.)

Please refer to the information below on how we handle your personal data if you are interested in cooperation with Daytrip Global:

(1) Who shall handle your data:

The company DAYTRIP EUROPE Ltd, 41 Devonshire Street, London, United Kingdom, W1G 7AJ, operating in and from Czechia through its registered branch DAYTRIP EUROPE Ltd - odštěpný závod, Id. No. 06160531, Běhounská 5/18, Brno-město, 602 00 Brno is a data controller, because it decides on why and how your data is processed (Daytrip Global or we). Daytrip Global uses services of various suppliers who handle your data as data processors. Daytrip Global may release your data to public authorities or other third parties if there is such statutory obligation. Some data may be shared with Users, Passengers and Daytrip Partners.

(2) What data we handle, to what purpose and based on what ground:

1. When we start talking about your cooperation with us, we process your data which you gave us (usually your CV) and data which you published (such as your LinkedIn or Facebook profile). Such processing qualifies as steps prior to entering into a contract and it is our legitimate interest.
2. We comply with the statutory obligations related to our cooperation. We process the data as it is required by law. In particular, such data includes identification data, data on your remuneration and other data on our mutual relationship. We are explicitly bound by law to notify the tax authority on our cooperation and your identification data provided for such cooperation.
3. We process your data in a way so that we can fulfill the contracts concluded between us. In doing so, for example, we process your name, photo, contact details and availability (Service information). Service information is handed also to the Passengers. This is, alongside with the fulfillment of the contract, also our legitimate interest - we need this for our business development and contract procurement.
4. To be able to evaluate our mutual cooperation, we process your identification details and details about the cooperation and about your Transport Services. Such processing is our legitimate interest - needed for effective management and development of our Booking Services.
5. To protect our rights. Such processing is our legitimate interest.

(3) What is the period for which we will process your data:

For the period of 5 years from the termination of our cooperation, unless the law prescribes a longer period or we agree otherwise.

(4) Where will your data be processed:

§ § Some of the processors may process your data in another state both within or outside the EU. If transferred outside the EU, your data will be transferred under the standard contractual clauses - more detailed information is available on the European Commission's website.

(5) Your rights:

The data protection laws grant a variety of rights in the field of data protection to you. To the extent provided for under the applicable data protection laws - in particular the GDPR - you have the following rights:

• You may ask for access to your data processed from us (it means that you may ask what data we process and how we process them).
• You may ask for a restriction of the processing of your data (it means that we do not delete thedata right now, but we will not work with it), if the applicable legal conditions are met.
• You may request deletion of your data if the applicable legal conditions are met.
• You may object to the processing (if you object to processing for which we rely on legitimate interest, we will restrict such processing, unless we prove serious and qualified legitimateinterest for the processing).

Please contact us to exercise any of the above-mentioned rights. If you believe that we are infringing legal regulations by processing your personal data, you have the right to lodge a complaint with a national supervisory authority (For Czechia the Czech Data Protection Office – www.uouu.cz)

You may contact us at: daytrip@daytrip.com

DRIVER’S RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT

(applicable only to the extent you contract with Daytrip U.S.)

Driver may request the following information about how Daytrip U.S. has collected and used Driver’s Personal Information. For the purpose of this section, “Personal Information” and “Sensitive Personal Information” shall have the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) (it does not include information exempted from the scope of the CCPA):

• The categories of Personal Information that Daytrip U.S. has collected.
• The categories of sources from which Daytrip U.S. collected Personal Information.
• The business or commercial purpose for collecting and/or selling PersonalInformation.
• The categories of third parties with whom Daytrip U.S. shares PersonalInformation.
• The specific pieces of personal information Daytrip U.S. has collected.
• Whether Daytrip U.S. has disclosed the Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
• Whether Daytrip U.S. sold the Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
• Access. Drivers may request a copy of the Personal Information that Daytrip U.S. has collected about them during the past 12 months.
• Deletion. Drivers may ask Daytrip U.S. to delete the Personal Information that Daytrip U.S. has collected from them.
• Nondiscrimination. Drivers are entitled to exercise the rights described above free from discrimination. This means that Daytrip U.S. will not penalize them for exercising their rights by taking actions such as denying them services; increasing the price/rate of services; decreasing service quality; suggesting that Daytrip U.S. may penalize them as described above for exercising their rights or retaliating against an employee, applicant for employment, or independent contractor for exercising their rights.

Categories of information that Daytrip U.S. collects, as defined in the CCPA:

• Personal identifiers, such as your name, address, email address, phone number, date of birth, government identification number (such as social security number), driver’s license information, vehicle information, and car insurance information;
• Financial information, such as bank routing numbers, tax information, and any other payment information you provide;
• Commercial information, such as Driver’s trips and order history;
• Geolocation data, including precise geolocation data;
• Biometric information, such as photos used for Driver identity verification;
• Characteristics of protected classes, such as age and gender;
• Internet or network activity information, such as Driver’s IP address, type of browser, version of operating system, carrier and/or manufacturer, device identifiers, and mobile advertising identifiers;
• Inferences drawn from the personal information listed above, such as user interests and preferences.

Purpose in collecting personal information:

• Provide services and products and customer support;
• Provided for the functionality of our Booking Services and Transport Services;
• Resolve disputes, collect fees, and troubleshoot problems;
• Prevent potentially prohibited or illegal activities and enforce Daytrip Terms;
• Customize, measure, and improve our services and the Sites’ content and layout;
• Identify and invite potential new members;
• To maintain and administer your Profile, establish your identity and perform other business activities as needed or described elsewhere in this Cooperation Agreement; and
• Analyze behavior within our platform to develop and improve our products and services
• Monitor the ways in which our platform is used, applying security and monitoring criteria to maintain the safe use and correct functioning of our services

The chart below describes the categories of Personal Information and Sensitive Personal Information Daytrip U.S. collects by reference to the categories specified by the CCPA (California Civil Code § 1798.140(v)).

1. Statutory category: Identifiers (general)

PI and SPI we collect:

• name, address, email address, phone number, date of birth, government identification number (social security number), driver’s license information, vehicle information, and car insurance information

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Users
• Service Providers
• Legal Authorities

2. Statutory category: Financial Information

PI and SPI we collect:

• bank routing numbers, tax information

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Research & development
• Compliance & Protection
• Payments to Driver

Parties to whom we disclose PI and SPI for a business purpose:

• Service Providers
• Legal Authorities

3. Statutory category: Commercial Information

PI and SPI we collect:

• Driver’s trips and order history

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Service Providers
• Public
• Legal Authorities

4. Statutory category: Internet or network activity information

PI and SPI we collect:

• Driver’s IP address, type of browser, version of operating system, carrier and/or manufacturer, device identifiers

Sources of the PI and SPI:

• You
• Automatic collection

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Site operation
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Service Providers

5. Statutory category: Biometric Information

PI and SPI we collect:

• Driver’s photo

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Site operation
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Users
• Service Providers

6. Statutory category: Characteristics of Protected classes

PI and SPI we collect:

• Age and Gender

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Users
• Service Providers
• Legal Authorities

7. Statutory category: Inferences

PI and SPI we collect:

• Driver preferences derived from any of the information listed above that we collect from Drivers

Sources of the PI and SPI:

• Us

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Site Operation
• Research & development
• Compliance & Protection

Parties to whom we disclose PI and SPI for a business purpose:

• Service Providers

8. Statutory category: Sensitive personal information

PI and SPI we collect:

• Profile’s log-in
• Financial information
• Biometric information

Sources of the PI and SPI:

• You

Business/commercial purpose for PI and SPI collection:

• Service delivery
• Site Operation

Parties to whom we disclose PI and SPI for a business purpose:

• Users
• Service delivery

Parties to whom Daytrip U.S. discloses Personal Information:

• Users. Daytrip U.S. shares Personal Information with Users as part of the Transport Services for the User to identify the Driver and for security purposes.
• Service Providers. Daytrip U.S.’s trusted third-party service providers carry out activities at Daytrip U.S.’s direction, such as website hosting, data analysis, payment processing, orderfulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
• Public Audience. When Driver posts information and materials on message boards, chat, profile pages, blogs and other services on which Driver is able to post. Please note that any information Driver posts or discloses through these services will become public information.
• Legal Authorities. Daytrip U.S. may share Personal Information to cooperate with public and government authorities, including law enforcement, and to protect and defend Daytrip U.S.’s legal rights and those of others.

How to correct Personal Information provided to Daytrip U.S.?

Drivers may correct incomplete, inaccurate or outdated Personal Information through their login on their Profile. A request in this regard can also be submitted directly to Daytrip U.S., at daytrip@daytrip.com. How to request a limit on the use of Driver’s Sensitive Personal Information? You may request at any time that Daytrip U.S. limit the use of your Sensitive Personal Information to only that use which is necessary to provide services, through a request made to Daytrip U.S., at daytrip@daytrip.com.

How to request the deletion of Driver’s Personal Information?

If Daytrip U.S. has the Driver’s Personal Information, Driver may request the deletion of that Personal Information through a request made to Daytrip U.S., at daytrip@daytrip.com. However, Daytrip may retain a copy of Personal Information in order to comply with law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce Daytrip’s Privacy Policy or Terms of Use, and take other actions otherwise permitted by law.

Daytrip does not sell Drivers’ Personal Information.

Based on Daytrip’s current understanding of the CCPA, Daytrip does not “sell” personal information as defined in the CCPA.