PRIVACY AND COOKIES POLICY
June 5, 2018 version
BluePointLondon Ltd (Company number: 08803842) ("we" / "our" / "us") is committed to protecting and respecting your privacy. "Source London" is a trading name of BluePointLondon Limited
For the purpose of the Data Protection Act 1998 ("DPA"), the data controller is BluePointLondon Ltd whose data protection registration number is ZA052445.
How We May Hold Your Information
We may collect and process the following information about you:
- Information you give us. You may give us information about you:
- by filling in forms on our Website or App. For instance, if you sign up as a member of the Source London Scheme, you will share your personal information with us, including your name, e-mail address, payment card details or other payment details (which you must provide in order to sign up as a member), vehicle registration number, your company name (if applicable), telephone numbers, address and any other details you may provide on your membership application form;
- if you contact or correspond with us, (for example, by email, phone), through our App, by text message or otherwise) and we may keep a record of that correspondence (either directly or through our service providers).
We do not seek to collect sensitive personal information from you
- Information we collect about you. Each time you use the Source London service, our Website or our App we may automatically collect the following information:
- when you use a charge point, we will keep a record of the details of that usage, including the date, time, location and duration of the usage and any other details of the services we may provide to you.
- any parking contraventions that you carry out when using the Source London service;
- any comments, opinions and feedback you provide to us regarding the Source London Scheme and your use of our services;
- technical information about your computer or mobile device for system administration and analysis, including your IP address, unique device identifiers, operating system, wireless network interface, device telephone number and network and browser type;
- details of your use of the App including, but not limited to, traffic data, location data, your frequency or duration of use; and
- information about your visit to our website and browsing activity, including the full URL information, products you viewed and length of visits to certain pages. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
- customer service call records, are used by BluePointLondon to manage its relationship with subscribers and users, to provide and improve the quality of the Source London service (including subscription, assistance, back-up, customisation of services, BluePointLondon’s call centre agent training, claims management, etc.) and to handle claims and litigation files.
- App permissions. In order to use some of the functions provided by the App, it may request access the following features of your mobile phone:
- Access to photos, content, multimedia, files, to allow the App to scan your subscriber and user documents (driver’s licence, passport…) and / or select them from your mobile phone's memory for the strict purpose of the use of the Service.
- Access to the list of contacts registered on your mobile phone to allow the App to retrieve the address of a contact in the list in order to locate it on the Service map, or to pre-fill the registration form to subscribe to the Service.
- App location. In order to use some of the functions provided by the App (such as locating a charge point) we use an application program interface which uses GPS, Wifi and mobile network information technology to determine your current location when using the App. When you first open the App, we will ask you for your consent to use your location data for this purpose. When you are not using the App we do not collect location data. You can withdraw your consent at any time by changing your location data settings in the App or on your mobile device, but this will affect your ability to use the Service.
- Information we receive from others. We work closely with third parties (including for example, business partners, other companies within our group, subcontractors in technical and payment services, analytics providers, search information providers, fraud prevention agencies) and may receive information about you from them.
We may also collect details relating to your vehicle from third parties, such as the DVLA, in order to check that the registered keeper details you have provided are correct.
How We Use Your Information
We may use the information we hold about you in the following ways:
- Information you give to us. We will use this information to:
- process your application to become a member of the Source London Scheme;
- carry out our obligations arising from any contracts entered into between you and us and to provide you with information, products and services you request from us;
- facilitate your ability to reserve and use charge points under the Source London Scheme;
- process payment of membership and other fees;
- send you our periodic newsletters and information about the Source London Scheme via email, text message or other electronic means (although you have the ability to opt out of receiving these types of communications by contacting us using the details provided below or clicking the relevant link in the communication itself);
- email or text message you for your feedback on our services and to help us evaluate and improve our services, for example by acting on any information you have provided to us;
- notify you about changes to our Website, App and/or services;
- deal with any enquiries, correspondence, concerns or complaints you have raised; or
- deal with any enquiries, correspondence, concerns or complaints from third parties involving you and any issues caused by your use of the Source London service (for example where you have improperly parked while using the Source London service).
- Information we collect about you. We will use this information:
- to administer and improve our Website and our App;
- for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- as part of our efforts to keep our Website and App safe and secure;
- to make suggestions and recommendations to you and other users of our Website and App about products or services that may interest you or them; or
- to compile reports (which do not personally identify you) of usage of the Source London service.
- Information we receive from other sources. We may combine this information with the information you give to us or we collect about you and use this information as specified above.
- Vehicle number plates. We will use (and disclose to other business partners) the number plates of the vehicles of our corporate or fleet customers (such as car clubs or companies whose employees have (through their employer being a corporate Source London member) the ability to use the Source London Charge Points) in order to provide our service to these customers (for instance to facilitate access to a car park within which a charge point is located).
We do not collect personally identifying information relating to drivers of the vehicles of our corporate and fleet customers, but we do monitor the usage of our charge points and service by the vehicles of these customers.
- Source London Badge. Where we issue you with a Source London membership card to facilitate your use of the service as a Source London member, this card is printed with your name and membership number, and should be kept safe. Please see the ‘Security of Information’ section below.
Disclosure of your Information
We may share your information with selected third parties in accordance with this policy, including:
- service providers, for example of IT services, or business partners, suppliers and/or sub-contractors, such as payment service providers, for the performance of any contract we enter into with you;
- government, parking enforcement authorities or other law enforcement agencies in connection with the investigation of unlawful activities, unauthorised parking by you or for other legal reasons; and
- companies within our group and other service providers in order to provide the Source London services to you and to verify your identity (for example, when you use the Source London service to reserve and/or use a charge point, we may need to share your personal information, such as your membership number, your Source London pin number and your vehicle registration number).
We may disclose your personal information to third parties:
- if we sell or buy any business assets or receive investment into our business, we may disclose your personal data to the prospective or actual buyer, seller or investee of such business or assets.
Except as explained above, we will not disclose your personal data to any third parties for any other purpose unless we have your consent or we otherwise legally have the right or obligation to do so (for example, in an emergency).
Sensitive Personal Data
We do not actively collect sensitive personal data from you, but you may, during your use of the Source London service, provide some personal data to us that may be classified as "sensitive" under the DPA. If you disclose sensitive personal information to us, we will use that information for the purpose(s) you provided this sensitive personal information to us.
We will only share your sensitive personal data with other third parties without your consent if we have a legal basis to do so.
International Data Transfers
Security of Information
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website and/or App, or a Source London membership card to access charge points, you are responsible for keeping this password membership card confidential. You must not share these with anyone, or store them in a way that may allow a third party to access them.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website or App and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features which are appropriate to the type of personal data you have provided to try to prevent unauthorised access or inadvertent disclosure.
Status of this Policy and Your Consent
Where consent is required for our use of your information, by submitting your information to us you consent to our use of that information as set out in this policy; and if you disclose someone else's information to us, you confirm that you have their consent to disclose this information to us and for us to use and disclose it in accordance with this policy.
If you provide us with your sensitive personal data you expressly consent to us using that data and disclosing it to our service providers for the purpose given. If you disclose someone else's sensitive personal data to us you confirm that you have their consent to disclose this information to us and for us to use and disclose it to the relevant service providers for the purpose given.
Retaining your information
Except for litigation or judicial requisition (with restricted access to the services concerned) and before archiving for compliance with legal and regulatory obligations of BluePointLondon, in particular for the duration of the prescription of actions that may arise from the use of the Source London service, most of the personal data collected are kept on an operational basis until 3 years after the end of subscriptions and up to 7 years in archiving with restricted access.
Data relating to simple prospects are kept for 1 year from the last contact, without subsequent archiving.
By exception, but still except for litigation or judicial requisition (with restricted access to the services concerned):
- recordings of subscription-related calls and emergency calls are kept for 90 days, without subsequent archiving,
- data relating to driving licence and identity documents are kept 1 year after the end of subscriptions,
- the registration data in payment incident are kept until regularization, without subsequent archiving,
- the contravention collection management data are kept for 1 year from receipt of the contravention notice and up to 18 months in archiving with restricted access,
- vehicle geolocation and telemetry data for 3 months and up to 5 years in archiving with restricted access.
In the event of litigation or judicial requisition, the retention periods are extended until the situation is cleared or the legal actions are prescribed, with restricted access only to BluePointLondon services that need to investigate and process the files concerned.
You have the following rights in regards to your personal information:
- Access. You have the right to access information about the personal data we hold about you.
Your right of access can be exercised in accordance with the DPA.
Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the personal data we hold about you and we will require you to prove your identity before we release any personal information to you (for example, by providing photographic identification).
In accordance with current European regulations (General Data Protection Regulation – GDPR), subscribers and users have the following rights:
- Right of access (article 15 GDPR) and rectification (article 16 R GDPR), updating, data completeness;
- Right to erase data (Article 17 GDPR) when they are inaccurate, incomplete, ambiguous, out of date, or whose collection, use, communication or storage is prohibited (learn more);
- Right to withdraw consent at any time (section 13(2)(c) GDPR);
- Right to limit the processing of data (Article 18 GDPR) (learn more);
- Right to object to the processing of data for legitimate reasons (Article 21 GDPR) (learn more);
- Right to the portability of data provided by subscribers and users, when such data have been subject to automated processing based on their consent or on a contract (Article 20 GDPR).
If you would like to exercise one of these rights, please contact us through your personal account on the Source London Website. You may email on firstname.lastname@example.org or alternatively write to us at BluePointLondon FAO Data Controller Officer, 5 Cavendish Square, London W1G 0PG.
You must indicate in your request which personal data you would like BluePointLondon to correct, update or delete. All applications must be accompanied by a copy of the applicant's identity document (valid identity card or passport).
Requests for deletion are however subject to the obligations imposed by law on BluePointLondon, in particular as regards the conservation or archiving of documents.
- Complaints. If for any reason you are not happy with the way that we have handled your personal information you have the right to make a complaint to the Information Commissioner’s Office.
- Marketing. As detailed above, you have the ability to opt out of receiving marketing communications from us and the other companies within our group by contacting us using the details provided below or clicking the relevant link in the communication itself.
The Website and App may, from time to time, contain links to external websites. If you follow a link to any external websites, please note that these websites have their own privacy policies and website terms and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to any external websites.
Keeping Us Updated / Contact
Cookies are small data files that we store on your browser of your computer or mobile device and are applied by the majority of websites you visit. Cookies contain information that is transferred to the hard drive of your computer or mobile device.
We use the following cookies on the Website and the App:
- Google Analytics cookies. These cookies collect standard internet log information and details of visitor behaviour patterns to enable us to maintain and develop the Website and App. The data gathered is anonymous and does not identify individual users.
- Strictly necessary cookies. These cookies are required for the operation of the Website and/or App, and in particular its registration / login apparatus, operate effectively. These cookies are essential in order to enable you to sign-in to your account. These cookies do not remember where you have been on the internet. These cookies cannot be disabled.
Functionality cookies. These are used to recognise you when you return to our Website or App.
This enables us to personalise our content for you, greet you and remember your preferences.
Below is a list of the all the cookies we have set and our reasons for doing so:
This cookie holds the session ID and expires after 4 days. This allows us to know that the user has logged in. It contains a session ID which is not shared with anybody.
This cookie holds a security related identifier, which allows us to verify that actions performed on the website originated from one of our pages and not from a malicious third party website (protection against Cross-Site Resource Forgery attacks). This cookie is kept for 1 year, and hold a cryptographically signed security token.
Cookie Consent and Managing Cookies
By using the Website or the App you accept our use of these cookies.
You may control and block the cookies used by websites by modifying the settings in your browser or on your device. However, if you use your browser or device settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Website or App.
To access the Google Analytics opt out browser, please visit https://tools.google.com/dlpage/gaoptout. By choosing this option, you will block Google Analytics across all websites.
For more detailed information about cookies and how they can be managed and deleted please visit www.allaboutcookies.org.