NETHERLANDS – AUSTRIA – SPAIN PRIVACY POLICY

Last Update: 18.07.2024

 

PRIVACY STATEMENT

• About us

We are GO Sharing (hereinafter: ‘Go Sharing’, ‘we’ or ‘our’). GO Sharing offers shared (electric) mobility as a new, flexible form of transportation. Our vision is to contribute to a green planet with mobility owned by everyone, shared by everyone. Through our shared (electric) vehicles, we connect cities in a fun and sustainable way for everyone. By sharing, we all contribute to a greener planet.

 

We offer our services via our application (the ‘App’). You can find more information about our services on our website, go-sharing.com (the ‘Website’). Our services, App and Website will collectively be referred to as the Services.

 

In this Privacy Statement we explain which personal data we may process when you make use of our Services. We also explain for which purposes we may use the personal data, and how we store them. This Privacy Statement applies to the Services provided by GO Sharing B.V., GO Sharing Austria GmbH and GO Sharing Spain S.L.

• Privacy and the Privacy Regulation

Go Sharing is committed to respecting your privacy and protecting your personal data. We process your personal data in accordance with the General Data Protection Regulation (GDPR) and other relevant legislation on the protection of personal data (collectively referred to as ‘Privacy Regulation’). We determine the purposes and means of the processing activities described in this Privacy Statement. This means we act as Controller within the meaning of the Privacy Regulation.

• How We Use Your Personal Data?

Below is an overview of the personal data we may collect from you when you use our Services, including for which purposes we may use the data, and the legal basis thereof. We may also use cookies on our Website. Further information on this can be found in the Cookie section below..

When you use our App:

PERSONAL DATA	PURPOSE(S)	LEGAL GROUND(S)
Registration via phone number:Phone number, first and last name, email address (City, Street, Number and Postal Code) Registration via social account:  Data from your Apple, Google or Facebook account (i.e. name, age, email address and profile picture) and the eventual other Personal Data you provide us Access to.	We use these data to: register you as a user of the App; create an account for you within the App; improve the usability of our Services; send you notifications;  and (re)target you on social media for marketing and advertising purposes.	We may process these data because this is necessary to perform our contract with you, i.e. to provide you the Services available through our App. We may process the additional Personal Data that you have provided through your social account based on your  consent.In most cases, this consent can be withdrawn in the settings of your social account. We may only send you notifications on your device, if you gave us your permission to do so. You can always withdraw your consent within the App and within the settings of your device.
Driving License Verification:A photo of yourself and a photo of the front and back of your driving license (including photo, name, date of birth and dates of issue & valid until)	We use these data to:verify your driving license and thus your permission to drive.	We may process these data, because this is necessary to perform our contract with you, i.e. to verify whether you are suited to use our vehicles as part of the Services.
Location: Location of the device you use for the use of our Services.	We use these data to: see where you are currently located and show you available vehicles nearby; and ensure that you can reserve and (un)lock a vehicle if you are close to the vehicle.	We may process your location data because this is necessary to perform our contract with you, i.e. to enable you to reserve and (un)lock one of our vehicles.
Details of your rides:Vehicle license plate, pick-up and drop-off location of the vehicle, route, distance, time, duration and price of the ride.	We use these data to: give you an overview of your rides; give you an overview of the price of the ride and invoice you accordingly; match (received) fines at GO Sharing with the relevant user (see more information below); finetune our value proposition and our Services to your needs; locate our vehicle at the pick-up and drop-off location and track the location of our vehicle during the ride.	We may process these data, because this is necessary to perform our contract with you, i.e. to show you your previous rides incl. the costs thereof.As for the received fines, we may process these data to perform our contract with you, i.e. to forward the received fines to the relevant user (see more information below). Moreover, we also have a legitimate interest to process such information to ensure that the fine is matched with the right user. As for the location of the vehicle, we have a legitimate interest to process such information to protect our properties (e.g. against loss or theft).
Payment information:Payment method (credit card, Sofort or iDeal) and payment details (i.e. account number, account holder, payment amount, time of transactions, applicable taxes etc).	We use these data to: send you invoices; process and administer payments; include in our (financial) administration to comply with Tax and Customs Administration regulations; and to charge (traffic)fines (the Fine) and penalties on the basis of the Terms of GO Sharing (the Penalty).	We may process these data, because this is necessary to perform our contract with you..We are also legally obligated to process and/or share (some of) these data for/with the national tax authorities.

When you contact us, or we contact you:

PERSONAL DATA	PURPOSE(S)	LEGAL GROUND(S)
If you contact us:Your name, email address and/or telephone number (depending on how you contact us), and the content of the correspondence between you and GO Sharing.	We use these data to: answer your questions and/or handle complaints. support you in using our Services; and improve our Services as a result of questions and feedback received from users.	We may process these data, because we have a legitimate interest to contact and assist you based on your comment or question and to improve our Services as a result of the questions and feedback we receive.
If we contact you regarding a Fine and/or Penalty:Your name, contact information (email address, phone number and/or address) and rides during the time frame of the Fine/Penalty. Please note: Fines are sent to the owner of the vehicle, i.e. GO Sharing. We will forward this fine to the user that was driving the vehicle at the timestamp of the fine.	We use these data to: match the received Fine/Penalty with the user of the vehicle; contact the relevant user to announce the Fine/Penalty; and forward/send the Fine/Penalty to the relevant user.	We may process these data, because we need these Personal Data to perform our contract with you, i.e. to forward (and collect) received Fines and Penalties to the users that have caused such Fine/Penalty.We may process these data, because we have a legitimate interest to contact you.
Newsletters: Email address and name.	We use these data to:  send you service notifications about the Services you are using.	We may send you newsletters, if you gave us your consent.If you are a user of our Services, we may send you newsletters based on our legitimate interest to inform you about similar Services. It is always possible to unsubscribe from our newsletter via the link at the bottom of each newsletter.
Service notifications:Email address and name.	We use these data to:  send you service notifications about the Services you are using.	We may send you service notifications, because we have a legitimate interest to inform you about service updates that are relevant for your use of the Services.
Via our social media pages:Information you make public, when you leave a comment or otherwise post something on our social media channels.	We use these data to: contact you via our social media channels; and process your feedback left on our social media channels.	We may process these Personal Data, because we have a legitimate interest to process these data. Our social media pages are also controlled by the social medium itself. Please check their own privacy policies, to see how they handle Personal Data:Facebook: Privacy Policy Instagram: Privacy Policy LinkedIn: Privacy Policy Twitter: Privacy Policy
Procurement and potential procurement matters (Business contacts):  Name, email address and phone number.	We use these data to:  establish and maintain vendor relationship with you or the organization you represent; and  manage the handling and invoicing of orders.	We may process these data, because this is necessary to perform our contract with you or the organization you represent.  Moreover, we also have a legitimate interest to process such data to maintain our business relationship with you or the organization you represent.

• Cookies 

• What are Cookies

A cookie is a small text file that is saved on your computer or mobile device via your browser when you visit a site. 

• What are the Types of Cookies?

In Terms of the Domain Placing the Cookie:

First-Party Cookies: It refers to the cookies created and placed on our website by ourselves and which are under our control. 

Third-Party Cookies: Cookies created and managed by third-party companies we cooperate with are called third-party cookies. If a user visits a website and another entity sets a cookie through that website, this would be a third-party cookie. 

In Terms of Storage Period:

Session Cookies: These cookies allow website operators to link the actions of a user during a browser session. Session cookies are only available when your browser is open and is deleted when your browser is closed.

Persistent Cookies: These are the types of cookies that are permanent until a certain expiration date after your browser is closed. These can be used by websites to recognize your computer when you open your browser and browse the internet again. They are activated each time that the user visits the website the created that cookie. 

In Terms of Intended Use:

Necessary Cookies: These types of cookies are necessary to ensure effective functioning of websites, to provide various services for you through websites, and to perform certain functions such as accessing secure areas. Without these cookies, it is not possible for us to provide necessary services such as providing a secure connection.

Functionality Cookies: These cookies help enhance a website’s performance and functionality. They aim to provide an enhanced and personalized experience by saving your preferences, such as language settings on the website.

Analytics Cookies: They are used by web analytics tools to collect statistical information such as time spent on the website, pages used, click information, time spent on a page, in order to analyze the use of websites and to perform more effective marketing activities.

Marketing/Targeting Cookies: These cookies collect information about you, your interests and your browsing habits. It ensures the implementation of functions such as preventing the repetition of the same advertisements, displaying advertisements properly, and in some cases displaying advertisements according to your interests.

• When Do We Require Your Consent? 

We request your consent before placing any non-necessary cookies on your device. You can give separate consent to each category of cookies by clicking on the appropriate button on the banner displayed to you. 

Go Sharing uses Necessary, Functionality, Analytical, and Marketing cookies. 

• List of Cookies Used On Our Website

Necessary

Provider	Type	Cookie name	Purpose	Expiration
.youtube.com	Third-party	VISITOR_PRIVACY_METADATA	This cookie is used to store the user’s consent and privacy choices for their interaction with the site. It records data on the visitor’s consent regarding various privacy policies and settings, ensuring that their preferences are honored in future sessions.	6 months

Functionality

Provider	Type	Cookie name	Purpose	Expiration
.go-sharing.com	First-party	_icl_visitor_lang_js	This cookie is used to store the language preference of a user to provide content in that stored language the next time user visit the website.	1 day
.go-sharing.com	First-party	wpml_browser_redirect_test	This cookie is used to test if cookies are enabled in the browser to provide appropriate user experience to the users.	Session

Analytical

Provider	Type	Cookie name	Purpose	Expiration
Google	Third-party	_ga_D36KCTJLGK	This cookie is used by Google Analytics to persist session state.	1 year 1 month
Google	Third-party	ga	This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.	1 year 1 month

Marketing 

Provider	Type	Cookie name	Purpose	Expiration
.youtube.com	Third-party	YSC	This cookie is set by YouTube to track views of embedded videos.	Session
.youtube.com	Third-party	VISITOR_INFO1_LIVE	This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites;it can also determine whether the website visitor is using the new or old version of the Youtube interface.	6 months

 

• Cookie Management

You can select your cookie preferences by clicking on the appropriate button on the cookie banner on when you first access to the website. Moreover, you can always update your cookie preferences at any time via the following link. via the settings in your browser or smartphone. 

You can set your browser to disable cookies. Most browsers offer different methods to protect your privacy. For example, you can allow first-party cookies and block third-party cookies.

Options for managing cookies in your browser can usually be found in the help function of the browser or in the settings of your smartphone. 

 

• Do We Disclose Your Personal Data to Others?

Processors: We use Processors to assist us with our Services. These processors receive personal data from us and process it according to our instructions.

We use processors for various tasks, including verifying driving licences, hosting data, sending push notifications, supporting customer service, sending (automatic) emails and online forms, and providing analytics on our Services.

Our use of Processors is always in accordance with the Privacy Regulations. We have established contractual agreements with all our Processors in data processing agreements in which – in line with this Privacy Policy – it is defined what these Processors may do with your Personal Data, how they must secure it and when it must be deleted. These Processors may only use the data received from us within the scope of our instructions and under no circumstances for other purposes.

External controllers: Your payments will be processed via the third-party payment service provider Sofort (provided by Adyen) and respectively the terms and conditions of those services will apply to the payments you make using them. Any Personal Data you provide to this payment service provider will be processed by the payment service provider (as a Controller) in accordance with its own privacy policy.

We are legally obliged to include (some of) the Personal Data in our financial administration, which has to be shared with the national tax authority. The tax authority will process these Personal Data as a Controller in accordance with its own privacy policy.

We may share your personal data with our affiliates for internal management, development, security, and compliance purposes. 

Apart from the above, we will not share your Personal Data with third parties, unless 1. you gave us your written consent and 2. we are (legally) required to do so, for example on the request of enforcement authorities or to substantiate a (judicial) claim.

• International Transfers of Personal Data 

We may transmit your Personal Data to parties outside the European Economic Area (EEA). The laws in countries outside the EEA may not be as strict as the laws within the EEA. In light of this, Go Sharing has taken measures to protect your privacy and fundamental rights when your personal data is transferred outside the EEA and to other countries where no adequacy decisions of the European Commission apply. This includes the use of appropriate safeguards such as the standard contractual clauses approved by the European Commission to ensure a sufficient level of protection. 

 

• Retention Period 

We will not process or store any Personal Data that we do not need. We retain your personal data for as long as necessary to fulfill the purpose for which it was collected and used. In this respect, we apply the following retention periods:

Account data and details of rides | Your account data and the details of rides are retained as long as your account is activated and will be deleted within 6 months after the deactivating your account (unless stated otherwise below).

Driving license | The photo of your driving license will be retained for 30 days or as long as necessary to verify the driving licence. The information retrieved from the driving license is stored as long as your account is activated and/or until the driving license is invalidated.

Location data | This information is stored as long as necessary for the purposes stated above.

Newsletters | We retain the Personal Data used for sending newsletters until you unsubscribe from our newsletter via the link at the bottom of each newsletter.

Personal Data in our correspondence | This data is stored as long as necessary to handle your message/question/complaint.

Personal Data in our administration for the tax authorities | We store these Personal Data for seven (7) years, in accordance with our legal obligation.

Technical information on the use of our Services | The retention period for the technical information collected via cookies and automated technologies can be found in the Cookie section above.

After expiry of the aforementioned retention periods, we may process and retain certain Personal Data to comply with legal retention obligations and/or for fraud/misuse investigations or to substantiate a (judicial) claim. In such events, we will retain the data separately and only use such data for the aforementioned purposes.

• How to Exercise Your Privacy Rights

You have the following rights with regard to your personal data: 

• Right to access information about how we process your personal data, including the categories of personal data we process, recipients of your personal data, and purposes for our processing. 

• Right to rectification of inaccurate personal data concerning you, as well as, taking into account the purposes of the processing, the right to have incomplete personal data completed. 

• Right to erasure (deletion) of personal data concerning you where: (a) the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; (b) you withdraw your consent and there are no other legal grounds for the processing; (c) you exercise your right to object (see below) and there are no compelling legitimate grounds for the processing; (d) the personal data has been unlawfully processed; or (e) the personal data have to be erased for compliance with a legal obligation applicable to us. 

• Right to restriction of processing (i.e., data will be blocked from normal processing but not erased) where: (a) you contest the accuracy of the personal data, for a period enabling us to verify the accuracy; (b) the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead; (c) we no longer need the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defence of legal claims; (d) you exercise your right to object (see below) pending the verification of whether our legitimate grounds override yours.

• Where processing is based on your consent, the right to withdraw consent at any time, without affecting the lawfulness of the processing prior to such withdrawal. 

• Where processing is based on your consent, or on a contract, the right to data portability, i.e. the right to obtain a copy of the data concerning you in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from us.

• Right to object to the processing of personal data based on our legitimate interests, provided that there are no compelling legitimate grounds for the processing that would override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

• Right to not be subjected to automated decision-making: Go Sharing does not make use of automated decision-making. 

If you wish to exercise any of your rights above, please contact us using the information in the section ‘Contact Us’ at the end of this Privacy Statement. We will respond to your request within 30 days of receiving such request. If we are unable to honor or otherwise deny your request, we will provide a reason why. 

We may charge you a reasonable fee in the case that you request additional copies of your personal data or make excessive requests. Insofar as is practicable and required under law, we will notify third parties with whom we have shared your personal data of any request for correction, deletion, and/or restriction to the processing of your personal data. Please note that we cannot guarantee third parties will follow up on our notification and we encourage you to contact those third parties directly.

You always have the right to lodge a complaint with your local Data Protection Authority. 

 

• Amendments to this Privacy Statement 

We aim to constantly improve our internal procedures and our Services. That is why from time to time we can update this Privacy Statement. 

The Effective Date of this Privacy Statement is set forth at the bottom of this statement. In case of material changes to the way we treat your personal data, we will publish the modified version of the Privacy Statement on our website. The most recent version of our Privacy Statement can always be found on our website. We therefore encourage you to review it periodically. 

 

• Contact Us

If you have any questions, comments or concerns regarding the manner in which we handle your Personal Data, or if you wish to exercise your rights, please contact us.

 

GO Sharing

By email: privacy@go-sharing.com [INSERT PRIVACY EMAIL]

By post: [INSERT POSTAL ADDRESS]

By phone: [INSERT PHONE NUMBER]

Effective: May 2024

The original English version of the Privacy Statement may have been translated into other languages. The translated version of the original English version of the Privacy Statement is a courtesy and office translation only and no rights can be derived from the translated version. In the event of a dispute about the contents or interpretation of the Privacy Statement or in the event of a conflict, ambiguity, inconsistency or discrepancy between the English version and any other language version of the Privacy Statement, the English language version shall prevail, apply and be binding and conclusive. The English version of the Privacy Statement shall be used in legal proceedings.

 

BOSNIA AND HERZEGOVINA PRIVACY POLICY

Please read carefully the present document. It contains the Privacy Policy for customers of “GO SHARING”, the users of its website go-sharing.com and the users of the GO SHARING mobile application (“the Policy”) and is aimed to explain our practices related to personal data processing in the context of the services provided and activities performed by us.

The Policy is drafted in compliance with the requirements under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the Regulation) and Personal data protecton law (Sl. novine BiH 49/06 and 76/11).

General provisions

1. GO SHARING offers shared (electric) mobility as a new, flexible way of transportation and this service is brand of “BinBin BH” d.o.o. company.
2. In connection with the provision of its services and performance of its activities, “BinBin BH” d.o.o (“BINBIN” / “we”), in its capacity as data controller, processes personal data of its customers – natural persons, as well as personal data of other individuals specified below (“Data Subjects”/ “you”), in compliance with the rules and principles under the present Policy. 
3. “BinBin BH” d.o.o is a company with head office and registered address: Munira Gavrankapetanovića 16, Ilidža, ID 4203023130001 and VAT 203023130001, phone number: +387 70 330 080., email address destek@binbinscooters.com, web: https://www.binbin.tech/  and GO SHARING mobile app.

Data Subjects

1. In connection with the provided services we process information regarding the following Data Subjects:

1. individuals visiting or registering through the website or the application(the Apps jointly);
2. individuals making purchases through the Apps, in their name or on behalf of another individual or legal entity (if so possible and allowed as per our User agreement);
3. individuals using the services provided by us, including, rental of electrical vehicles as per our User agreement and related services, including individuals representing or acting in another manner on behalf of legal persons using the said services;
4. individuals who, on their own behalf or on behalf of another person, have addressed inquiries (including, but not limited, by email, fax, phone, or other), requests, signals, complaints or other correspondence to GO SHARING.

Categories of Personal Data, Purpose of collecting them and Legal grounds

1. The information (categories of personal data) concerning Data Subjects which is processed by GO SHARING app as part of “BinBin BH” d.o.o pursuant to the present Policy may include:

When you use our App:

Personal Data:	Purpose(s):	Legal ground(s):
Registration via phone number:  Phone number, first and last name, email address, address (city, street, number and postal code). Registration via social account: Data from your Apple, Google or Facebook account (i.e. name, age, email address and profile picture) and the eventual other Personal Data you provide us access to.	We use these data to: registrate you as a user of the App; create an account for you within the App; improve the usability of our Services; send you notifications;  and (re)target you on social media for marketing and advertising purposes.	We may process these data because this is necessary to perform our contract with you, i.e. to provide you the Services available through our App. We may process the additional Personal Data voluntarily provided through your social account based on your permission. In most cases, this permission can be withdrawn in the settings of your social account. We may only send you notifications on your device, if you gave us your permission to do so. You can always withdraw your permission within the App and within the settings of your device.
License verification: A photo of yourself and a photo of the front and back of your driving license (including: photo, name, date of birth and dates of issue & valid until).Please note: we ask you to hide your national identification number when providing a photo of your driving licence, as we do not need to process your national identification number.	We use these data to: verify your driving license and thus your permission to drive.	We may process these data, because this is necessary to perform our contract with you, i.e. to verify whether you are suited to use our vehicles as part of the Services.
Location: Location of the device you use for the use of our Services.	We use these data to: see where you are currently located and show you available vehicles nearby; and ensure that you can reserve and (un)lock a vehicle if you are close to the vehicle.	We may process your location data because this is necessary to perform our contract with you, i.e. to enable you to reserve and (un)lock one of our vehicles. In some cases, your device requests your permission to share the location of your device with us. This permission is required to make use of our Services. You can however withdraw your permission at any time within the App and within the settings of your device.
Details of your rides: Vehicle license plate, pick-up and drop-off location of the vehicle, route, distance, time, duration and price of the ride.	We use these data to: give you an overview of your rides; give you an overview of the price of the ride and invoice you accordingly; match (received) fines at GO Sharing with the relevant user (see more information below); finetune our value proposition and our Services to your needs; locate our vehicle at the pick-up and drop-off location and track the location of our vehicle during the ride.	We may process these data, because this is necessary to perform our contract with you, i.e. to show you your previous rides incl. the costs thereof. As for the received fines, we may process these data to perform our contract with you, i.e. to forward the received fines to the relevant user (see more information below). Moreover, we also have a legitimate interest to process such information to ensure that the fine is matched with the right user. As for the location of the vehicle, we have a legitimate interest to process such information to protect our properties (e.g. against loss or theft).
Payment information: Payment method (credit card, Sofort or iDeal) and payment details (i.e. account number, account holder, payment amount, time of transactions, applicable taxes etc).	We uses these data to: send you invoices; process and administer payments; include in our (financial) administration to comply with Tax and Customs Administration regulations; and To charge (traffic)fines (the Fine) and penalties on the basis of the Terms of GO Sharing (the Penalty).	We may process these data, because we need these Personal Data to perform our contract with you. We are also legally obligated to process and/or share (some of) these data for/with the national tax authorities.

 

When you contact us, or we contact you:

 

Personal Data:	Purpose(s):	Legal ground(s):
If you contact us: Your name, email address and/or telephone number (depending on how you contact us), and the content of the correspondence between you and GO Sharing.	We uses these data to: answer your questions and/or handle complaints support you in using our Services; and improve our Services as a result of questions and feedback received from users.	We may process these data, because we have a legitimate interest to contact and assist you based on your comment or question and to improve our Services as a result of the questions and feedback we receive.
If we contact you regarding a Fine and/or Penalty: Your name, contact information (email address, phone number and/or address) and rides during the time frame of the Fine/Penalty. Please note: Fines are sent to the owner of the vehicle, i.e. GO Sharing. We will forward this fine to the user that was driving the vehicle at the timestamp of the fine.	We uses these data to: match the received Fine/Penalty with the user of the vehicle; contact the relevant user to announce the Fine/Penalty; and forward/send the Fine/Penalty to the relevant user.	We may process these data, because we need these Personal Data to perform our contract with you, i.e. to forward (and collect) received Fines and Penalties to the users that have caused such Fine/Penalty.
Newsletters:  Email address and first and last name.	We uses these data to:   send you service notifications about the Services you are using.	We may send you newsletters, if you gave us permission to do so. If you are a paying user, we may send you newsletters based on our legitimate interest to inform you about similar Services. It is always possible to unsubscribe from our newsletter via the link at the bottom of each newsletter.
Service notifications: Email address and first and last name.	We uses these data to:   send you service notifications about the Services you are using.	We may send you service notifications, because we have a legitimate interest to inform you about service updates that are relevant for your use of the Services.
Via our social media pages: Information you make public, when you leave a comment or otherwise post something on our social media channels.	We uses these data to: contact you via our social media channels; and process your feedback left on our social media channels.	We may process these Personal Data, because we have a legitimate interest to process these data and because the visitors voluntarily made this information public. Our social media pages are also controlled by the social medium itself. Please check their own privacy policies, to see how they handle Personal Data: Facebook: Privacy Policy Instagram: Privacy Policy LinkedIn: Privacy Policy Twitter: Privacy Policy

 

When you use our Website:

 

Personal Data:	Purpose(s):	Legal ground(s):
Technical information: Information on the device, IP-address and browser used to access our Services.	We uses these data to: communicate in the same language of the browser; adapt our Website and App to the used device; and improve the usability of our Website and App.	We may process this data because we have a legitimate interest to do so, i.e. to provide you with a good functioning Website and App and improve our Services for our users.

 

Surveillance and Security

1. We may apply security measures including a 24-hour video surveillance system of recording and storage devices for ensuring the physical security against violations on the buildings and sites, and for protection of the life and health of citizens.
2. Video surveillance and video recording may be performed in publicly accessible zones and premises in the buildings of BINBIN and in zones and premises with an exclusive access regime.  As far as this cannot be avoided upon the installation of the video surveillance devices it is possible that they record also part of the street in front of BINBIN’s premises, but this is made accidentally and is not the purpose of the video surveillance. There is no video surveillance in the WCs, recreation rooms, etc. The data of video surveillance activities are stored in a separate locked room with limited access. The records are being reviewed only upon occurrence of an accident (such as incident, unlawful act of an employee, client or a third person) as the respective section of the recording shall be archived and stored for the period necessary for us to exercise our respective rights. 
3. Information boards are available at visible places to notify Data Subjects and other visitors that technical means for surveillance and control are used and provide any other related information. 

Cookies

1. We may use functional, tracking and analytical cookies on our Website and within our App. A cookie is a simple small text file that can be stored in your computer when visiting the Website or App. This text file identifies your browser and/or device. When visiting our Website or App again, the cookie ensures that your browser/device is recognized.

How long do we keep Personal Data

1. We will not process or store any Personal Data that we do not need. We store Personal Data for as long as we need it for the above purposes. In this respect, we apply the following retention periods:

• Account data and details of rides | Your account data and the details of rides are retained as long as your account is activated and will be deleted within 6 months after the deactivating your account (unless stated otherwise below).
• Driving license | The photo of your driving license will be retained for 30 days or as long as necessary to verify the driving licence. The information retrieved from the driving license is stored as long as your account is activated and/or until the driving license is invalidated.
• Location data | This information is stored as long as necessary for the purposes stated above.
• Newsletters | We retain the Personal Data used for sending newsletters until you unsubscribe from our newsletter via the link at the bottom of each newsletter.
• Personal Data in our correspondence | This data is stored as long as necessary to handle your message/question/complaint.
• Personal Data in our administration for the tax authorities | We store these Personal Data for seven (7) years, in accordance with our legal obligation.
• Technical information on the use of our Services | This data is stored as long as necessary for the purposes stated above.
• After expiry of the aforementioned retention period, we may process and retain certain Personal Data to comply with legal retention obligations and/or for fraud/misuse investigations or to substantiate a (judicial) claim. In such events, we will retain the data separately and only use such data for the aforementioned purposes.

Provision of personal data and consequences from refusal

1. We clearly indicate, where applicable and in the appropriate manner, whether the provision of the respective data and/ or documents is mandatory or constitutes a requirement necessary for the conclusion or performance of a contract, as well as the consequences from the refusal to provide such data.Any refusal to provide data and documents indicated as mandatory may prove an impediment to the provision of a service by us to the satisfaction and execution of submitted requests, applications, signals, etc., which releases us from liability for default.

Other Sources of Personal Data

1. In certain cases, the personal data processed by us are not collected and received directly from the Data Subject of the relevant data, but from third parties, such as:

1. persons representing, working for or otherwise cooperating with the Data Subject;
2. event organizers – with respect to information concerning the participants in the event;
3. business partners (e.g., sites; agencies, other persons that provide intermediary services in the context of ordering of other services, etc.) of GO SHARING;
4. competent state and judicial authorities.

Categories of Recipients of Personal Data. Data Processors

1. We not disclose personal data concerning the Data Subject to third parties except where:

1. this is necessary for compliance with our legal obligation – such as to competent state, municipal or judicial authorities, auditors;
2. this is explicitly provided for in the Privacy policy and/or the general terms (the contract) for use of the services by us – such as data processors as assigned by us, companies for receivables collection;
3. this is necessary for the provision of our services – such as to banks and payment services providers, postal and delivery services providers, our business partners such as: sites; agencies and other sellers or other supportive services;
4. the Data Subject has given his/her explicit consent – to the persons provided for in the relevant consent (e.g. our related parties, our business partners, etc.);
5. this is necessary to protect our rights and legitimate interests or of third parties or the Data Subject – such as to state, municipal and judicial authorities, private and public judicial enforcement officers, lawyers;
6. in other cases, provided by law.

1. For the purposes specified in the present Policy, GO SHARING may assign data storage and processing activities to third parties – data processors, in compliance with the requirements under the Regulation and the other applicable personal data protection rules.  Where personal data are disclosed to and processed by data processors, such disclosure and processing will be carried out only to the extent and in the amount necessary for the performance of the tasks assigned by us. Data processors act on our behalf and are obliged to process personal data only in strict compliance with our instructions. Data processors shall not be entitled to use or otherwise process the information for purposes other than for the purposes specified in the present Policy.
2. GO SHARING will transfer your personal data storing and processing to the sole owner of GO SHARING – BIN ULAŞIM VE AKILLI ŞEHIR TEKNOLOJILERI ANONIM ŞIRKETI, a joint-stock company incorporated under the laws of Turkey, Istanbul Trade Registry / Registration Number: 205981-5, address: SarayMahallesi, Sanayi Caddesi, No 54/2 Ümraniye/İstanbul Turkey and through it – with organizations / entities for the core storage and processing of data for our purposes. Those entities are non-EU based and GO SHARING has undertaken all necessary measures for adequate protection measures, including entering into agreement for implementing of the approved by the EU standard contractual clauses for data protection. All non-EU entities storing / with access to data do have implemented TIER III and ISO 27001, ISO 50001, ISO 10002, ISO 22301, ISO 9001. 

 

Additional Phone Number Consents

1. We take your privacy seriously. To provide you with the best possible experience and service, we use third-party integrations that require us to share your phone number.
   Please note that your phone number will only be shared with trusted third-party integrations that are necessary to provide you with our services. These third-party integrations are bound by strict confidentiality and data protection agreements to safeguard your personal information.
   If you have any questions or concerns about our privacy practices, please contact us. Thank you for trusting us with your personal information.

Rights of the Data Subjects Regarding Their Personal Data

1. In relation to the processing of the personal data concerning him/her, each Data Subject has the following rights:

1. right of access and information – to be provided with information on the processing of his/her personal data from us and to have access to the processed personal data;
2. right of rectification – to require his/her personal data to be rectified and completed if the data are inaccurate or incomplete;
3. right of erasure – to require his/her personal data to be erased if there are the grounds for this provided for in the Regulation;
4. right of restriction of personal data processing – to require that we restrict the processing of his/her personal data within the limits provided for the Regulation if there are the grounds for this set forth therein;
5. right to notify third parties – to require that we notify the third parties to whom his/her personal data have been disclosed of any rectification, erasure or restriction of the processing of his/her personal data unless this proves impossible or involves disproportionate effort from us;
6. right of data portability – to receive the personal data concerning him/her and which he/she has provided to us, in a structured, commonly used, machine-readable format, as well as to have the right to transmit such data to another controller without any hindrance on our part;
7. right not to be a subject to an automated decision which is based solely on automated processing (i.е. processing without human intervention), including profiling within the meaning of the Regulation. We at GO SHARING use programmes for automated personal data processing and decision making, including your profiling;
8. right to withdraw consent for processing – where personal data processing is based solely on consent given by the Data Subject, the latter shall have the right to withdraw his/her consent at any time. Such withdrawal shall not affect the lawfulness of the processing based on consent before its withdrawal;
9. right to object – the Data Subject shall have the right to object, on grounds relating to his/her particular situation, at any time to processing of personal data concerning him/her, including profiling within the meaning of the Regulation, based on public interest, exercise of official authority and the legitimate interests of GO SHARING or a third party. In these cases, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or where necessary for establishing, exercising or defending legal claims.

1. The Data Subject may exercise his/her personal data protection rights by personally submitting a written request at the address specified in Item 2 of this Policy or by sending a written non-anonymous request by post.
2. The Data Subject may exercise the rights relating to his/her personal data also through an explicitly authorized person (with a power of attorney certified by a notary). Part of the rights may also be exercised through the functionalities available on the Website.

Data Security

1. We will take reasonable measures to: (a) protect personal data against unauthorized access, disclosure, change or destruction, and (b) maintain accurate and updated personal information, as appropriate. We also require from service providers, with whom we share personal data, to take measures analogical to ours, for the provision of confidentiality for your personal data. Such protection is in place with respect to the information which we keep electronically or on a paper copy. The access to your personal information is restricted to specific personnel or representatives. In addition, we use generally accepted techniques for protection of the information such as firewalls, access control, etc.However, regrettably, there is no security system or data transfer system online, which is guaranteed to be completely secured, and in case of breach, we are under the responsibility to address the case to the persons and authorities concerned.

Right to Lodge a Complaint with a Supervisory Authority

1. Any Data Subject has the right to lodge a complaint with a personal data supervisory authority.

Supervisory authority in the Bosnia and Herzegowina is:

AGENCY FOR PERSONAL DATA PROTECTION
Address: Dubrovačka 6, 71 000 Sarajevo

 

Explanations and Additional Information

1. The Data Subject may seek clarifications regarding the content, the grounds and the way of exercising his/her rights under this Policy, as well as any additional information regarding his/her rights regarding the processing of personal data by GO SHARING on the contact details given in Item 2 above.

This Privacy Policy has been drafted by GO SHARING as part of BINBIN BH d.o.o. in its capacity as data controller to fulfil its obligations to provide information to the data subjects under Art. 13 and Art. 14 of Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard tothe processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

We reserve the right to periodically update and amend this Privacy Policy to reflect any changes to the way we process your personal information or changes to your legal requirements. In the event of such modifications, we will publish the modified version of the Privacy Policy on our website and therefore kindly request that you periodically review its content.

This Privacy Policy will take effect from 3 May 2024