GDPR Notice
This notice gives additional information for users located in the European Economic Area, United Kingdom, Switzerland, or other regions where GDPR-style rights may apply. It should be read with the Privacy Policy.
1. Scope
- GO India RIDE is an India-focused cab booking and ride coordination service, but international travelers may use the website or support channels.
- This notice applies when GDPR or similar privacy laws require additional rights, transparency, or handling.
- Some rights may be limited by Indian legal obligations, tax requirements, safety, fraud prevention, dispute handling, or driver compliance records.
2. Controller and Contact
For GDPR-style privacy requests, contact privacy@goindiaride.in. Please include your name, contact details, booking reference if available, and the right you want to exercise.
3. Categories of Personal Data
- Identity and contact data: name, phone number, email, address, driver KYC, and fleet contact details.
- Booking and trip data: pickup, drop, route, date, time, passenger details, support notes, and ride status.
- Location data: manual address, browser location where enabled, and driver availability or trip location where supported.
- Payment and refund data: transaction references, amount, status, dispute, and settlement records.
- Technical data: device, browser, IP address, cookies, page usage, security logs, and error events.
4. Lawful Bases
- Contract: to provide booking, ride coordination, support, payment, refund, and driver workflows.
- Legal obligation: to meet tax, audit, compliance, safety, and lawful request requirements.
- Legitimate interests: to improve service, prevent fraud, protect users, investigate disputes, and maintain platform security.
- Consent: for optional location permission, optional marketing where used, and certain cookies where required.
5. User Rights
- Access a copy of personal data linked to your booking, account, or driver profile.
- Correct inaccurate or incomplete information.
- Request deletion where data is no longer required and no legal or operational exception applies.
- Restrict or object to certain processing where applicable.
- Request portability of data you provided, where technically feasible and legally required.
- Withdraw consent where processing is based only on consent.
Phase 2 GDPR self-service controls are live for signed-in users through /api/gdpr/export, /api/gdpr/portability, /api/gdpr/requests, and /api/gdpr/consent. The public implementation status is available at /health/gdpr-compliance.
6. Verification and Response
- We may verify your identity before responding to rights requests.
- We may ask for booking ID, phone number, email, date, route, or driver record details to locate data.
- We aim to respond within the period required by applicable law, subject to complexity and verification.
- Access, portability, consent, restriction, objection, and deletion requests are logged with a 30-day target response date for operational follow-up.
- We may refuse or limit requests that are fraudulent, excessive, impossible, or restricted by law.
7. International Processing and Service Providers
GO India RIDE may use service providers for hosting, communication, analytics, payment, security, verification, and support. Data may be processed in India or other locations where providers operate, subject to appropriate business and legal safeguards where required.
8. Retention and Deletion
Data is retained only as long as needed for booking, support, driver compliance, finance, tax, audit, safety, dispute, legal, fraud prevention, and business continuity purposes. Deletion, restriction, and objection requests are reviewed against these requirements before fulfillment.
9. Complaints
You may contact privacy@goindiaride.in first so we can review and respond. Where applicable, you may also have the right to contact a privacy regulator in your region.