Privacy Policy

Who Are We?

When we refer to ‘we’ (or ‘our’ or ‘us’), that means Zipp Mobility Limited. Zipp Mobility Limited is our legal company name but we are trading as Zipp Mobility. To keep things simple, we will use our trading name 'Zipp Mobility' throughout this Privacy Notice. Zipp Mobility is based in Ireland.

Privacy Notice Overview

This Privacy Notice describes how and why we, as Data Controller, might obtain, store and process your personal data when you use our services ('the services'). ‘Personal data’ means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. We commit to processing your personal data fairly, lawfully, and transparently. Please do not hesitate to contact us if you have questions in addition to the information provided in this Privacy Notice at [email protected].

The Personal Data We Collect

Depending on the type and level of engagement you have with us, we may collect the following categories of personal data:

When you visit our website, we collect technical data such as:

Children

While our services are designed for a general audience, we will not knowingly collect any data from children under the age of 16 or sell products to children, without the consent of a parental guardian to do so. If you are under the age of 16 and we do have the consent of a parental guardian, you are not permitted to use or submit your data to the website.

How We Collect Your Data

We may collect your personal data in one of the following ways:

We may also receive data about you from various third parties, including:

How We Use Your Personal Data

We will only collect and process your personal data where we have a legal basis to do so. As a data controller, the legal basis for our collection and use of your personal data varies depending on the manner and purpose for which we collected it. We will only collect personal data from you when:

Why We Process Your Personal Data

We process your personal data in order to fulfill any of the activities below:

How We Share Your Data

We sometimes share your personal data with our trusted categories of third parties we use to conduct our business. Our trusted categories of third parties include:

UK Department for Transport (DfT)

Some data pertaining to your use of e-scooters with any participating Operator of rental e-scooters in the UK, including Zipp Mobility will be shared securely with the UK Department for Transport (DfT) and DfT’s third party research contractors, Arup and NatCen Social Research, for the purpose of the e-scooter trials.

This data will enable DfT to understand the effects of e-scooters and to allow ministers to take an informed decision in the future about how they should be regulated to promote safe and sustainable travel. DfT’s privacy statement for e-scooter trials is available at: https://www.gov.uk/government/publications/dft-online-form-and-survey-privacy-notice/e-scooter-trials-privacy-statement

The data that will be shared includes:

1. Pseudonymised data: Details of the length, duration and location of trips. Please note neither DfT nor its research contactor will be able to attribute this data to any personally identifiable data.

2. Personal data: contact details (for the sole purpose of follow-up research); Month and day of the week, and a time band (i.e. a Wednesday in March, between 7-12am) for the trip; the duration and distance of the trip; and the area (the ONS Lower Super Output Area that corresponds to a trip’s start point). Operators will also share responses you may provide to questions asked after each trip.

DfT and Zipp Mobility take data protection extremely seriously and are ensuring the collection of this data is compliant with Data Protection Legislation. For more information about the standards you can expect when DfT asks for, or holds, your personal information, read DfT’s Personal information charter.

DfT is also preparing a separate survey that you may be asked to respond to as a participant in these rental e-scooter trials. The survey will ask for information about your gender, ethnicity, age and first-part post code to enable the DfT's research contractor to assess the impact of e-scooter use on equality and opportunity, and to compare different experiences of e-scooter use according to those characteristics. Further details of this will be provided with the survey.

E-marketing Partners As part of our e-marketing methods and on the basis of our legitimate business interests, we use some Google services and some Facebook products in accordance with the practices explained in the Google and Facebook terms and privacy notices. In order to protect your personal data by pseudonymising it, Google and Facebook ensure that a hashing algorithm is applied automatically at the point of sharing personal data with Google and Facebook. Please consult their relevant terms and privacy notices for further information and your options. If we can help you in any way please do not hesitate to contact us at [email protected].

AML Monitoring Partners As part of our fraud monitoring, detection and prevention methods and on the basis of our legitimate business interests, we use a third-party fraud monitoring, detection and prevention service provider for all website/online sales. As part of this service, we may share personal data that is required to make identity checks and personal data that we obtain from making identity checks (including data relating to your age, name and location), together with account information, with third party organisations (including law enforcement agencies), involved in fraud prevention and detection and credit risk reduction. Please note that these third parties may retain a record of the information that we provide to them for this purpose.

A full List of our Data Sub-Processors can be found in our Privacy Center on our website.

As part of fraud monitoring and prevention, we may be legally required to share your personal data with government bodies and law enforcement. Please note that these bodies may retain a record of the information that we provide to them for this purpose.

Sale or Merger

We may share your personal information as part of a merger or acquisition. If Zipp Mobility is involved in a merger, financing, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets, or in the event of a liquidation, insolvency, bankruptcy, or receivership, we may share your information with that company before and after the transaction closes. In such a case, unless otherwise directed by applicable law, your information would remain subject to the terms of the applicable privacy policy in effect at the time of such transfer. You will be notified of any such changes in advance.

Marketing Preferences

We may send you direct marketing communications, product information and promotional offers:
The marketing communications we send will be in relation to our own products or services, your personal data will not be used for third-party direct marketing unless separate explicit consent has been collected for that or you are from a country where the laws permit such processing.

You will always have full control of your marketing preferences. If you do not wish to continue receiving marketing information from us at any time:
Customers located in certain regions, such as the EEA and UK, also have the right to object to their personal data being processed for direct marketing purposes at any time. If you would like to object you can contact us by email at [email protected]

We will process all requests as soon as possible, but please note that due to the nature of our IT systems and servers it may take a few days for any opt-out request to be implemented.

Our Use of Cookies

Our website uses cookies. They help us to provide you with the very best experience when you browse our website and to make improvements to our website. You can accept or reject cookies by clicking on the cookie consent banner on our website or by navigating to the ‘Cookies Preferences’ Area in our Privacy Center on our website.

For detailed information on the cookies we use and the reasons why we use them, please refer to our Cookie Policy and Cookie Declaration in our Privacy Center on our website.

Our Use of Analytics

We use analytics to continuously enhance our website, products, services, and features, ensuring an improved user experience. To achieve this, we rely on third-party tools and services that provide valuable insights and analysis of user behavior.

These third-party tools help us collect information automatically when you visit our website (where we have a legal basis to do so). The data includes details such as device type, browser, IP address, pages visited, and the date and time of your visit. By analyzing this information, we gain valuable insights into user preferences, interactions, and usage patterns. Through the use of these analytics tools, we can optimize website performance, personalize content, and enhance our offerings to better meet customer expectations.

If you would like any further information about the data collected by these third parties or the way in which the data is used, please have a look at our List of Sub-processors or contact us on [email protected].

Links to Other Websites and Third Parties

Our website may include links to social media platforms and other websites. If you follow a link to any of these platforms or websites, please note that their own privacy policies will apply and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to their platforms or websites.

Securing Your Data

The communication between your browser and our website uses a secure encrypted connection wherever your personal data is involved. We have put in place physical, electronic, and managerial security procedures in the storage and disclosure of your personal data to protect it against accidental loss, destruction or damage. Nevertheless, any data transmission over the internet or by any other means can never be fully secure, such is the character of the internet, and provision of personal data by you to us is at your own risk. We take all reasonable measures to protect your personal data by putting appropriate technical and operational security measures in place. When we disclose your personal data to trusted third parties (for the purposes set out in this Privacy Notice and our List of Data Sub-Processors), we require all third parties to have appropriate technical and operational security measures in place to protect your personal data, and we work with them to ensure that your data privacy rights are respected. Where your personal data is shared with a third party, it must only be used for the purposes for which it was supplied. In the unfortunate event of a personal data breach, we will notify you and any applicable data protection authority when we are legally required to do so.

Retaining Your Data

We will not keep your personal data for longer than is necessary and when we no longer need to keep it, we will securely destroy, delete or anonymise it in line with our Data Retention policy.

Having obtained your consent (or other legal basis) to contact you, we will retain your personal data for marketing and analysis purposes until you withdraw your consent or unsubscribe. If you choose to withdraw your consent or unsubscribe from marketing, we will delete your personal data from our systems, unless we have another legal basis to retain it, which may include performance of our contract with you or to maintain your contact details on an 'unsubscribed list' to ensure we do not send you further communications.

We may need to retain your personal data to satisfy our legal obligations, to deal with complaints and queries, in order to resolve, litigate or defend a dispute and to prevent fraud and abuse.

Data Transfers

For Users from the European Economic Area ("EEA"), your personal data may be processed outside the EEA by staff who work for us or by one of our Data Sub-processors. When we transfer your information outside of the European Economic Area, we ensure it benefits from an adequate level of data protection by:

• relying on an adequacy decisions by the European Commission made under Article 45 of the GDPR, finding that the third country to which the information is being transferred offers an adequate level of data protection; or

• if there is no adequacy decision, using standard contractual clauses approved or permitted under Article 46 of the GDPR.

We will take all steps necessary to ensure that your data is treated securely and in accordance with this privacy notice. Please contact us if you want further information on the countries to which we may transfer personal data and the specific mechanism used by us when transferring your personal data outside the EEA – [email protected]

Your Rights & Our Commitment to You

You have rights under data privacy laws and Zipp Mobility is committed to you being able to freely exercise your Rights. Where possible, we have incorporated automated tools on our website that enable you to facilitate your rights in real-time. Use the Data Access Gateway in our Privacy Centre to access and manage the personal data that we process and submit any access requests in line with your rights below. Alternatively you can also send us an email at [email protected] to exercise your rights. You are not required to pay any charge for exercising your rights.

Your rights include, under certain circumstances, the right to:

Be informed: you have the right to be informed if and how your personal data is being processed.

Access, rectification, or erasure: you have the right of access to personal data we hold about you in our records. You are also entitled to have your personal data corrected if it is inaccurate, or to have it erased if we do not have a legitimate reason for retaining your data.

To request data portability: you have the right to obtain a digital copy of your personal data, request the transfer of your personal data to another company or request to move your data from one IT system to another in a safe and secure way. This right only applies to personal data you provide to us, and we process it with your consent or in order to fulfill our contract with you by automated means. It also only applies to the extent that it does not affect the rights and freedoms of others.

To request restriction of processing: you have the right to restrict the processing of your personal data where you are contesting the accuracy of that information, you have objected to processing (as described below), or where the processing is unlawful. Where processing is restricted, we may need to retain sufficient information about you to ensure that the restriction is respected in future.

To object to processing: you have the right to object to the processing of your personal information in certain circumstances such as where your personal data is being processed based on our legitimate interests or the legitimate interests of a third party. To object to automated decision-making including profiling: you have the right not to be the subject of any automated decision-making or profiling by us.

To withdraw consent: in cases where we are relying on your consent for the processing of your personal data, you have the right to withdraw your consent at any time. In respect of the e-marketing we conduct, an unsubscribe option is included with every e-marketing communication we send.

To complain to the relevant supervisory authority: should you have any concerns or complaints regarding the way in which we process your data, you also have the right to make a complaint to the relevant European Supervisory Authority. We would, however, appreciate the chance to deal with your concerns before you approach a Supervisory Authority, so please do contact us in the first instance - [email protected]. The contact details of European Supervisory Authorities can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en

Cookie Preferences: you can accept or reject cookies by navigating to the ‘Cookie Preferences’ Area in our Privacy Center on our website. You can also do so by adjusting your web browser controls. Please consult our Cookie Policy for more information about our use of cookies on the website and how to accept and reject them.

Changes to this Privacy Notice

We may change this policy from time to time, to reflect how we are processing your data. If we make significant changes, we will make that clear on our website or by some other means of contact such as email, so that you are able to review the changes before you continue to use our services.

How to Contact Us

We welcome feedback and are happy to answer any questions you may have about your data.

You can contact us at:

Email: [email protected]

This notice was most recently updated: August 29, 2023