TransferLife
Legal

Privacy Policy

Effective Date: 28/03/2026App Name: TransferLifePlatforms: iOS and Android

1. Introduction

TransferLife ("we", "our", or "us") provides a fleet and transfer management platform used by transport operators to manage bookings, passengers, vehicles, and logistics.

This Privacy Policy explains how we collect, use, store, and share personal data when you use the TransferLife mobile application.

2. Roles Under Data Protection Law

  • App Users (Operators, Drivers, Admins): We act as the data controller for your account data.
  • Passenger / Customer Data: You (the transport operator) act as the data controller, and we act as a data processor on your behalf.

You are responsible for ensuring you have a lawful basis to collect and process passenger data.

3. Data We Collect

3.1 Account & Authentication Data

We collect the following when you create and use an account:

  • Full name
  • Email address
  • Encrypted password
  • Internal user ID
  • Session authentication tokens
  • Organisation role (e.g., admin, driver)

Purpose:

  • Account creation and authentication
  • Access control and permissions
  • Secure session management

3.2 Passenger / Customer Data (Entered by Operators)

You may enter personal data about passengers, including:

  • Full name
  • Email address
  • Phone number
  • Booking notes and instructions
  • Passenger and luggage counts
  • Flight numbers or vessel information (optional)

Purpose:

  • Managing transport bookings
  • Communicating with passengers
  • Operational logistics

3.3 Location & Ride Data

We collect and process booking-related location data:

  • Pickup and drop-off addresses
  • Geographic coordinates
  • Place IDs (via Google services)
  • Scheduled dates and times
  • Estimated routes, distance, and duration
  • Booking status and references

Driver Real-Time Location Tracking

When a driver sets their status to "online", the app collects and transmits real-time device location data to our backend servers. This includes:

  • GPS coordinates (latitude and longitude)
  • Location accuracy
  • Heading (direction of travel)
  • Speed

Location is tracked both while the app is in the foreground and in the background. Background tracking continues until the driver sets their status to "offline" or the app is closed. On Android, a persistent notification is displayed while background tracking is active, informing the driver that their location is being shared.

Location data is updated approximately every 10 metres or every 5 seconds in the foreground, and every 10 metres or every 15 seconds in the background.

Both foreground and background location permissions are requested before tracking begins. Drivers may decline these permissions, in which case online status cannot be activated.

Purpose:

  • Real-time driver coordination and dispatch
  • Passenger visibility into driver proximity
  • Route planning and navigation
  • Operational logistics

3.4 Payment & Financial Data

We store booking-related financial information:

  • Payment amount
  • Payment method (e.g., cash, bank transfer)
  • Payment status
  • Commission and settlement data

We do not process or store card numbers or payment credentials. Payments are recorded for operational and accounting purposes only.

3.5 Device & Technical Data

We automatically collect limited technical data:

  • Device ID (via push notification provider)
  • Push notification token
  • Device platform (iOS/Android)
  • App version
  • Notification permission status

Purpose:

  • Delivering push notifications
  • App performance and debugging

3.6 Organisation & Fleet Data

We process business-related data such as:

  • Organisation details
  • Partner and channel information
  • Vehicle details (make, model, license plate, capacity)

Purpose:

  • Fleet management
  • Booking assignment
  • Operational coordination

4. How We Store Data

  • Data is stored securely on backend servers (PostgreSQL database)
  • Authentication tokens are stored securely on your device (Keychain/Keystore)
  • The app does not persist passenger or booking data locally
  • We implement appropriate technical and organisational measures to protect data.

5. Legal Basis for Processing (GDPR)

We process personal data under the following bases:

  • Contract performance – to provide the TransferLife service
  • Legitimate interests – to operate and improve the platform
  • Legal obligations – where required for accounting or compliance
  • Consent – for real-time background location tracking of drivers (obtained via OS permission prompt prior to activation)

Passenger data is processed on behalf of operators under their lawful basis.

6. Sharing of Data

We share data with the following service providers:

  • Push Notifications Provider – for delivering notifications
  • Mapping & Location Services – for address resolution and maps
  • Cloud Database Hosting – for secure data storage

These providers process data under contractual agreements and appropriate safeguards.

We do not sell personal data.

7. International Data Transfers

Your data may be processed outside your country of residence.

Where applicable, we ensure safeguards such as:

  • Standard contractual clauses (SCCs)
  • Adequate data protection agreements

8. Data Retention

We retain data only as long as necessary for:

  • Providing the service
  • Legal and accounting obligations
  • Resolving disputes

Retention periods should be defined by your organisation. Currently, no automatic deletion rules are enforced in the app.

9. Your Rights (GDPR)

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent for location tracking at any time via your device settings

To exercise your rights, contact us at: support@transferlife.gr

10. Data Security

We implement security measures including:

  • Encrypted data transmission (HTTPS)
  • Secure authentication systems
  • Protected storage environments
  • Access control based on user roles

However, no system is completely secure.

11. Children's Privacy

TransferLife is not intended for use by children.

Operators are responsible for handling any data relating to minors in compliance with applicable laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be communicated via the app or other appropriate channels.

13. Contact Us

If you have questions about this Privacy Policy or your data:

  • Email: support@transferlife.gr
  • Company Name: TransferLife
  • Address: Greece