App Data Safety Information

Last updated: November 2025

This page provides detailed information about how the XTaxi24 mobile applications (Customer and Driver) collect, use, and share your data. This information is provided to comply with Google Play Store Data Safety requirements.

Quick Summary

Data is encrypted in transit using industry-standard SSL/TLS encryption

You can request data deletion at any time through our Data Deletion page

No data is sold to third parties - your data is used solely for providing taxi services

XTaxi24 Customer App

Package Name: com.mytaxi.customer
Available on: Google Play Store
Developer: Mathu George

Data Collection - Customer App

Data Type	What We Collect	Required	Shared
Location	Precise location (GPS coordinates) when app is open for pickup/dropoff and real-time tracking	Required	With Driver
Personal Info	Name, email address, phone number	Required	Not Shared
Financial Info	Credit balance, transaction history (card details stored with Stripe, not in our app)	Required	With Stripe
Photos	Profile picture (optional)	Optional	With Driver
Contacts	Emergency contacts (if added by user)	Optional	Not Shared
App Activity	Ride history, ratings, app interactions, search history	Required	Not Shared
Device Info	Device ID, OS version, app version, IP address	Required	Not Shared
Messages	In-app chat with drivers (stored for 90 days)	Optional	With Driver

XTaxi24 Driver App

Package Name: com.mytaxidriver.app
Available on: Google Play Store
Developer: Mathu George

Data Collection - Driver App

Data Type	What We Collect	Required	Shared
Location	Precise location (GPS) in background when "online" for ride matching and navigation	Required	With Passenger
Personal Info	Name, email, phone, address, driver license number, license plate	Required	With Passenger
Financial Info	Bank account details (for payouts), earnings history, transaction records	Required	With Stripe
Photos	Profile picture, vehicle photos, driver license photo, insurance documents	Required	With Passenger
App Activity	Ride history, ratings, online/offline status, navigation routes	Required	Not Shared
Device Info	Device ID, OS version, app version, IP address	Required	Not Shared
Messages	In-app chat with passengers (stored for 90 days)	Optional	With Passenger
Documents	Driver license, vehicle registration, insurance, DBS certificate	Required	Not Shared

How We Use Your Data

Essential Service Functions

Ride Matching: Connect passengers with nearby drivers using GPS location
Navigation: Provide turn-by-turn directions during rides
Payment Processing: Calculate fares and process payments via Stripe
Real-time Tracking: Show driver location to passengers during rides
Safety & Security: Verify identities, track rides for safety, resolve disputes
Customer Support: Respond to issues, complaints, and requests

Legal & Compliance

Tax Records: Maintain transaction records for 7 years (HMRC requirement)
Driver Verification: Check licenses, insurance, and background checks
Law Enforcement: Respond to valid legal requests
Licensing Authority: Provide records to Mid Sussex District Council if required

Service Improvement

Analytics: Understand app usage to improve features
Bug Fixing: Diagnose and fix technical issues
Feature Development: Build new features based on user needs

Data Sharing & Third Parties

Third Party	Data Shared	Purpose
Google Maps API	Location coordinates, route requests	Mapping, navigation, distance calculation
Firebase (Google)	All app data (database hosting in Europe)	App backend, real-time database, authentication
Stripe	Payment information, transaction amounts	Secure payment processing, PCI DSS compliance
Other Users	Name, photo, location (during rides only)	Enable ride fulfillment and communication
Law Enforcement	User data (only when legally required)	Comply with court orders, subpoenas, legal obligations

We DO NOT Share Data With:

❌ Advertisers or marketing companies
❌ Data brokers
❌ Social media platforms (unless you choose to share)
❌ Insurance companies (unless required for claims)
❌ Any third party for purposes unrelated to providing taxi services

Data Security Measures

Encryption: All data is encrypted in transit (SSL/TLS) and at rest
Firebase Security Rules: Database access restricted by user authentication
Secure Payment Processing: PCI DSS compliant via Stripe (we don't store card details)
Access Controls: Limited employee access to personal data
Regular Audits: Security reviews and vulnerability testing
Data Minimization: We only collect data necessary for service provision

Location Data Details

Customer App

When: Only when app is open and in use
Why: Show your location, find nearby drivers, set pickup point, track ride
Background: NO - location tracking stops when you close the app
Control: You can deny location permissions (but app won't work)

Driver App

When: When you toggle "online" and available for rides
Why: Match you with nearby passengers, provide real-time location to passengers
Background: YES - required to receive ride requests while app is in background
Control: Toggle "offline" to stop location tracking anytime

Data Retention

Data Type	Retention Period	Reason
Account Information	Until deletion requested + 6 years	Business records, dispute resolution
Ride History	7 years	Tax/accounting compliance (HMRC)
Payment Records	7 years	Tax/accounting compliance (HMRC)
Location Data	7 years (for ride records)	Dispute resolution, legal compliance
Chat Messages	90 days	Customer support, dispute resolution
Marketing Consent	Until withdrawn	Marketing communications

Your Rights & Controls

Access: Request a copy of your data via privacy@xtaxi24.com
Deletion: Request account and data deletion at Data Deletion page
Correction: Update inaccurate information in the app settings
Restriction: Limit data processing (contact dpo@xtaxi24.com)
Portability: Download your data in portable format
Object: Opt out of marketing communications anytime

Children's Privacy

XTaxi24 apps are NOT intended for users under 18. We do not knowingly collect data from children. If we discover we have collected data from a child under 18, we will delete it immediately.

International Data Transfers

Your data is stored on Firebase servers located in Europe (europe-west1). If data is transferred outside the UK/EEA, we use EU Standard Contractual Clauses and other lawful transfer mechanisms.

Updates to Data Practices

We may update our data practices periodically. We'll notify you of significant changes via:

In-app notification
Email to your registered address
Updated "Last modified" date on this page

Contact Us

Data Protection Officer: dpo@xtaxi24.com

Privacy Inquiries: privacy@xtaxi24.com

General Support: support@xtaxi24.com

Address: 12 St Wilfrids Way, Haywards Heath, West Sussex, RH16 3QH

Regulatory Compliance

Our data practices comply with:

UK General Data Protection Regulation (UK GDPR)
Data Protection Act 2018
Privacy and Electronic Communications Regulations (PECR)
Google Play Store Data Safety Requirements
Apple App Store Privacy Requirements (when iOS app launches)

Full Privacy Policy: Read our complete Privacy Policy