We are Citymapper Limited (“we”, “our”, “us”), a company registered in the UK. We're the data controller as defined by the General Data Protection Regulation and are registered with the Information Commissioner's Office (the UK data protection authority) under number ZA017660. If you have any questions about this policy or want to contact our Data Protection Officer, please contact us through the App or send an email to firstname.lastname@example.org.
There are three types of information we process: (1) information you provide, (2) information created when you use features in the App or CM Pass and (3) information from other sources.
When you use our App or CM Pass, you might provide us with (a) personal information; (b) places and preferences; and (c) direct communications.
If you create a Citymapper account, you provide us with your name and email address, which we use to ensure your saved places and other personalisation features are synced across your multiple devices. When you log in using Facebook or Google, we receive your name and email address from them.
When you book transportation within the App without opening another app (“Native Booking”), you provide us with your name, your phone number (this enables you to communicate with your driver), your email address (to provide customer service and help ensure the safety of the transport services), and your payment details.
If you sign up for CM Pass, you provide us with your name, email address, home address, mobile phone number and date of birth so that we can verify your identity. If we are not able to verify your identity using this initial check, we will ask you to provide additional information (such as a copy of your passport ID page or driving licence, proof of address or your photograph (“Additional ID Documents”). We never use this information for any purpose other than verifying your identity so we can provide you with CM Pass. You also provide us with your payment details to pay for your subscription and other fees as specified in the Citymapper Pass Terms.
You may choose to provide us with information on your places and preferences, such as Home, Work, Saved Places, and other travel preferences. We use this information to develop personalised journey-planning services. We also analyse this data in aggregate to improve the App (for example, by ranking certain journey results more highly than others).
When you communicate with us (for example when you respond to in-App survey questions, report problems, raise queries etc.) we may receive information about the type of phone you're using, your service provider and, if you've enabled the location permissions in your device, the latitude and longitude of your location when you contact us. We use this information to fix problems in the App, with Native Booking or with CM Pass, to reply to your communications and to help keep you safe.
The following are the types of information created when you use our App or CM Pass. We associate this information with an installation ID number that is randomly generated each time you install the Citymapper App. We use this installation ID to pseudonymise the data we collect from you. We do not access any permanent device ID numbers.
We use the location data described in this “Location Information” section to improve results in the App and for the purposes identified below.
Users of the Citymapper App: if you've enabled your device's location services we may collect and use your start location information when you open the App. If you disable your device's location services we collect only the start and end points that you search manually.
When you tap ‘GO’ in the Citymapper App, we collect your location information throughout your journey. We use this data to provide on-trip support, such as alerting you when to get off a bus.
For users that have opted in to receive personalised advertising we may use this information to serve adverts relevant to your location.
Native Booking: If you make a Native Booking, we collect your location information when the Citymapper App is running both in the foreground and background of your device during your journey. Knowing your location during your ride enables on-trip support and passenger and driver safety.
In addition to your location data, we store your booking details, your driver and vehicle information, the date and time of your journey, the amount charged, your pick-up and drop-off location, cancellations and no shows. We use this information for operational reasons, such as providing customer support.
CM Pass Users: If you are a CM Pass user, we will collect your location information as described above if you tap ‘GO’ in the Citymapper App while using your CM Pass.
We collect information about the devices you use to access our App, including the type of computer or device you use, the installation ID of the App on your device, the hardware model, operating system and versions, software, file names and versions, the preferred language, time zone settings, and device motion information. This information is necessary for us to diagnose bugs and improve the App. We do not collect any permanent device ID numbers.
Each time you open the App, we collect information about how and when you use it (such as the time and date, searches in the App features and journey results you select, pages visited, app crashes and other system activity). We use this information to improve our App in multiple ways. For example, fixing bugs preventing future crashes and working out which features our users find most helpful.
We try to make your experience of the App simple and meaningful. When you visit our App, our server sends a cookie to your computer or mobile device (depending on how you access the site or App). Cookies are small pieces of information which are issued to your computer when you visit a website and which store and sometimes track information about your use of the site. A number of cookies we use last only for the duration of your web session and expire when you close your App. These are known as “session cookies”. Other cookies are used to remember you when you return to the App and will last for longer. These are known as “persistent cookies”.
remember that you have visited us before, which allows us to identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get and to; customise elements of the promotional layout and/or content of the pages of the App; and
understand what non-personalised advertisements you have been shown, or clicked on, to bill our advertising partners, for frequency capping, aggregated ad reporting and to combat fraud and abuse. We sell digital advertising space through the use of automated technology via 3rd parties including AppLovin, Google, Teads, FeedAd and Meta. We use third party cookies for this non-personalised advertising.;
offer personalised advertisements to users that opt in to receive them, using the same digital advertising partners listed above. We use first party and third party cookies to enable interest based targeting, including Android Advertising IDs and Apple Identifiers for Advertisers; and
collect information about how you use the App so that we can improve the App and learn which parts of the App are most useful.
Some of the cookies used by our App are set by us and some are set by third-party analytics and crash/error-reporting companies as described in this policy.
Most browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browsers. By blocking or deleting cookies you may not be able to take full advantage of the App's features.
Citymapper collects the following types of information from other sources.
If you log into your Citymapper account using Facebook or Google we receive your name and email address. We do not collect or use any other information received from those two companies.
If you sign up for CM Pass, we receive a due diligence report from third-party agencies that provide identity verification, in order to confirm your identity. This information is necessary to prevent fraudulent or unauthorised use of our services and to comply with our legal obligations.
If you are a CM Pass user, we receive a “Cardholder ID” from the third-party company that issues your CM Pass card. The Cardholder ID is your unique identifier that tells us which CM Pass card has been issued to you. When you use the CM Pass, we also receive your transaction information from this third-party company, including the date, time, amount and the merchant details associated with the transaction. This information is necessary in order to provide the CM Pass service and to comply with our legal obligations.
If you are a driver for a Native Booking Service provider, we receive your name, vehicle information, photograph, phone number, and current location from that Native Booking Service provider. This information facilitates your communication with and pick up of, your assigned passenger and is used to create transaction receipts for passengers.
In summary, we use the information we collect to:
Provide and improve our App, Native Booking services and CM Pass;
Build a profile of your preferences so we can personalise the Citymapper App and provide you with relevant transport information;
Recommend transport options that match your stated preferences and previous use of the App;
Administer your account with us, if you have one;
Confirm your eligibility to use CM Pass;
Verify your identity (including processing of your identity documents in order to confirm your identity and to make an automated decision as to whether or not to provide you with CM Pass services);
Enable communication between drivers and passengers on any minicab or taxi service;
Process or facilitate payment (through third party payment processing services) for Native Booking, CM Pass and Citymapper Club;
Send you transaction receipts for your use of Native Booking and/or CM Pass;
Respond to your emails to discuss your use of the App, Native Booking, CM Pass and/or Citymapper Club and answer any support queries you may have;
Send you marketing communications by email or in-App notifications, and let you know about our policies and terms or when we launch in your city;
Identify issues with the operation of the App, and provide crash reports in order to find resolution for performance issues;
Improve the design, functionality and/or content of the pages of the App and customise them for you;
Carry out research on users' transport choices to improve the App, CM Pass and Citymapper Club;
Provide non-personalised advertisements. We use very limited personal data for these purposes to understand the effectiveness of the advertising and certain other non-targeting purposes (see Cookies above);
Provide personalised advertisements for users that opt in to receive them. We use first party and third party cookies, including Android Advertising IDs and Apple Identifiers for Advertisers, to offer interest based targeting (see Cookies above); and
Disclose to lawful authorities when required to do so by law, or when appropriate, in our opinion, to respond to their request.
From time to time we may share information with third parties to improve the App and enhance user experience. To the extent possible we pseudonymise (remove information that identifies you) and minimize the data we send to them.
Search Partners: We have search partners like Google, Apple, and Foursquare so you can find the places you want to go in the App. They receive the place name you have searched for and to make your search results as relevant as possible, they receive your current location (if you have enabled location services in your device).
Deeplink Booking (i.e. any transportation that you can book by clicking through the Citymapper App to open a third party app) providers: These third-party transport providers in the App, such as Kapten and Uber, receive the pick-up and destination locations you enter in our App in order to provide travel time and fare estimates and (if you choose to book a ride through their apps by clicking through the Citymapper App) to provide you with their transport services.
Native Booking providers: If you are a passenger of a Native Booking provider, we share your first and last name, your phone number and your pick up and destination locations to enable them to provide their services to you. If you give feedback on a driver, we may also send this to the relevant provider.
Analytics Vendors: We use third party vendors like Mixpanel, Flurry and Google Analytics to understand what you've tapped or clicked on the App. They receive information showing only that someone has tapped or used certain features in the App. They organise that information and give it back to us so that we can make improvements to the App.
Crash/Error Reporting Vendors: We use Crashlytics and logz.io to report on crashes you experience with the App so we can fix those, and Sentry to report on errors with our backend.
Messaging Apps: If you decide to use certain sharing features in our App, then you may be sharing your information with those companies, depending on encryption policies used by the messaging company. For example, if you use the “Share Directions” feature in the App, a link with your start and end points will be sent via messaging app. If the messaging app company you choose uses end-to-end encryption, your location link cannot be used or intercepted by that messaging app company.
Passengers and Drivers: To enable Native Bookings, we share certain information between passengers and drivers. If you are a driver, we share the following information with your assigned passengers: your first name, photograph, licence information, vehicle information, current location, and pick up and drop off location. If you call your passenger, your phone number will be visible on that passenger's phone. If you are a passenger, we share the following information with your driver when you are assigned your driver: first and last name, route information, current location, and pick up and drop off location. If you choose to call your driver, your phone number will also be visible on that driver's phone.
Communication Platforms: To send you transaction receipts for your Native Bookings and/or CM Pass subscription and to send you all other emails and update about our services, we use communication platforms such as Sendgrid and Mailchimp.
Identity Verification Service Provider: If you apply for a CM Pass, we use identity verification services like Onfido and credit reference agencies to verify your identity to prevent fraudulent or unauthorised use of CM Pass. They receive your name, home address and date of birth. If we are not able to verify your identity using this initial check, they will receive the additional information that you give us in order to verify your identity such as your Additional ID Documents. Identity verification agencies and credit reference agencies also use information from a number of different public sources (for example the electoral roll) to verify your identity. Credit reference agencies may also leave a ‘soft’ footprint on your credit file for the purpose of identity verification which should not affect your credit rating.
CM Pass card issuer: If you are a CM Pass user, we use Prepaid Financial Services (PFS) to issue and deliver the CM Pass card to you and to process transactions on your CM Pass card. PFS receives your name and home address. If you choose to use a mobile payment system for your CM Pass card, PFS will also receive your phone number. PFS may also undertake quality assurance checks of our identity verification process, in which case they will have access to your information available from public sources, your date of birth and any additional information that you give us in order to verify your identity such as your Additional ID Documents.
We'll only process your personal information where we have a legal basis for doing so. Our legal basis to process your personal data includes processing that is:
necessary for our legitimate interests, which are:
to research, develop, fix and provide new and tailored features for the App and CM Pass users;
to provide on-trip support to users and to ensure that the App and CM Pass are secure for users;
to accept and administer payment from users for use of Native Booking and/or CM Pass;
to verify users' identity to prevent fraudulent or unauthorised use of our services; and
to prevent breaches of our terms and policies or to prevent harmful or illegal activity;
necessary for the performance of our contract with you (e.g., so passengers and drivers can find each other, and to give you the route options you've requested);
necessary to comply with relevant legal and regulatory requirements; and
based on your consent (for example, where you provide us with marketing consents), which may be withdrawn at any time by contacting us at the email address specified below. For personalised advertising you can also withdraw your consent at any time via our in-app settings.
You have a legal right to request access to a copy of the personal information we hold about you. In order to do this, contact us at email@example.com. Please use the subject line “DSAR” and include details about what personal information you're looking for. You will need to have created an account in order for us to provide you with your information because without an account, we are not able to connect your Installation ID to a verifiable email address. You must have access to the email address that you used when you created the account so that we can verify your identity.
We store your personal information for as long as is necessary to provide our services and products. You have the right to request we delete your personal information if you believe that we no longer need it for the purposes for which it was provided, you wish to withdraw your consent (and we have no other lawful basis to use the data), or we are not using your information in a lawful matter. For legal reasons, we may not always be able to delete your information.
If you ask us to delete your personal information by emailing us at firstname.lastname@example.org, please use the subject line “Account Deletion”.
Note that residual copies may take longer to be removed from our backup systems which cannot be immediately overwritten. Where residual copies are still kept on our back-up systems, they are merely held on the system and are not used for any other purpose. We will keep a record of your request in order to ensure compliance with legal obligations.
We will keep a record of your request in order to ensure compliance with legal obligations.
For personalised advertising you can reset your Android Advertising ID or Apple Identifiers for Advertiser in your device settings.
You have the right at any time to prevent the use of your personal information for direct marketing purposes. If you no longer want to receive marketing messages from us, please let us know by writing to us at email@example.com or clicking on the unsubscribe button at the bottom of marketing emails and you will be unsubscribed accordingly. Please note that sometimes it can take a short amount of time to refresh our records for these purposes. Also, we may still send you non-promotional, transactional messages, or information about your account.
If you have opted in to personalised advertising you have the right to opt out at any time, you can do this via our in-app settings page.
We may send you information we think you may find useful (e.g., tube line and subway disruptions and alerts about CM Pass relevant to you) or which you have requested from us by push notification and/or by email (if provided). You can opt-out of receiving further notifications or emails if you wish.
We place great importance on the security of all information associated with our users. We use measures such as encryption, pseudonymisation, information access controls, and firewalls.
Keep in mind that submission of information over the internet and mobile networks is never entirely secure. We cannot guarantee the security of information you submit via the App whilst it is in transit over the internet or mobile networks and any such submission is at your own risk.
By providing you with products or services, we create records that contain your information, such as customer account records, payment and activity records. We manage our records to help us to serve our users well and to comply with legal and regulatory requirements. Records help us demonstrate that we are meeting our responsibilities and are evidence of our business activities.
How long we keep records depends on the type of record, the nature of the activity, product or service and the applicable legal or regulatory requirements. How long we retain your information may change based on business or legal and regulatory requirements. If you are a CM Pass user, we keep most of your data as long as you're using Pass and for six years after that to comply with the law and if we face a legal challenge. In some circumstances, we may keep data longer if we need to (because it's in our legitimate interest and/or if the law requires).
Information that you submit via the App is sent to and stored on secure servers located in the United Kingdom, other European Economic Area countries and in the United States. Information submitted by you may be transferred by us to our other offices and/or to the third parties mentioned in the circumstances described above, which may be situated outside the European Economic Area (for instance in the United States).
We work hard to handle your information responsibly. If you're unhappy about the way we do this, please contact our Data Protection Officer by email to firstname.lastname@example.org.
However, you also have the right to lodge a complaint about the data processing activities carried out by Citymapper with our lead supervisory authority, the UK Information Commissioner's Office. Our ICO registration number is ZA017660.