Crooz Privacy Notice
Last modified: 28/10/2024
Crooz
Privacy Notice
This Privacy Policy explains how Crooz its affiliates collect and use data. This notice applies to all Crooz users globally, unless they use a service covered by a separate privacy notice. This notice specifically applies to:
Riders: those who request or receive transportation and related services via their Crooz account.
Drivers: those who provide transportation to Riders individually via their Crooz account or through partner transportation companies.
This notice also governs Crooz’s other collections of data in connection with its services. All those subject to this notice are referred to as “users” in this notice. Our privacy practices are subject to applicable laws in the places in which we operate. This means that we engage in the practices described in this notice in a particular country or region only if permitted under the laws of those places.
A. Data collections and uses
Crooz collects data:
provided by users to Crooz
created during use of our services
from other sources
1. Data provided by users. This includes:
Account information: We collect data when users create or update their Crooz accounts, or place orders via guest checkout features. This includes first and last name, email, phone number, login name and password, address, profile picture, payment or banking information (including related payment verification information), user settings (including accessibility settings), and loyalty program information for Crooz partners. For drivers and delivery persons, this also includes vehicle or insurance information, emergency contact information, and evidence of health or fitness to provide services using Crooz apps.
Background check information (drivers and delivery persons): This includes information submitted during the driver/delivery person application process, such as driver history or criminal record (where permitted by law), license status, known aliases, prior addresses, and right to work. This information may be collected by Crooz service providers.
Identity verification documents and photos: This includes government issued identification such as driver’s license or passports (which may contain identification photos and numbers, date of birth, and gender), and user-submitted photos such as selfies and profile pictures.
Demographic data: We collect demographic data such as birth date/age, gender or occupation when necessary to enable certain features, or provide access to age-restricted products or services. For example, we collect users’ date of birth or age to verify eligibility to use Crooz Cash or Crooz Money, or when they purchase alcohol or cannabis products. We also collect or infer (using first name) gender information to enable female or non-binary users to designate their preference for providing or receiving services to/from female or non-binary users, as well as for marketing and advertising. We also collect demographic data, such as age group and household composition, through user surveys.
User content: We collect data (including chat logs and call recordings) when users contact Crooz customer support, provide ratings or feedback for users, restaurants or merchants, use features that enable users to upload content or submit recordings (including in-app audio recordings or dashboard cameras recordings), or otherwise contact Crooz.
2. Data created during use of our services. This includes:
Location data (driver and delivery person): We collect precise and approximate location data from drivers’ and delivery persons’ mobile devices when the Crooz app is running in the foreground (app open and on-screen) or background (app open but not on-screen).
Location data (riders and order recipients). We collect precise and/or approximate location information from riders’ and order recipients’ mobile devices if they enable us to do so via their device settings.
Crooz collects such data from the time a ride or order is requested until it is finished, and any time the app is running in the foreground (app open and on-screen). See “Choice and transparency” below for information on how riders and order recipients can enable precise location data collection.
Riders and order recipients may use the Crooz apps without enabling collection of location data from their mobile devices. However, this may affect certain features in the Crooz apps. For example, a rider who has not enabled precise location data will have to manually enter their pickup address.
In addition, precise location data collected from a driver’s device during a trip is linked to the rider’s account, even if the rider has not enabled precise location data to be collected from their device. This data is used for purposes such as customer support, fraud detection, insurance, litigation and receipt generation.Transaction information: We collect transaction information related to the use of our services, including the type of services requested or provided; trip or order details (such as date and time, requested pick-up and drop off addresses, distance traveled and items ordered, such as food, prescription drugs or other delivery items); and payment transaction information (such as a restaurant’s or merchant's name and location, amount charged, and payment method). We also associate a user’s name with that of anyone who uses their promotion code. This also includes information provided by users when placing their order, such as their allergies information.
Usage data: We collect data about how users interact with our services. This includes access dates and times, app features or pages viewed, browser type, and app crashes and other system activity.
Device data: We collect data about the devices used to access our services, including the hardware models, device IP address or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, device motion data, and mobile network data.
Communications data: We collect data regarding communications between users that are enabled through Crooz’s apps. This includes communication type (phone, text or in-app message), date/time, and content (including recordings of phone calls solely when users are notified of the recording in advance).
3. Data from other sources. These include:
users participating in our referral programs. For example, when a user refers another person, we receive the referred person’s data from that user.
Crooz account owners who request services for or on behalf of other users (such as friends or family members), or who enable other users to request or receive services through their business accounts (such as Enterprise Customers).
users or others providing information in connection with claims or disputes.
Crooz business partners through which users create or access their Crooz account, such as payment providers, social media services, or apps or websites that use Crooz’s APIs or whose APIs Crooz uses.
Crooz business partners in connection with debit or credit cards issued by a financial institution in partnership with Crooz to the extent disclosed in the terms and conditions for the card.
service providers who help us verify users’ identity, background information, and eligibility to work, detect fraud, and screen users in connection with sanctions, anti-money laundering, or know-your-customer requirements.
insurance, vehicle, or financial services providers for drivers and/or delivery persons.
partner transportation companies (for drivers or delivery persons who use our services through an account associated with such a company).
publicly available sources.
marketing partners and service providers, including banks in connection with cash back programs, and data resellers.
law enforcement officials, public health officials, and other government authorities.
B. How we use data
Crooz uses data to enable reliable and convenient transportation, delivery, and other products and services. We also use data:
to enhance the safety and security of our users and services
for customer support
for research and development
to enable communications between users
for marketing and advertising
to send non-marketing communications to users
in connection with legal proceedings
Please see here for a summary of the data we collect and how we use it.
Crooz uses the data we collect:
To provide our services. Crooz uses data to provide, personalize, maintain, and improve our services. This includes using data to:
create/update accounts.
enable transportation, delivery and other services/features, such as:
using location data to navigate rider pick-ups and order drop-offs, calculate ETAs, and track the progress of rides or deliveries.
enabling features that involve data sharing, such as sharing driver first name and vehicle information with riders to facilitate pick-ups, or features that enable ETA sharing and fare splitting.
matching available drivers and delivery persons to users requesting services, including based on personal data such as location and proximity to other users, and user settings / preferences (such as preferred destinations), and non-personal data such as vehicle type requested.
enabling accessibility features.
enabling features that involve account linking
facilitating and optimizing rental cars’ reservation, pick up and drop off through Crooz Rent.
calculating prices and fares, including using location data and trip or order details (such as requested pick-up and drop off addresses). We may also consider non-personal data or factors, including date and time, estimated distance and time, minimum base fares, tolls, taxes and fees, and surge pricing.
process payments, and enable payment and e-money products such as Crooz Money.
personalize users’ accounts. For example, we may present order recipients with personalized restaurant or food recommendations based on their prior orders and delivery location.
facilitate insurance, vehicle, invoicing, or financing solutions.
provide users with trip or delivery updates, generate receipts, and inform them of changes to our terms, services, or policies.
perform necessary operations to maintain our services, including to troubleshoot software bugs and operational problems.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, are compatible with such uses, or are necessary for purposes of Crooz’s and its users’ legitimate interests.
2. Safety, fraud protection and security. We use data to help maintain the safety, security, and integrity of our services and users. This includes:
verifying users' accounts, identity or compliance with safety requirements.
For example, we review driver and delivery person background checks (including criminal history where required or permitted by law) to verify their identities and eligibility to provide transportation or deliveries.
In the South Africa, we may also perform rider and order recipient identity verification using names, date of birth, emails, telephone numbers, payment information, and third party wallets, to help deter use of our services by fraudulent accounts.
We process and compare user profile pictures, government-issued identification photos and numbers, or other user-submitted photographs to perform this verification, including in some regions through use of facial recognition technology. We also use such technology to prevent fraudulent use of identification photos, or to prevent users from creating multiple accounts.
We also use facial recognition technology to prevent fraudulent use of Crooz accounts by those other than the account owner. This is done through Crooz’s Real-Time ID Check, which regularly asks drivers and delivery persons to take a selfie before they can go online and compares it with their profile picture. (In the UK, we also use location and device data associated with such selfies for this purpose). We also use this feature to verify change of bank account information, and to facilitate regaining account access.
using customer service information (including reports of safety incidents), device data (e.g., to detect speeding or harsh braking / acceleration), transaction, and usage data to identify potentially unsafe drivers and driving. This can lead to drivers and delivery persons receiving messages encouraging safer driving, and/or account deactivation following human review.
using account, device, location, usage, transaction, wireless carrier, and other data, including communications between users and metadata, to prevent, detect, and combat fraud, including by guest users.
using reported incidents, user ratings, and other feedback to encourage safe use of Crooz’s platform and compliance with our terms and as grounds for deactivating users with low ratings.
using driver data (such as past trip information and reported incident rates) and rider data (such as account information, cancellation and reported incident rates, current pick-up and drop-off location, past trip information, and ratings information) to predict and help avoid pairings of users that may result in increased risk of conflict.* We also avoid pairings where one user has previously given the other a low (e.g., 1 star) rating.
using location, phone number, user name, vehicle details and other relevant information to provide live support from safety experts during trips or deliveries.
The fraud and unsafe driving prevention and detection activities described above may be considered profiling under applicable laws, and can result in deactivation of users (generally only after human review). For information regarding how to object to the above activities, please see “Choice and transparency” below.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, and/or for purposes of the legitimate safety and security interests of Crooz, our users and members of the general public.
3. Customer support. We use the information we collect (which may include call recordings, chat logs, in-app audio recordings and dashcam footage) to provide customer support, including to investigate and address user concerns and to monitor and improve our customer support responses and processes.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users or for purposes of Crooz’s legitimate interests in monitoring and improving its customer support services.
4. Research and development. We use data for analysis, machine learning, product development, research, and testing. This helps us make our services more convenient and easy-to-use, enhance the safety and security of our services, and develop new services and features.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in improving and developing new services and features.
5. Enabling communications between users. For example, a driver may message or call a rider to confirm a pick-up location, a rider may call a driver to retrieve a lost item, or a restaurant or delivery person may contact an order recipient with information about their order.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users.
6. Marketing and Advertising. Crooz uses data (other than guest users’ data) to market its services, and those of Crooz partners.
We specifically use account, approximate location, device and usage data, preferred language, and trip and order history to provide ads and marketing communications that are personalized based on users’ observed or inferred location, interests and characteristics (which may include inferred gender*).
This includes using this data to:
send emails, text messages, push notifications, and in-app messages or other communications marketing or advertising Crooz products, services, features, offers, promotions, sweepstakes, news and events. For example, we may send push notifications suggesting a user’s favorite destinations or merchants, or in-app messages offering discounts or promo for products or merchants similar to those a user has previously ordered.
display personalized advertising on third party apps or websites.
display third party advertising in Crooz’s apps or in connection with our services. For example, we display ads for restaurants or merchants that are available on Crooz’s apps. These ads (which are identified as “Sponsored Listings” in Crooz’s apps) include recommendations that are personalized based on users’ location and order histories.
We also display ads for third party products that are not available on Crooz’s apps. These ads may contain links to third party apps or websites. Users should refer to such third parties’ privacy notices for information on their collection and use of data when visiting such apps or websites.
We also provide ads that are personalized based on data about users’ current trip or delivery request, including time of request and services requested. For example, if a user requests a trip to a supermarket, we may display in-app ads for third party products that may be available at that supermarket.
We also measure the effectiveness of Crooz’s ads, and of third party ads displayed in Crooz’s apps or in connection with our services.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in informing users about Crooz services and features or those offered by Crooz partners.
7. Non-marketing communications. Crooz may use data to send surveys and other communications that are not for the purpose of marketing the services or products of Crooz or its partners. We may also send users communications regarding elections, ballots, referenda, and other political processes that relate to our services. For example, Crooz has notified users of ballot measures or pending legislation relating to Crooz’s services in those users’ areas.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, or for purposes of Crooz’s and its users’ legitimate interests in informing users about events that may have an impact on their use of Crooz’s services.
8. Legal proceedings and requirements. We use data to investigate or address claims or disputes relating to use of Crooz’s services, to satisfy requirements under applicable laws, regulations, operating licenses or agreements, insurance policies, or pursuant to legal process or governmental request, including from law enforcement.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in investigating and responding to claims and disputes relating to use of Crooz’s services and features, and/or necessary for compliance with applicable legal requirements.
C. Cookies and third-party technologies
Crooz and its partners use cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this notice, and Crooz’s Cookie Notice.
Cookies are small text files that are stored on browsers or devices by websites, apps, online media, and ads.Crooz uses cookies and similar technologies for purposes such as:
authenticating users
remembering user preferences and settings
determining the popularity of content
delivering and measuring the effectiveness of advertising campaigns
analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services
We may also allow others to provide audience measurement and analytics services for us, to serve ads on our behalf across the internet or for other companies’ products and services on our apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and services.
D. Data sharing and disclosure
Some of Crooz’s services and features require that we share data with other users, or at users’ request or with their consent. We may also share such data with our affiliates, subsidiaries, and partners, for legal reasons or in connection with claims or disputes.
Crooz may share data:
1. With other users
This includes sharing:
riders’ first name, rating, and pickup and/or dropoff locations with drivers.
riders’ first name with other riders in a carpool trip. Riders in carpool trips may also see the other riders’ dropoff location.
order recipients’ first name and order details, including items ordered, allergies or food preferences and special instructions, with other recipients in a group order.
order recipients’ first name, delivery address, and order information (including drug prescriptions, special instructions, allergies or food preferences) with the restaurant or merchant and, for order deliveries, with the delivery person. We may also share ratings and feedback, or other information to the extent required by law, with the restaurant or merchant and, for order deliveries, the delivery person.
for drivers and delivery persons, we may share data with the riders, order recipients and restaurants or merchants, including name and photo; vehicle make, model, color, license plate, and vehicle photo; location (before and during trip); average rating provided by users; total number of trips; period of time since they signed up to be a driver or delivery person; contact information; and driver or delivery person profile, including compliments and other feedback submitted by past users. For drivers and delivery persons who self-identify as deaf or hard of hearing via our in-app accessibility settings, we will share that information with the riders and order recipients.
We also provide riders and order recipients with receipts containing information such as a breakdown of amounts charged, driver or delivery person first name, photo, and route map. We also include other information on those receipts if required by law.With an account owner when used by another person, such as when a rider uses their employer’s Crooz for Business profile, a rider or order recipients uses an account linked to their Family profile, a driver or delivery person uses an account owned by or associated with an Crooz partner transportation company or restaurant, or a delivery person acts as a substitute (UK only).
In addition, if a user creates an account using an email address affiliated with an Crooz for Business account owner (i.e., their employer), we may use, and share their profile data (such as name and email address) with such account owner, to help that user expense trips or orders to that Crooz for Business account.for those who participate in Crooz’s referral program, we share certain data of referred users, such as trip count, with the user who referred them as necessary to determine the referral bonus.
2. At users’ request or with users’ consent
This includes sharing data with:
Other people at a user’s request. For example, we share a user’s ETA and location with a friend when requested by that user, or a user’s trip information when they split a fare with a friend.
Crooz business partners. For example, if a user requests a service through a partnership or promotional offering made by a third party, Crooz may share certain data with those third parties. This may include, for example, other services, platforms, apps, or websites that integrate with our APIs; vehicle suppliers or services; those with an API or service with which we integrate; or restaurants, merchants or other Crooz business partners and their users in connection with promotions, contests, or specialized services.
Emergency services. We offer features that enable users to share their data with police, fire, and ambulance services in the event of an emergency or after certain incidents. For more information, please see “Choice and Transparency” and “Emergency Data Sharing” below.
Insurance companies. If a user has reported or submits a claim to an insurance company relating to Crooz’s services, Crooz will share certain data with that insurance company for the purpose of adjusting or handling the user’s insurance claim.
Merchants or restaurants. If an order recipient adds a merchant loyalty membership number to their user account, Crooz will share their loyalty membership and order details with such merchant or restaurant when they place an order. Order recipients may also opt-in to share their contact and order details with a specific merchant or restaurant to receive marketing communications from such merchant or restaurant.
General public. Questions or comments from users submitted through public forums such as Crooz blogs and Crooz social media pages may be viewable by the public, including any data included in the questions or comments submitted by a user.
3. With Crooz subsidiaries and affiliates
We share data with our subsidiaries and affiliates to help us provide our services or conduct data processing on our behalf. For example, Crooz processes and stores such data in the United States on behalf of its international subsidiaries and affiliates.
4. With Crooz service providers and business partners
These include the third parties, or categories of third parties, listed below. Where a third party is identified, please see their linked privacy notices for information regarding their collection and use of personal data.
payment processors and facilitators, including PayPal and Hyperwallet.
background check, identity verification and risk solutions providers.
cloud storage providers.
customer support platform and service providers.
Google, in connection with the use of Google Maps in Crooz’s apps.
social media companies, including Facebook and TikTok, in connection with Crooz’s use of their tools in Crooz’s apps and websites.
marketing partners and marketing platform providers, including social media advertising services, advertising networks, third-party data providers, and other service providers to reach or better understand our users and measure advertising effectiveness.
This includes advertising intermediaries, such as The Trade Desk, Google, Criteo and Rokt and others, that enable Crooz to display and/or measure the effectiveness of personalized ads for third party products that are displayed in Crooz’s apps. We share data -- including advertising or device identifier, hashed email address, approximate location, current trip or order information, and ad interaction data -- with these intermediaries to enable their services and for such other purposes as are disclosed in their privacy notices. Users may opt out from ad personalization in the Crooz app.research partners, including those performing surveys or research projects in partnership with Croozor on Crooz’s behalf.
service providers that assist Crooz to enhance the safety and security of Crooz apps and services.
service providers that provide us with artificial intelligence and machine learning tools and services.
accountants, consultants, lawyers, and other professional service providers.
insurance and financing partners.
insurance companies, in connection with insurance claims made or reported by a user relating toCrooz’s services, and for the purpose of adjusting or handling the insurance claim.
airports.
third-party vehicle suppliers, including fleet and rental partners.
5. For legal reasons or in the event of a dispute
Crooz may share users’ data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, insurance policy, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing data with law enforcement officials, public health officials, other government authorities, airports (if required by the airport authorities as a condition of operating on airport property), insurance companies, or other third parties as necessary to enforce our Terms of Service, user agreements, or other policies; to protect Crooz’s rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our services. In the event of a dispute relating to use of another person’s credit card, we may be required by law to share a user’s data, including trip or order information, with the owner of that credit card.
For more information, please see Crooz’s Guidelines for Law Enforcement Authorities - United States, Guidelines for Law Enforcement Authorities - Outside the US, and Guidelines for Third Party Data Requests and Service of Legal Documents.
This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
6. With consent
Crooz may share a user’s data other than as described in this notice if we notify the user and they consent to the sharing.
E. Data retention and deletion
Crooz retains user data for as long as necessary for the purposes described above. Users may request account deletion through the Crooz apps and websites.
Crooz retains user data for as long as necessary for the purposes described above, which varies depending on data type, the category of user to whom the data relates, the purposes for which we collected the data, and whether the data must be retained after an account deletion request for the purposes described below.
For example, we retain data:
for the life of users’ accounts if such data is necessary to provide our services. E.g., account data.
for 7 years if necessary to comply with tax requirements. E.g., drivers’ and delivery persons’ trip or delivery location information.
for defined periods as necessary for purposes of safety or fraud prevention. E.g., we retain incomplete driver applications for 1 year, and rejected driver applications for 7 years.
Users may request deletion of their account through the Privacy menus in the Crooz app, or through Crooz’s website.
Following an account deletion request, we delete the user’s account and data, except as necessary for purposes of safety, security, fraud prevention or compliance with legal requirements, or because of issues relating to the user’s account (such as an outstanding credit or an unresolved claim or dispute). For drivers and delivery persons, this generally means that we retain certain of their data for as long as necessary for actual or potential tax, litigation, or insurance claims. For rider and order recipients, we generally delete data within 90 days of an account deletion request, except where retention is necessary for the above reasons.
IV. Choice and transparency
Crooz enables users to access and/or control data that Crooz collects, including through:
privacy settings
device permissions
in-app ratings pages
marketing and advertising choices
Crooz also enables users to request access to or copies of their data, make changes or updates to their accounts, request deletion of their accounts, or request that Crooz restrict its processing of user data.
1. Privacy settings
Riders and order recipients can set or update their preferences regarding location data collection and sharing, emergency data sharing, and notifications in Crooz’s Privacy Center, which is accessible via the Privacy menu in the Crooz apps.
Location data collection (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s collection of their mobile device location data through their device settings, which can be accessed via Location Sharing menu in the Privacy Center in the Crooz apps.Share Live Location (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s sharing of their mobile device real-time location data with their drivers or delivery persons (as applicable) through their device settings, which can be accessed via the Location Sharing menu in the Privacy Center in the Crooz apps.Gender identity
Riders can update their gender information through the Gender Identity menu, which can be accessed in the Ads and Data menu in the Privacy Center.Emergency Data Sharing
Riders may enable Crooz’s sharing of their mobile device real-time location data with emergency police, fire, and ambulance services. This includes sharing approximate location at the time the emergency call was placed; the car’s make, model, color, and license plate information; the rider’s name and phone number; pickup and dropoff locations; and the driver’s name.
Riders may enable/disable this feature via the Account > Settings > Privacy > Location Sharing menu, or the Safety Center.
Drivers and delivery persons can also enable/disable Emergency Data Sharing via the App settings > Emergency Data Sharing menu, or the Safety Toolkit.Notifications: discounts and news
Users may enable Crooz to send push notifications about discounts and news from Crooz. Users may control whether they receive push notifications here.Third-party app access
Users may authorize third-party applications to access their Crooz account data to enable additional features. Users can review / withdraw access by third-party applications by contacting support@crooz.io.
2. Device permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. Users should check the available settings on their devices, or check with their provider.
3. In-app ratings pages
After every trip, drivers and riders are able to rate each other on a scale from 1 to 5. An average of those ratings is associated with a user’s account and is displayed to other users for whom they provide or receive services. For example, rider ratings are available to drivers from whom they request transportation, and driver ratings are available to their riders.
Riders can see their average rating in the main menu of the Crooz app, and also access a breakdown of their average rating in Crooz’s Privacy Center.
Drivers can see their average rating after tapping their profile photo in the Crooz Driver app.
4. Marketing and advertising choices
Crooz provides users with the following choices regarding how their data is used for purposes of marketing and advertising:
Personalized marketing communications from Crooz: Users may choose here whether Crooz may use their data to send personalized communications (such as, emails, push notifications, and in-app messages) about Crooz products and services. Users may also choose here whether to receive any marketing emails or push notifications from Crooz.
Data Sharing and Tracking: Users may choose here whether Crooz may share their data with third parties, or collect data regarding their visits and actions on third-party apps or websites, for purposes of personalized ads.
Personalized Ads: Users may choose whether Crooz uses their Crooz trip, order or search history to personalize the ads they see on Crooz.
Cookies and related technologies: For information on how to control Crooz's use of cookies and related technologies, including for purposes of displaying personalized ads, please see our Cookie Notice.
5. User data requests
Crooz provides users with a variety of ways to learn about, control, and submit questions and comments about Crooz’s handling of their data. In addition to the methods indicated below, users may also submit data requests via our Privacy Inquiry Form (riders and order recipients here, drivers and delivery persons here).
Data access and portability: Depending on where they are located, users may have the right to “access” their data (meaning, to be informed of the data that Crooz has collected about them), and to “portability” of their data (meaning, to receive a copy of such data). Regardless of their location, Crooz provides several options for viewing and obtaining copies of the data Crooz has collected about them.
Users can access data including their profile data and trip or order history through the Crooz apps or via Crooz’s website.Changing or updating data: Users can edit the name, phone number, email address, payment method, and profile picture through the Settings menu in Crooz’s apps or driver portal.
Deleting data: Users may request deletion of their account by contacting support@crooz.io.
Objections, restrictions, and complaints: Users may request that we stop using all or some of their data, or that we limit our use of their data. This includes objecting to our use of data that is based on Crooz’s legitimate interests. Crooz may continue to process data after such objection or request to the extent required or permitted by law.
In addition, depending on their location, Users may have the right to file a complaint relating to Crooz’s handling of their data with the data protection authority in their country. For example, users in the EU and Latin America may submit such requests to the data protection authorities in the country in which they live.
V. Legal information
A. Data controllers and Data Protection Officer
Crooz (Pty) Ltd. is controller of the data processed in connection with use of Crooz’s services globally, except where it is joint controller with other Crooz affiliates.
Users may submit requests to exercise their rights regarding their data (riders and order recipients here; and drivers and delivery persons to support@crooz.io.
Users may also contact Crooz's Data Protection Officer by mail to support@crooz.io, regarding issues relating to Crooz's processing of their personal data, and their data protection rights.
B. Legal Framework for Data Transfers
Crooz operates, and processes user data, globally. We comply with applicable legal frameworks relating to the transfer of data.
Crooz operates, and processes user data, globally. This may result in processing of your personal data in countries, including the United States, whose data protection laws may differ from those where you live.
This includes processing of your data on Crooz’s servers in the United States, and transferring or enabling access to your data globally, in order to:
provide you services wherever you request them.
provide you access to your information, such as trip / order history, wherever you request it.
provide access to and responses from Crooz’s customer service agents.
respond to requests for information by governments or law enforcement, as necessary.
Crooz is committed to protecting our users’ personal data regardless of where they are located or where, or by who, their personal data is processed. This includes implementing global measures to protect users’ data, including:
securing user data when in transit, including through encryption, and at rest.
mandating company-wide training regarding privacy and data security.
implementing internal policies and procedures to limit access to, and use of, users’ data.
limiting government and law enforcement access to user data, except where required by law, there are imminent threats to safety, or users’ have consented to the access. Please see Crooz’s Transparency Report for more information regarding our practices relating to law enforcement requests.
When we transfer user data from the EEA, UK and Switzerland, we do so on the basis of the necessity to fulfill our agreements with users, consent, adequacy decisions regarding the country of transfer (available here, here or here), and transfer mechanisms such as the Standard Contractual Clauses adopted by the European Commission (and their approved equivalents for the UK and Switzerland), and the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), as set forth by the U.S. Department of Commerce. Such data remains subject to the GDPR or equivalents after such transfer. Users may contact Crooz regarding the above, or to request copies of applicable Standard Contractual Clauses.
C. Updates to this Privacy Notice
We may occasionally update this notice.
We may occasionally update this notice. If we make significant changes, we will notify users in advance of the changes through the Crooz apps or through other means, such as email. We encourage users to periodically review this notice for the latest information on our privacy practices.
Use of our services after an update constitutes consent to the updated notice to the extent permitted by law.
Last modified: 28/10/2024
Crooz
Privacy Notice
This Privacy Policy explains how Crooz its affiliates collect and use data. This notice applies to all Crooz users globally, unless they use a service covered by a separate privacy notice. This notice specifically applies to:
Riders: those who request or receive transportation and related services via their Crooz account.
Drivers: those who provide transportation to Riders individually via their Crooz account or through partner transportation companies.
This notice also governs Crooz’s other collections of data in connection with its services. All those subject to this notice are referred to as “users” in this notice. Our privacy practices are subject to applicable laws in the places in which we operate. This means that we engage in the practices described in this notice in a particular country or region only if permitted under the laws of those places.
A. Data collections and uses
Crooz collects data:
provided by users to Crooz
created during use of our services
from other sources
1. Data provided by users. This includes:
Account information: We collect data when users create or update their Crooz accounts, or place orders via guest checkout features. This includes first and last name, email, phone number, login name and password, address, profile picture, payment or banking information (including related payment verification information), user settings (including accessibility settings), and loyalty program information for Crooz partners. For drivers and delivery persons, this also includes vehicle or insurance information, emergency contact information, and evidence of health or fitness to provide services using Crooz apps.
Background check information (drivers and delivery persons): This includes information submitted during the driver/delivery person application process, such as driver history or criminal record (where permitted by law), license status, known aliases, prior addresses, and right to work. This information may be collected by Crooz service providers.
Identity verification documents and photos: This includes government issued identification such as driver’s license or passports (which may contain identification photos and numbers, date of birth, and gender), and user-submitted photos such as selfies and profile pictures.
Demographic data: We collect demographic data such as birth date/age, gender or occupation when necessary to enable certain features, or provide access to age-restricted products or services. For example, we collect users’ date of birth or age to verify eligibility to use Crooz Cash or Crooz Money, or when they purchase alcohol or cannabis products. We also collect or infer (using first name) gender information to enable female or non-binary users to designate their preference for providing or receiving services to/from female or non-binary users, as well as for marketing and advertising. We also collect demographic data, such as age group and household composition, through user surveys.
User content: We collect data (including chat logs and call recordings) when users contact Crooz customer support, provide ratings or feedback for users, restaurants or merchants, use features that enable users to upload content or submit recordings (including in-app audio recordings or dashboard cameras recordings), or otherwise contact Crooz.
2. Data created during use of our services. This includes:
Location data (driver and delivery person): We collect precise and approximate location data from drivers’ and delivery persons’ mobile devices when the Crooz app is running in the foreground (app open and on-screen) or background (app open but not on-screen).
Location data (riders and order recipients). We collect precise and/or approximate location information from riders’ and order recipients’ mobile devices if they enable us to do so via their device settings.
Crooz collects such data from the time a ride or order is requested until it is finished, and any time the app is running in the foreground (app open and on-screen). See “Choice and transparency” below for information on how riders and order recipients can enable precise location data collection.
Riders and order recipients may use the Crooz apps without enabling collection of location data from their mobile devices. However, this may affect certain features in the Crooz apps. For example, a rider who has not enabled precise location data will have to manually enter their pickup address.
In addition, precise location data collected from a driver’s device during a trip is linked to the rider’s account, even if the rider has not enabled precise location data to be collected from their device. This data is used for purposes such as customer support, fraud detection, insurance, litigation and receipt generation.Transaction information: We collect transaction information related to the use of our services, including the type of services requested or provided; trip or order details (such as date and time, requested pick-up and drop off addresses, distance traveled and items ordered, such as food, prescription drugs or other delivery items); and payment transaction information (such as a restaurant’s or merchant's name and location, amount charged, and payment method). We also associate a user’s name with that of anyone who uses their promotion code. This also includes information provided by users when placing their order, such as their allergies information.
Usage data: We collect data about how users interact with our services. This includes access dates and times, app features or pages viewed, browser type, and app crashes and other system activity.
Device data: We collect data about the devices used to access our services, including the hardware models, device IP address or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, device motion data, and mobile network data.
Communications data: We collect data regarding communications between users that are enabled through Crooz’s apps. This includes communication type (phone, text or in-app message), date/time, and content (including recordings of phone calls solely when users are notified of the recording in advance).
3. Data from other sources. These include:
users participating in our referral programs. For example, when a user refers another person, we receive the referred person’s data from that user.
Crooz account owners who request services for or on behalf of other users (such as friends or family members), or who enable other users to request or receive services through their business accounts (such as Enterprise Customers).
users or others providing information in connection with claims or disputes.
Crooz business partners through which users create or access their Crooz account, such as payment providers, social media services, or apps or websites that use Crooz’s APIs or whose APIs Crooz uses.
Crooz business partners in connection with debit or credit cards issued by a financial institution in partnership with Crooz to the extent disclosed in the terms and conditions for the card.
service providers who help us verify users’ identity, background information, and eligibility to work, detect fraud, and screen users in connection with sanctions, anti-money laundering, or know-your-customer requirements.
insurance, vehicle, or financial services providers for drivers and/or delivery persons.
partner transportation companies (for drivers or delivery persons who use our services through an account associated with such a company).
publicly available sources.
marketing partners and service providers, including banks in connection with cash back programs, and data resellers.
law enforcement officials, public health officials, and other government authorities.
B. How we use data
Crooz uses data to enable reliable and convenient transportation, delivery, and other products and services. We also use data:
to enhance the safety and security of our users and services
for customer support
for research and development
to enable communications between users
for marketing and advertising
to send non-marketing communications to users
in connection with legal proceedings
Please see here for a summary of the data we collect and how we use it.
Crooz uses the data we collect:
To provide our services. Crooz uses data to provide, personalize, maintain, and improve our services. This includes using data to:
create/update accounts.
enable transportation, delivery and other services/features, such as:
using location data to navigate rider pick-ups and order drop-offs, calculate ETAs, and track the progress of rides or deliveries.
enabling features that involve data sharing, such as sharing driver first name and vehicle information with riders to facilitate pick-ups, or features that enable ETA sharing and fare splitting.
matching available drivers and delivery persons to users requesting services, including based on personal data such as location and proximity to other users, and user settings / preferences (such as preferred destinations), and non-personal data such as vehicle type requested.
enabling accessibility features.
enabling features that involve account linking
facilitating and optimizing rental cars’ reservation, pick up and drop off through Crooz Rent.
calculating prices and fares, including using location data and trip or order details (such as requested pick-up and drop off addresses). We may also consider non-personal data or factors, including date and time, estimated distance and time, minimum base fares, tolls, taxes and fees, and surge pricing.
process payments, and enable payment and e-money products such as Crooz Money.
personalize users’ accounts. For example, we may present order recipients with personalized restaurant or food recommendations based on their prior orders and delivery location.
facilitate insurance, vehicle, invoicing, or financing solutions.
provide users with trip or delivery updates, generate receipts, and inform them of changes to our terms, services, or policies.
perform necessary operations to maintain our services, including to troubleshoot software bugs and operational problems.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, are compatible with such uses, or are necessary for purposes of Crooz’s and its users’ legitimate interests.
2. Safety, fraud protection and security. We use data to help maintain the safety, security, and integrity of our services and users. This includes:
verifying users' accounts, identity or compliance with safety requirements.
For example, we review driver and delivery person background checks (including criminal history where required or permitted by law) to verify their identities and eligibility to provide transportation or deliveries.
In the South Africa, we may also perform rider and order recipient identity verification using names, date of birth, emails, telephone numbers, payment information, and third party wallets, to help deter use of our services by fraudulent accounts.
We process and compare user profile pictures, government-issued identification photos and numbers, or other user-submitted photographs to perform this verification, including in some regions through use of facial recognition technology. We also use such technology to prevent fraudulent use of identification photos, or to prevent users from creating multiple accounts.
We also use facial recognition technology to prevent fraudulent use of Crooz accounts by those other than the account owner. This is done through Crooz’s Real-Time ID Check, which regularly asks drivers and delivery persons to take a selfie before they can go online and compares it with their profile picture. (In the UK, we also use location and device data associated with such selfies for this purpose). We also use this feature to verify change of bank account information, and to facilitate regaining account access.
using customer service information (including reports of safety incidents), device data (e.g., to detect speeding or harsh braking / acceleration), transaction, and usage data to identify potentially unsafe drivers and driving. This can lead to drivers and delivery persons receiving messages encouraging safer driving, and/or account deactivation following human review.
using account, device, location, usage, transaction, wireless carrier, and other data, including communications between users and metadata, to prevent, detect, and combat fraud, including by guest users.
using reported incidents, user ratings, and other feedback to encourage safe use of Crooz’s platform and compliance with our terms and as grounds for deactivating users with low ratings.
using driver data (such as past trip information and reported incident rates) and rider data (such as account information, cancellation and reported incident rates, current pick-up and drop-off location, past trip information, and ratings information) to predict and help avoid pairings of users that may result in increased risk of conflict.* We also avoid pairings where one user has previously given the other a low (e.g., 1 star) rating.
using location, phone number, user name, vehicle details and other relevant information to provide live support from safety experts during trips or deliveries.
The fraud and unsafe driving prevention and detection activities described above may be considered profiling under applicable laws, and can result in deactivation of users (generally only after human review). For information regarding how to object to the above activities, please see “Choice and transparency” below.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, and/or for purposes of the legitimate safety and security interests of Crooz, our users and members of the general public.
3. Customer support. We use the information we collect (which may include call recordings, chat logs, in-app audio recordings and dashcam footage) to provide customer support, including to investigate and address user concerns and to monitor and improve our customer support responses and processes.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users or for purposes of Crooz’s legitimate interests in monitoring and improving its customer support services.
4. Research and development. We use data for analysis, machine learning, product development, research, and testing. This helps us make our services more convenient and easy-to-use, enhance the safety and security of our services, and develop new services and features.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in improving and developing new services and features.
5. Enabling communications between users. For example, a driver may message or call a rider to confirm a pick-up location, a rider may call a driver to retrieve a lost item, or a restaurant or delivery person may contact an order recipient with information about their order.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users.
6. Marketing and Advertising. Crooz uses data (other than guest users’ data) to market its services, and those of Crooz partners.
We specifically use account, approximate location, device and usage data, preferred language, and trip and order history to provide ads and marketing communications that are personalized based on users’ observed or inferred location, interests and characteristics (which may include inferred gender*).
This includes using this data to:
send emails, text messages, push notifications, and in-app messages or other communications marketing or advertising Crooz products, services, features, offers, promotions, sweepstakes, news and events. For example, we may send push notifications suggesting a user’s favorite destinations or merchants, or in-app messages offering discounts or promo for products or merchants similar to those a user has previously ordered.
display personalized advertising on third party apps or websites.
display third party advertising in Crooz’s apps or in connection with our services. For example, we display ads for restaurants or merchants that are available on Crooz’s apps. These ads (which are identified as “Sponsored Listings” in Crooz’s apps) include recommendations that are personalized based on users’ location and order histories.
We also display ads for third party products that are not available on Crooz’s apps. These ads may contain links to third party apps or websites. Users should refer to such third parties’ privacy notices for information on their collection and use of data when visiting such apps or websites.
We also provide ads that are personalized based on data about users’ current trip or delivery request, including time of request and services requested. For example, if a user requests a trip to a supermarket, we may display in-app ads for third party products that may be available at that supermarket.
We also measure the effectiveness of Crooz’s ads, and of third party ads displayed in Crooz’s apps or in connection with our services.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in informing users about Crooz services and features or those offered by Crooz partners.
7. Non-marketing communications. Crooz may use data to send surveys and other communications that are not for the purpose of marketing the services or products of Crooz or its partners. We may also send users communications regarding elections, ballots, referenda, and other political processes that relate to our services. For example, Crooz has notified users of ballot measures or pending legislation relating to Crooz’s services in those users’ areas.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, or for purposes of Crooz’s and its users’ legitimate interests in informing users about events that may have an impact on their use of Crooz’s services.
8. Legal proceedings and requirements. We use data to investigate or address claims or disputes relating to use of Crooz’s services, to satisfy requirements under applicable laws, regulations, operating licenses or agreements, insurance policies, or pursuant to legal process or governmental request, including from law enforcement.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in investigating and responding to claims and disputes relating to use of Crooz’s services and features, and/or necessary for compliance with applicable legal requirements.
C. Cookies and third-party technologies
Crooz and its partners use cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this notice, and Crooz’s Cookie Notice.
Cookies are small text files that are stored on browsers or devices by websites, apps, online media, and ads.Crooz uses cookies and similar technologies for purposes such as:
authenticating users
remembering user preferences and settings
determining the popularity of content
delivering and measuring the effectiveness of advertising campaigns
analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services
We may also allow others to provide audience measurement and analytics services for us, to serve ads on our behalf across the internet or for other companies’ products and services on our apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and services.
D. Data sharing and disclosure
Some of Crooz’s services and features require that we share data with other users, or at users’ request or with their consent. We may also share such data with our affiliates, subsidiaries, and partners, for legal reasons or in connection with claims or disputes.
Crooz may share data:
1. With other users
This includes sharing:
riders’ first name, rating, and pickup and/or dropoff locations with drivers.
riders’ first name with other riders in a carpool trip. Riders in carpool trips may also see the other riders’ dropoff location.
order recipients’ first name and order details, including items ordered, allergies or food preferences and special instructions, with other recipients in a group order.
order recipients’ first name, delivery address, and order information (including drug prescriptions, special instructions, allergies or food preferences) with the restaurant or merchant and, for order deliveries, with the delivery person. We may also share ratings and feedback, or other information to the extent required by law, with the restaurant or merchant and, for order deliveries, the delivery person.
for drivers and delivery persons, we may share data with the riders, order recipients and restaurants or merchants, including name and photo; vehicle make, model, color, license plate, and vehicle photo; location (before and during trip); average rating provided by users; total number of trips; period of time since they signed up to be a driver or delivery person; contact information; and driver or delivery person profile, including compliments and other feedback submitted by past users. For drivers and delivery persons who self-identify as deaf or hard of hearing via our in-app accessibility settings, we will share that information with the riders and order recipients.
We also provide riders and order recipients with receipts containing information such as a breakdown of amounts charged, driver or delivery person first name, photo, and route map. We also include other information on those receipts if required by law.With an account owner when used by another person, such as when a rider uses their employer’s Crooz for Business profile, a rider or order recipients uses an account linked to their Family profile, a driver or delivery person uses an account owned by or associated with an Crooz partner transportation company or restaurant, or a delivery person acts as a substitute (UK only).
In addition, if a user creates an account using an email address affiliated with an Crooz for Business account owner (i.e., their employer), we may use, and share their profile data (such as name and email address) with such account owner, to help that user expense trips or orders to that Crooz for Business account.for those who participate in Crooz’s referral program, we share certain data of referred users, such as trip count, with the user who referred them as necessary to determine the referral bonus.
2. At users’ request or with users’ consent
This includes sharing data with:
Other people at a user’s request. For example, we share a user’s ETA and location with a friend when requested by that user, or a user’s trip information when they split a fare with a friend.
Crooz business partners. For example, if a user requests a service through a partnership or promotional offering made by a third party, Crooz may share certain data with those third parties. This may include, for example, other services, platforms, apps, or websites that integrate with our APIs; vehicle suppliers or services; those with an API or service with which we integrate; or restaurants, merchants or other Crooz business partners and their users in connection with promotions, contests, or specialized services.
Emergency services. We offer features that enable users to share their data with police, fire, and ambulance services in the event of an emergency or after certain incidents. For more information, please see “Choice and Transparency” and “Emergency Data Sharing” below.
Insurance companies. If a user has reported or submits a claim to an insurance company relating to Crooz’s services, Crooz will share certain data with that insurance company for the purpose of adjusting or handling the user’s insurance claim.
Merchants or restaurants. If an order recipient adds a merchant loyalty membership number to their user account, Crooz will share their loyalty membership and order details with such merchant or restaurant when they place an order. Order recipients may also opt-in to share their contact and order details with a specific merchant or restaurant to receive marketing communications from such merchant or restaurant.
General public. Questions or comments from users submitted through public forums such as Crooz blogs and Crooz social media pages may be viewable by the public, including any data included in the questions or comments submitted by a user.
3. With Crooz subsidiaries and affiliates
We share data with our subsidiaries and affiliates to help us provide our services or conduct data processing on our behalf. For example, Crooz processes and stores such data in the United States on behalf of its international subsidiaries and affiliates.
4. With Crooz service providers and business partners
These include the third parties, or categories of third parties, listed below. Where a third party is identified, please see their linked privacy notices for information regarding their collection and use of personal data.
payment processors and facilitators, including PayPal and Hyperwallet.
background check, identity verification and risk solutions providers.
cloud storage providers.
customer support platform and service providers.
Google, in connection with the use of Google Maps in Crooz’s apps.
social media companies, including Facebook and TikTok, in connection with Crooz’s use of their tools in Crooz’s apps and websites.
marketing partners and marketing platform providers, including social media advertising services, advertising networks, third-party data providers, and other service providers to reach or better understand our users and measure advertising effectiveness.
This includes advertising intermediaries, such as The Trade Desk, Google, Criteo and Rokt and others, that enable Crooz to display and/or measure the effectiveness of personalized ads for third party products that are displayed in Crooz’s apps. We share data -- including advertising or device identifier, hashed email address, approximate location, current trip or order information, and ad interaction data -- with these intermediaries to enable their services and for such other purposes as are disclosed in their privacy notices. Users may opt out from ad personalization in the Crooz app.research partners, including those performing surveys or research projects in partnership with Croozor on Crooz’s behalf.
service providers that assist Crooz to enhance the safety and security of Crooz apps and services.
service providers that provide us with artificial intelligence and machine learning tools and services.
accountants, consultants, lawyers, and other professional service providers.
insurance and financing partners.
insurance companies, in connection with insurance claims made or reported by a user relating toCrooz’s services, and for the purpose of adjusting or handling the insurance claim.
airports.
third-party vehicle suppliers, including fleet and rental partners.
5. For legal reasons or in the event of a dispute
Crooz may share users’ data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, insurance policy, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing data with law enforcement officials, public health officials, other government authorities, airports (if required by the airport authorities as a condition of operating on airport property), insurance companies, or other third parties as necessary to enforce our Terms of Service, user agreements, or other policies; to protect Crooz’s rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our services. In the event of a dispute relating to use of another person’s credit card, we may be required by law to share a user’s data, including trip or order information, with the owner of that credit card.
For more information, please see Crooz’s Guidelines for Law Enforcement Authorities - United States, Guidelines for Law Enforcement Authorities - Outside the US, and Guidelines for Third Party Data Requests and Service of Legal Documents.
This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
6. With consent
Crooz may share a user’s data other than as described in this notice if we notify the user and they consent to the sharing.
E. Data retention and deletion
Crooz retains user data for as long as necessary for the purposes described above. Users may request account deletion through the Crooz apps and websites.
Crooz retains user data for as long as necessary for the purposes described above, which varies depending on data type, the category of user to whom the data relates, the purposes for which we collected the data, and whether the data must be retained after an account deletion request for the purposes described below.
For example, we retain data:
for the life of users’ accounts if such data is necessary to provide our services. E.g., account data.
for 7 years if necessary to comply with tax requirements. E.g., drivers’ and delivery persons’ trip or delivery location information.
for defined periods as necessary for purposes of safety or fraud prevention. E.g., we retain incomplete driver applications for 1 year, and rejected driver applications for 7 years.
Users may request deletion of their account through the Privacy menus in the Crooz app, or through Crooz’s website.
Following an account deletion request, we delete the user’s account and data, except as necessary for purposes of safety, security, fraud prevention or compliance with legal requirements, or because of issues relating to the user’s account (such as an outstanding credit or an unresolved claim or dispute). For drivers and delivery persons, this generally means that we retain certain of their data for as long as necessary for actual or potential tax, litigation, or insurance claims. For rider and order recipients, we generally delete data within 90 days of an account deletion request, except where retention is necessary for the above reasons.
IV. Choice and transparency
Crooz enables users to access and/or control data that Crooz collects, including through:
privacy settings
device permissions
in-app ratings pages
marketing and advertising choices
Crooz also enables users to request access to or copies of their data, make changes or updates to their accounts, request deletion of their accounts, or request that Crooz restrict its processing of user data.
1. Privacy settings
Riders and order recipients can set or update their preferences regarding location data collection and sharing, emergency data sharing, and notifications in Crooz’s Privacy Center, which is accessible via the Privacy menu in the Crooz apps.
Location data collection (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s collection of their mobile device location data through their device settings, which can be accessed via Location Sharing menu in the Privacy Center in the Crooz apps.Share Live Location (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s sharing of their mobile device real-time location data with their drivers or delivery persons (as applicable) through their device settings, which can be accessed via the Location Sharing menu in the Privacy Center in the Crooz apps.Gender identity
Riders can update their gender information through the Gender Identity menu, which can be accessed in the Ads and Data menu in the Privacy Center.Emergency Data Sharing
Riders may enable Crooz’s sharing of their mobile device real-time location data with emergency police, fire, and ambulance services. This includes sharing approximate location at the time the emergency call was placed; the car’s make, model, color, and license plate information; the rider’s name and phone number; pickup and dropoff locations; and the driver’s name.
Riders may enable/disable this feature via the Account > Settings > Privacy > Location Sharing menu, or the Safety Center.
Drivers and delivery persons can also enable/disable Emergency Data Sharing via the App settings > Emergency Data Sharing menu, or the Safety Toolkit.Notifications: discounts and news
Users may enable Crooz to send push notifications about discounts and news from Crooz. Users may control whether they receive push notifications here.Third-party app access
Users may authorize third-party applications to access their Crooz account data to enable additional features. Users can review / withdraw access by third-party applications by contacting support@crooz.io.
2. Device permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. Users should check the available settings on their devices, or check with their provider.
3. In-app ratings pages
After every trip, drivers and riders are able to rate each other on a scale from 1 to 5. An average of those ratings is associated with a user’s account and is displayed to other users for whom they provide or receive services. For example, rider ratings are available to drivers from whom they request transportation, and driver ratings are available to their riders.
Riders can see their average rating in the main menu of the Crooz app, and also access a breakdown of their average rating in Crooz’s Privacy Center.
Drivers can see their average rating after tapping their profile photo in the Crooz Driver app.
4. Marketing and advertising choices
Crooz provides users with the following choices regarding how their data is used for purposes of marketing and advertising:
Personalized marketing communications from Crooz: Users may choose here whether Crooz may use their data to send personalized communications (such as, emails, push notifications, and in-app messages) about Crooz products and services. Users may also choose here whether to receive any marketing emails or push notifications from Crooz.
Data Sharing and Tracking: Users may choose here whether Crooz may share their data with third parties, or collect data regarding their visits and actions on third-party apps or websites, for purposes of personalized ads.
Personalized Ads: Users may choose whether Crooz uses their Crooz trip, order or search history to personalize the ads they see on Crooz.
Cookies and related technologies: For information on how to control Crooz's use of cookies and related technologies, including for purposes of displaying personalized ads, please see our Cookie Notice.
5. User data requests
Crooz provides users with a variety of ways to learn about, control, and submit questions and comments about Crooz’s handling of their data. In addition to the methods indicated below, users may also submit data requests via our Privacy Inquiry Form (riders and order recipients here, drivers and delivery persons here).
Data access and portability: Depending on where they are located, users may have the right to “access” their data (meaning, to be informed of the data that Crooz has collected about them), and to “portability” of their data (meaning, to receive a copy of such data). Regardless of their location, Crooz provides several options for viewing and obtaining copies of the data Crooz has collected about them.
Users can access data including their profile data and trip or order history through the Crooz apps or via Crooz’s website.Changing or updating data: Users can edit the name, phone number, email address, payment method, and profile picture through the Settings menu in Crooz’s apps or driver portal.
Deleting data: Users may request deletion of their account by contacting support@crooz.io.
Objections, restrictions, and complaints: Users may request that we stop using all or some of their data, or that we limit our use of their data. This includes objecting to our use of data that is based on Crooz’s legitimate interests. Crooz may continue to process data after such objection or request to the extent required or permitted by law.
In addition, depending on their location, Users may have the right to file a complaint relating to Crooz’s handling of their data with the data protection authority in their country. For example, users in the EU and Latin America may submit such requests to the data protection authorities in the country in which they live.
V. Legal information
A. Data controllers and Data Protection Officer
Crooz (Pty) Ltd. is controller of the data processed in connection with use of Crooz’s services globally, except where it is joint controller with other Crooz affiliates.
Users may submit requests to exercise their rights regarding their data (riders and order recipients here; and drivers and delivery persons to support@crooz.io.
Users may also contact Crooz's Data Protection Officer by mail to support@crooz.io, regarding issues relating to Crooz's processing of their personal data, and their data protection rights.
B. Legal Framework for Data Transfers
Crooz operates, and processes user data, globally. We comply with applicable legal frameworks relating to the transfer of data.
Crooz operates, and processes user data, globally. This may result in processing of your personal data in countries, including the United States, whose data protection laws may differ from those where you live.
This includes processing of your data on Crooz’s servers in the United States, and transferring or enabling access to your data globally, in order to:
provide you services wherever you request them.
provide you access to your information, such as trip / order history, wherever you request it.
provide access to and responses from Crooz’s customer service agents.
respond to requests for information by governments or law enforcement, as necessary.
Crooz is committed to protecting our users’ personal data regardless of where they are located or where, or by who, their personal data is processed. This includes implementing global measures to protect users’ data, including:
securing user data when in transit, including through encryption, and at rest.
mandating company-wide training regarding privacy and data security.
implementing internal policies and procedures to limit access to, and use of, users’ data.
limiting government and law enforcement access to user data, except where required by law, there are imminent threats to safety, or users’ have consented to the access. Please see Crooz’s Transparency Report for more information regarding our practices relating to law enforcement requests.
When we transfer user data from the EEA, UK and Switzerland, we do so on the basis of the necessity to fulfill our agreements with users, consent, adequacy decisions regarding the country of transfer (available here, here or here), and transfer mechanisms such as the Standard Contractual Clauses adopted by the European Commission (and their approved equivalents for the UK and Switzerland), and the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), as set forth by the U.S. Department of Commerce. Such data remains subject to the GDPR or equivalents after such transfer. Users may contact Crooz regarding the above, or to request copies of applicable Standard Contractual Clauses.
C. Updates to this Privacy Notice
We may occasionally update this notice.
We may occasionally update this notice. If we make significant changes, we will notify users in advance of the changes through the Crooz apps or through other means, such as email. We encourage users to periodically review this notice for the latest information on our privacy practices.
Use of our services after an update constitutes consent to the updated notice to the extent permitted by law.
Last modified: 28/10/2024
Crooz
Privacy Notice
This Privacy Policy explains how Crooz its affiliates collect and use data. This notice applies to all Crooz users globally, unless they use a service covered by a separate privacy notice. This notice specifically applies to:
Riders: those who request or receive transportation and related services via their Crooz account.
Drivers: those who provide transportation to Riders individually via their Crooz account or through partner transportation companies.
This notice also governs Crooz’s other collections of data in connection with its services. All those subject to this notice are referred to as “users” in this notice. Our privacy practices are subject to applicable laws in the places in which we operate. This means that we engage in the practices described in this notice in a particular country or region only if permitted under the laws of those places.
A. Data collections and uses
Crooz collects data:
provided by users to Crooz
created during use of our services
from other sources
1. Data provided by users. This includes:
Account information: We collect data when users create or update their Crooz accounts, or place orders via guest checkout features. This includes first and last name, email, phone number, login name and password, address, profile picture, payment or banking information (including related payment verification information), user settings (including accessibility settings), and loyalty program information for Crooz partners. For drivers and delivery persons, this also includes vehicle or insurance information, emergency contact information, and evidence of health or fitness to provide services using Crooz apps.
Background check information (drivers and delivery persons): This includes information submitted during the driver/delivery person application process, such as driver history or criminal record (where permitted by law), license status, known aliases, prior addresses, and right to work. This information may be collected by Crooz service providers.
Identity verification documents and photos: This includes government issued identification such as driver’s license or passports (which may contain identification photos and numbers, date of birth, and gender), and user-submitted photos such as selfies and profile pictures.
Demographic data: We collect demographic data such as birth date/age, gender or occupation when necessary to enable certain features, or provide access to age-restricted products or services. For example, we collect users’ date of birth or age to verify eligibility to use Crooz Cash or Crooz Money, or when they purchase alcohol or cannabis products. We also collect or infer (using first name) gender information to enable female or non-binary users to designate their preference for providing or receiving services to/from female or non-binary users, as well as for marketing and advertising. We also collect demographic data, such as age group and household composition, through user surveys.
User content: We collect data (including chat logs and call recordings) when users contact Crooz customer support, provide ratings or feedback for users, restaurants or merchants, use features that enable users to upload content or submit recordings (including in-app audio recordings or dashboard cameras recordings), or otherwise contact Crooz.
2. Data created during use of our services. This includes:
Location data (driver and delivery person): We collect precise and approximate location data from drivers’ and delivery persons’ mobile devices when the Crooz app is running in the foreground (app open and on-screen) or background (app open but not on-screen).
Location data (riders and order recipients). We collect precise and/or approximate location information from riders’ and order recipients’ mobile devices if they enable us to do so via their device settings.
Crooz collects such data from the time a ride or order is requested until it is finished, and any time the app is running in the foreground (app open and on-screen). See “Choice and transparency” below for information on how riders and order recipients can enable precise location data collection.
Riders and order recipients may use the Crooz apps without enabling collection of location data from their mobile devices. However, this may affect certain features in the Crooz apps. For example, a rider who has not enabled precise location data will have to manually enter their pickup address.
In addition, precise location data collected from a driver’s device during a trip is linked to the rider’s account, even if the rider has not enabled precise location data to be collected from their device. This data is used for purposes such as customer support, fraud detection, insurance, litigation and receipt generation.Transaction information: We collect transaction information related to the use of our services, including the type of services requested or provided; trip or order details (such as date and time, requested pick-up and drop off addresses, distance traveled and items ordered, such as food, prescription drugs or other delivery items); and payment transaction information (such as a restaurant’s or merchant's name and location, amount charged, and payment method). We also associate a user’s name with that of anyone who uses their promotion code. This also includes information provided by users when placing their order, such as their allergies information.
Usage data: We collect data about how users interact with our services. This includes access dates and times, app features or pages viewed, browser type, and app crashes and other system activity.
Device data: We collect data about the devices used to access our services, including the hardware models, device IP address or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, device motion data, and mobile network data.
Communications data: We collect data regarding communications between users that are enabled through Crooz’s apps. This includes communication type (phone, text or in-app message), date/time, and content (including recordings of phone calls solely when users are notified of the recording in advance).
3. Data from other sources. These include:
users participating in our referral programs. For example, when a user refers another person, we receive the referred person’s data from that user.
Crooz account owners who request services for or on behalf of other users (such as friends or family members), or who enable other users to request or receive services through their business accounts (such as Enterprise Customers).
users or others providing information in connection with claims or disputes.
Crooz business partners through which users create or access their Crooz account, such as payment providers, social media services, or apps or websites that use Crooz’s APIs or whose APIs Crooz uses.
Crooz business partners in connection with debit or credit cards issued by a financial institution in partnership with Crooz to the extent disclosed in the terms and conditions for the card.
service providers who help us verify users’ identity, background information, and eligibility to work, detect fraud, and screen users in connection with sanctions, anti-money laundering, or know-your-customer requirements.
insurance, vehicle, or financial services providers for drivers and/or delivery persons.
partner transportation companies (for drivers or delivery persons who use our services through an account associated with such a company).
publicly available sources.
marketing partners and service providers, including banks in connection with cash back programs, and data resellers.
law enforcement officials, public health officials, and other government authorities.
B. How we use data
Crooz uses data to enable reliable and convenient transportation, delivery, and other products and services. We also use data:
to enhance the safety and security of our users and services
for customer support
for research and development
to enable communications between users
for marketing and advertising
to send non-marketing communications to users
in connection with legal proceedings
Please see here for a summary of the data we collect and how we use it.
Crooz uses the data we collect:
To provide our services. Crooz uses data to provide, personalize, maintain, and improve our services. This includes using data to:
create/update accounts.
enable transportation, delivery and other services/features, such as:
using location data to navigate rider pick-ups and order drop-offs, calculate ETAs, and track the progress of rides or deliveries.
enabling features that involve data sharing, such as sharing driver first name and vehicle information with riders to facilitate pick-ups, or features that enable ETA sharing and fare splitting.
matching available drivers and delivery persons to users requesting services, including based on personal data such as location and proximity to other users, and user settings / preferences (such as preferred destinations), and non-personal data such as vehicle type requested.
enabling accessibility features.
enabling features that involve account linking
facilitating and optimizing rental cars’ reservation, pick up and drop off through Crooz Rent.
calculating prices and fares, including using location data and trip or order details (such as requested pick-up and drop off addresses). We may also consider non-personal data or factors, including date and time, estimated distance and time, minimum base fares, tolls, taxes and fees, and surge pricing.
process payments, and enable payment and e-money products such as Crooz Money.
personalize users’ accounts. For example, we may present order recipients with personalized restaurant or food recommendations based on their prior orders and delivery location.
facilitate insurance, vehicle, invoicing, or financing solutions.
provide users with trip or delivery updates, generate receipts, and inform them of changes to our terms, services, or policies.
perform necessary operations to maintain our services, including to troubleshoot software bugs and operational problems.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, are compatible with such uses, or are necessary for purposes of Crooz’s and its users’ legitimate interests.
2. Safety, fraud protection and security. We use data to help maintain the safety, security, and integrity of our services and users. This includes:
verifying users' accounts, identity or compliance with safety requirements.
For example, we review driver and delivery person background checks (including criminal history where required or permitted by law) to verify their identities and eligibility to provide transportation or deliveries.
In the South Africa, we may also perform rider and order recipient identity verification using names, date of birth, emails, telephone numbers, payment information, and third party wallets, to help deter use of our services by fraudulent accounts.
We process and compare user profile pictures, government-issued identification photos and numbers, or other user-submitted photographs to perform this verification, including in some regions through use of facial recognition technology. We also use such technology to prevent fraudulent use of identification photos, or to prevent users from creating multiple accounts.
We also use facial recognition technology to prevent fraudulent use of Crooz accounts by those other than the account owner. This is done through Crooz’s Real-Time ID Check, which regularly asks drivers and delivery persons to take a selfie before they can go online and compares it with their profile picture. (In the UK, we also use location and device data associated with such selfies for this purpose). We also use this feature to verify change of bank account information, and to facilitate regaining account access.
using customer service information (including reports of safety incidents), device data (e.g., to detect speeding or harsh braking / acceleration), transaction, and usage data to identify potentially unsafe drivers and driving. This can lead to drivers and delivery persons receiving messages encouraging safer driving, and/or account deactivation following human review.
using account, device, location, usage, transaction, wireless carrier, and other data, including communications between users and metadata, to prevent, detect, and combat fraud, including by guest users.
using reported incidents, user ratings, and other feedback to encourage safe use of Crooz’s platform and compliance with our terms and as grounds for deactivating users with low ratings.
using driver data (such as past trip information and reported incident rates) and rider data (such as account information, cancellation and reported incident rates, current pick-up and drop-off location, past trip information, and ratings information) to predict and help avoid pairings of users that may result in increased risk of conflict.* We also avoid pairings where one user has previously given the other a low (e.g., 1 star) rating.
using location, phone number, user name, vehicle details and other relevant information to provide live support from safety experts during trips or deliveries.
The fraud and unsafe driving prevention and detection activities described above may be considered profiling under applicable laws, and can result in deactivation of users (generally only after human review). For information regarding how to object to the above activities, please see “Choice and transparency” below.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, and/or for purposes of the legitimate safety and security interests of Crooz, our users and members of the general public.
3. Customer support. We use the information we collect (which may include call recordings, chat logs, in-app audio recordings and dashcam footage) to provide customer support, including to investigate and address user concerns and to monitor and improve our customer support responses and processes.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users or for purposes of Crooz’s legitimate interests in monitoring and improving its customer support services.
4. Research and development. We use data for analysis, machine learning, product development, research, and testing. This helps us make our services more convenient and easy-to-use, enhance the safety and security of our services, and develop new services and features.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in improving and developing new services and features.
5. Enabling communications between users. For example, a driver may message or call a rider to confirm a pick-up location, a rider may call a driver to retrieve a lost item, or a restaurant or delivery person may contact an order recipient with information about their order.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users.
6. Marketing and Advertising. Crooz uses data (other than guest users’ data) to market its services, and those of Crooz partners.
We specifically use account, approximate location, device and usage data, preferred language, and trip and order history to provide ads and marketing communications that are personalized based on users’ observed or inferred location, interests and characteristics (which may include inferred gender*).
This includes using this data to:
send emails, text messages, push notifications, and in-app messages or other communications marketing or advertising Crooz products, services, features, offers, promotions, sweepstakes, news and events. For example, we may send push notifications suggesting a user’s favorite destinations or merchants, or in-app messages offering discounts or promo for products or merchants similar to those a user has previously ordered.
display personalized advertising on third party apps or websites.
display third party advertising in Crooz’s apps or in connection with our services. For example, we display ads for restaurants or merchants that are available on Crooz’s apps. These ads (which are identified as “Sponsored Listings” in Crooz’s apps) include recommendations that are personalized based on users’ location and order histories.
We also display ads for third party products that are not available on Crooz’s apps. These ads may contain links to third party apps or websites. Users should refer to such third parties’ privacy notices for information on their collection and use of data when visiting such apps or websites.
We also provide ads that are personalized based on data about users’ current trip or delivery request, including time of request and services requested. For example, if a user requests a trip to a supermarket, we may display in-app ads for third party products that may be available at that supermarket.
We also measure the effectiveness of Crooz’s ads, and of third party ads displayed in Crooz’s apps or in connection with our services.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in informing users about Crooz services and features or those offered by Crooz partners.
7. Non-marketing communications. Crooz may use data to send surveys and other communications that are not for the purpose of marketing the services or products of Crooz or its partners. We may also send users communications regarding elections, ballots, referenda, and other political processes that relate to our services. For example, Crooz has notified users of ballot measures or pending legislation relating to Crooz’s services in those users’ areas.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, or for purposes of Crooz’s and its users’ legitimate interests in informing users about events that may have an impact on their use of Crooz’s services.
8. Legal proceedings and requirements. We use data to investigate or address claims or disputes relating to use of Crooz’s services, to satisfy requirements under applicable laws, regulations, operating licenses or agreements, insurance policies, or pursuant to legal process or governmental request, including from law enforcement.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in investigating and responding to claims and disputes relating to use of Crooz’s services and features, and/or necessary for compliance with applicable legal requirements.
C. Cookies and third-party technologies
Crooz and its partners use cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this notice, and Crooz’s Cookie Notice.
Cookies are small text files that are stored on browsers or devices by websites, apps, online media, and ads.Crooz uses cookies and similar technologies for purposes such as:
authenticating users
remembering user preferences and settings
determining the popularity of content
delivering and measuring the effectiveness of advertising campaigns
analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services
We may also allow others to provide audience measurement and analytics services for us, to serve ads on our behalf across the internet or for other companies’ products and services on our apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and services.
D. Data sharing and disclosure
Some of Crooz’s services and features require that we share data with other users, or at users’ request or with their consent. We may also share such data with our affiliates, subsidiaries, and partners, for legal reasons or in connection with claims or disputes.
Crooz may share data:
1. With other users
This includes sharing:
riders’ first name, rating, and pickup and/or dropoff locations with drivers.
riders’ first name with other riders in a carpool trip. Riders in carpool trips may also see the other riders’ dropoff location.
order recipients’ first name and order details, including items ordered, allergies or food preferences and special instructions, with other recipients in a group order.
order recipients’ first name, delivery address, and order information (including drug prescriptions, special instructions, allergies or food preferences) with the restaurant or merchant and, for order deliveries, with the delivery person. We may also share ratings and feedback, or other information to the extent required by law, with the restaurant or merchant and, for order deliveries, the delivery person.
for drivers and delivery persons, we may share data with the riders, order recipients and restaurants or merchants, including name and photo; vehicle make, model, color, license plate, and vehicle photo; location (before and during trip); average rating provided by users; total number of trips; period of time since they signed up to be a driver or delivery person; contact information; and driver or delivery person profile, including compliments and other feedback submitted by past users. For drivers and delivery persons who self-identify as deaf or hard of hearing via our in-app accessibility settings, we will share that information with the riders and order recipients.
We also provide riders and order recipients with receipts containing information such as a breakdown of amounts charged, driver or delivery person first name, photo, and route map. We also include other information on those receipts if required by law.With an account owner when used by another person, such as when a rider uses their employer’s Crooz for Business profile, a rider or order recipients uses an account linked to their Family profile, a driver or delivery person uses an account owned by or associated with an Crooz partner transportation company or restaurant, or a delivery person acts as a substitute (UK only).
In addition, if a user creates an account using an email address affiliated with an Crooz for Business account owner (i.e., their employer), we may use, and share their profile data (such as name and email address) with such account owner, to help that user expense trips or orders to that Crooz for Business account.for those who participate in Crooz’s referral program, we share certain data of referred users, such as trip count, with the user who referred them as necessary to determine the referral bonus.
2. At users’ request or with users’ consent
This includes sharing data with:
Other people at a user’s request. For example, we share a user’s ETA and location with a friend when requested by that user, or a user’s trip information when they split a fare with a friend.
Crooz business partners. For example, if a user requests a service through a partnership or promotional offering made by a third party, Crooz may share certain data with those third parties. This may include, for example, other services, platforms, apps, or websites that integrate with our APIs; vehicle suppliers or services; those with an API or service with which we integrate; or restaurants, merchants or other Crooz business partners and their users in connection with promotions, contests, or specialized services.
Emergency services. We offer features that enable users to share their data with police, fire, and ambulance services in the event of an emergency or after certain incidents. For more information, please see “Choice and Transparency” and “Emergency Data Sharing” below.
Insurance companies. If a user has reported or submits a claim to an insurance company relating to Crooz’s services, Crooz will share certain data with that insurance company for the purpose of adjusting or handling the user’s insurance claim.
Merchants or restaurants. If an order recipient adds a merchant loyalty membership number to their user account, Crooz will share their loyalty membership and order details with such merchant or restaurant when they place an order. Order recipients may also opt-in to share their contact and order details with a specific merchant or restaurant to receive marketing communications from such merchant or restaurant.
General public. Questions or comments from users submitted through public forums such as Crooz blogs and Crooz social media pages may be viewable by the public, including any data included in the questions or comments submitted by a user.
3. With Crooz subsidiaries and affiliates
We share data with our subsidiaries and affiliates to help us provide our services or conduct data processing on our behalf. For example, Crooz processes and stores such data in the United States on behalf of its international subsidiaries and affiliates.
4. With Crooz service providers and business partners
These include the third parties, or categories of third parties, listed below. Where a third party is identified, please see their linked privacy notices for information regarding their collection and use of personal data.
payment processors and facilitators, including PayPal and Hyperwallet.
background check, identity verification and risk solutions providers.
cloud storage providers.
customer support platform and service providers.
Google, in connection with the use of Google Maps in Crooz’s apps.
social media companies, including Facebook and TikTok, in connection with Crooz’s use of their tools in Crooz’s apps and websites.
marketing partners and marketing platform providers, including social media advertising services, advertising networks, third-party data providers, and other service providers to reach or better understand our users and measure advertising effectiveness.
This includes advertising intermediaries, such as The Trade Desk, Google, Criteo and Rokt and others, that enable Crooz to display and/or measure the effectiveness of personalized ads for third party products that are displayed in Crooz’s apps. We share data -- including advertising or device identifier, hashed email address, approximate location, current trip or order information, and ad interaction data -- with these intermediaries to enable their services and for such other purposes as are disclosed in their privacy notices. Users may opt out from ad personalization in the Crooz app.research partners, including those performing surveys or research projects in partnership with Croozor on Crooz’s behalf.
service providers that assist Crooz to enhance the safety and security of Crooz apps and services.
service providers that provide us with artificial intelligence and machine learning tools and services.
accountants, consultants, lawyers, and other professional service providers.
insurance and financing partners.
insurance companies, in connection with insurance claims made or reported by a user relating toCrooz’s services, and for the purpose of adjusting or handling the insurance claim.
airports.
third-party vehicle suppliers, including fleet and rental partners.
5. For legal reasons or in the event of a dispute
Crooz may share users’ data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, insurance policy, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing data with law enforcement officials, public health officials, other government authorities, airports (if required by the airport authorities as a condition of operating on airport property), insurance companies, or other third parties as necessary to enforce our Terms of Service, user agreements, or other policies; to protect Crooz’s rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our services. In the event of a dispute relating to use of another person’s credit card, we may be required by law to share a user’s data, including trip or order information, with the owner of that credit card.
For more information, please see Crooz’s Guidelines for Law Enforcement Authorities - United States, Guidelines for Law Enforcement Authorities - Outside the US, and Guidelines for Third Party Data Requests and Service of Legal Documents.
This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
6. With consent
Crooz may share a user’s data other than as described in this notice if we notify the user and they consent to the sharing.
E. Data retention and deletion
Crooz retains user data for as long as necessary for the purposes described above. Users may request account deletion through the Crooz apps and websites.
Crooz retains user data for as long as necessary for the purposes described above, which varies depending on data type, the category of user to whom the data relates, the purposes for which we collected the data, and whether the data must be retained after an account deletion request for the purposes described below.
For example, we retain data:
for the life of users’ accounts if such data is necessary to provide our services. E.g., account data.
for 7 years if necessary to comply with tax requirements. E.g., drivers’ and delivery persons’ trip or delivery location information.
for defined periods as necessary for purposes of safety or fraud prevention. E.g., we retain incomplete driver applications for 1 year, and rejected driver applications for 7 years.
Users may request deletion of their account through the Privacy menus in the Crooz app, or through Crooz’s website.
Following an account deletion request, we delete the user’s account and data, except as necessary for purposes of safety, security, fraud prevention or compliance with legal requirements, or because of issues relating to the user’s account (such as an outstanding credit or an unresolved claim or dispute). For drivers and delivery persons, this generally means that we retain certain of their data for as long as necessary for actual or potential tax, litigation, or insurance claims. For rider and order recipients, we generally delete data within 90 days of an account deletion request, except where retention is necessary for the above reasons.
IV. Choice and transparency
Crooz enables users to access and/or control data that Crooz collects, including through:
privacy settings
device permissions
in-app ratings pages
marketing and advertising choices
Crooz also enables users to request access to or copies of their data, make changes or updates to their accounts, request deletion of their accounts, or request that Crooz restrict its processing of user data.
1. Privacy settings
Riders and order recipients can set or update their preferences regarding location data collection and sharing, emergency data sharing, and notifications in Crooz’s Privacy Center, which is accessible via the Privacy menu in the Crooz apps.
Location data collection (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s collection of their mobile device location data through their device settings, which can be accessed via Location Sharing menu in the Privacy Center in the Crooz apps.Share Live Location (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s sharing of their mobile device real-time location data with their drivers or delivery persons (as applicable) through their device settings, which can be accessed via the Location Sharing menu in the Privacy Center in the Crooz apps.Gender identity
Riders can update their gender information through the Gender Identity menu, which can be accessed in the Ads and Data menu in the Privacy Center.Emergency Data Sharing
Riders may enable Crooz’s sharing of their mobile device real-time location data with emergency police, fire, and ambulance services. This includes sharing approximate location at the time the emergency call was placed; the car’s make, model, color, and license plate information; the rider’s name and phone number; pickup and dropoff locations; and the driver’s name.
Riders may enable/disable this feature via the Account > Settings > Privacy > Location Sharing menu, or the Safety Center.
Drivers and delivery persons can also enable/disable Emergency Data Sharing via the App settings > Emergency Data Sharing menu, or the Safety Toolkit.Notifications: discounts and news
Users may enable Crooz to send push notifications about discounts and news from Crooz. Users may control whether they receive push notifications here.Third-party app access
Users may authorize third-party applications to access their Crooz account data to enable additional features. Users can review / withdraw access by third-party applications by contacting support@crooz.io.
2. Device permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. Users should check the available settings on their devices, or check with their provider.
3. In-app ratings pages
After every trip, drivers and riders are able to rate each other on a scale from 1 to 5. An average of those ratings is associated with a user’s account and is displayed to other users for whom they provide or receive services. For example, rider ratings are available to drivers from whom they request transportation, and driver ratings are available to their riders.
Riders can see their average rating in the main menu of the Crooz app, and also access a breakdown of their average rating in Crooz’s Privacy Center.
Drivers can see their average rating after tapping their profile photo in the Crooz Driver app.
4. Marketing and advertising choices
Crooz provides users with the following choices regarding how their data is used for purposes of marketing and advertising:
Personalized marketing communications from Crooz: Users may choose here whether Crooz may use their data to send personalized communications (such as, emails, push notifications, and in-app messages) about Crooz products and services. Users may also choose here whether to receive any marketing emails or push notifications from Crooz.
Data Sharing and Tracking: Users may choose here whether Crooz may share their data with third parties, or collect data regarding their visits and actions on third-party apps or websites, for purposes of personalized ads.
Personalized Ads: Users may choose whether Crooz uses their Crooz trip, order or search history to personalize the ads they see on Crooz.
Cookies and related technologies: For information on how to control Crooz's use of cookies and related technologies, including for purposes of displaying personalized ads, please see our Cookie Notice.
5. User data requests
Crooz provides users with a variety of ways to learn about, control, and submit questions and comments about Crooz’s handling of their data. In addition to the methods indicated below, users may also submit data requests via our Privacy Inquiry Form (riders and order recipients here, drivers and delivery persons here).
Data access and portability: Depending on where they are located, users may have the right to “access” their data (meaning, to be informed of the data that Crooz has collected about them), and to “portability” of their data (meaning, to receive a copy of such data). Regardless of their location, Crooz provides several options for viewing and obtaining copies of the data Crooz has collected about them.
Users can access data including their profile data and trip or order history through the Crooz apps or via Crooz’s website.Changing or updating data: Users can edit the name, phone number, email address, payment method, and profile picture through the Settings menu in Crooz’s apps or driver portal.
Deleting data: Users may request deletion of their account by contacting support@crooz.io.
Objections, restrictions, and complaints: Users may request that we stop using all or some of their data, or that we limit our use of their data. This includes objecting to our use of data that is based on Crooz’s legitimate interests. Crooz may continue to process data after such objection or request to the extent required or permitted by law.
In addition, depending on their location, Users may have the right to file a complaint relating to Crooz’s handling of their data with the data protection authority in their country. For example, users in the EU and Latin America may submit such requests to the data protection authorities in the country in which they live.
V. Legal information
A. Data controllers and Data Protection Officer
Crooz (Pty) Ltd. is controller of the data processed in connection with use of Crooz’s services globally, except where it is joint controller with other Crooz affiliates.
Users may submit requests to exercise their rights regarding their data (riders and order recipients here; and drivers and delivery persons to support@crooz.io.
Users may also contact Crooz's Data Protection Officer by mail to support@crooz.io, regarding issues relating to Crooz's processing of their personal data, and their data protection rights.
B. Legal Framework for Data Transfers
Crooz operates, and processes user data, globally. We comply with applicable legal frameworks relating to the transfer of data.
Crooz operates, and processes user data, globally. This may result in processing of your personal data in countries, including the United States, whose data protection laws may differ from those where you live.
This includes processing of your data on Crooz’s servers in the United States, and transferring or enabling access to your data globally, in order to:
provide you services wherever you request them.
provide you access to your information, such as trip / order history, wherever you request it.
provide access to and responses from Crooz’s customer service agents.
respond to requests for information by governments or law enforcement, as necessary.
Crooz is committed to protecting our users’ personal data regardless of where they are located or where, or by who, their personal data is processed. This includes implementing global measures to protect users’ data, including:
securing user data when in transit, including through encryption, and at rest.
mandating company-wide training regarding privacy and data security.
implementing internal policies and procedures to limit access to, and use of, users’ data.
limiting government and law enforcement access to user data, except where required by law, there are imminent threats to safety, or users’ have consented to the access. Please see Crooz’s Transparency Report for more information regarding our practices relating to law enforcement requests.
When we transfer user data from the EEA, UK and Switzerland, we do so on the basis of the necessity to fulfill our agreements with users, consent, adequacy decisions regarding the country of transfer (available here, here or here), and transfer mechanisms such as the Standard Contractual Clauses adopted by the European Commission (and their approved equivalents for the UK and Switzerland), and the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), as set forth by the U.S. Department of Commerce. Such data remains subject to the GDPR or equivalents after such transfer. Users may contact Crooz regarding the above, or to request copies of applicable Standard Contractual Clauses.
C. Updates to this Privacy Notice
We may occasionally update this notice.
We may occasionally update this notice. If we make significant changes, we will notify users in advance of the changes through the Crooz apps or through other means, such as email. We encourage users to periodically review this notice for the latest information on our privacy practices.
Use of our services after an update constitutes consent to the updated notice to the extent permitted by law.
Last modified: 28/10/2024
Crooz
Privacy Notice
This Privacy Policy explains how Crooz its affiliates collect and use data. This notice applies to all Crooz users globally, unless they use a service covered by a separate privacy notice. This notice specifically applies to:
Riders: those who request or receive transportation and related services via their Crooz account.
Drivers: those who provide transportation to Riders individually via their Crooz account or through partner transportation companies.
This notice also governs Crooz’s other collections of data in connection with its services. All those subject to this notice are referred to as “users” in this notice. Our privacy practices are subject to applicable laws in the places in which we operate. This means that we engage in the practices described in this notice in a particular country or region only if permitted under the laws of those places.
A. Data collections and uses
Crooz collects data:
provided by users to Crooz
created during use of our services
from other sources
1. Data provided by users. This includes:
Account information: We collect data when users create or update their Crooz accounts, or place orders via guest checkout features. This includes first and last name, email, phone number, login name and password, address, profile picture, payment or banking information (including related payment verification information), user settings (including accessibility settings), and loyalty program information for Crooz partners. For drivers and delivery persons, this also includes vehicle or insurance information, emergency contact information, and evidence of health or fitness to provide services using Crooz apps.
Background check information (drivers and delivery persons): This includes information submitted during the driver/delivery person application process, such as driver history or criminal record (where permitted by law), license status, known aliases, prior addresses, and right to work. This information may be collected by Crooz service providers.
Identity verification documents and photos: This includes government issued identification such as driver’s license or passports (which may contain identification photos and numbers, date of birth, and gender), and user-submitted photos such as selfies and profile pictures.
Demographic data: We collect demographic data such as birth date/age, gender or occupation when necessary to enable certain features, or provide access to age-restricted products or services. For example, we collect users’ date of birth or age to verify eligibility to use Crooz Cash or Crooz Money, or when they purchase alcohol or cannabis products. We also collect or infer (using first name) gender information to enable female or non-binary users to designate their preference for providing or receiving services to/from female or non-binary users, as well as for marketing and advertising. We also collect demographic data, such as age group and household composition, through user surveys.
User content: We collect data (including chat logs and call recordings) when users contact Crooz customer support, provide ratings or feedback for users, restaurants or merchants, use features that enable users to upload content or submit recordings (including in-app audio recordings or dashboard cameras recordings), or otherwise contact Crooz.
2. Data created during use of our services. This includes:
Location data (driver and delivery person): We collect precise and approximate location data from drivers’ and delivery persons’ mobile devices when the Crooz app is running in the foreground (app open and on-screen) or background (app open but not on-screen).
Location data (riders and order recipients). We collect precise and/or approximate location information from riders’ and order recipients’ mobile devices if they enable us to do so via their device settings.
Crooz collects such data from the time a ride or order is requested until it is finished, and any time the app is running in the foreground (app open and on-screen). See “Choice and transparency” below for information on how riders and order recipients can enable precise location data collection.
Riders and order recipients may use the Crooz apps without enabling collection of location data from their mobile devices. However, this may affect certain features in the Crooz apps. For example, a rider who has not enabled precise location data will have to manually enter their pickup address.
In addition, precise location data collected from a driver’s device during a trip is linked to the rider’s account, even if the rider has not enabled precise location data to be collected from their device. This data is used for purposes such as customer support, fraud detection, insurance, litigation and receipt generation.Transaction information: We collect transaction information related to the use of our services, including the type of services requested or provided; trip or order details (such as date and time, requested pick-up and drop off addresses, distance traveled and items ordered, such as food, prescription drugs or other delivery items); and payment transaction information (such as a restaurant’s or merchant's name and location, amount charged, and payment method). We also associate a user’s name with that of anyone who uses their promotion code. This also includes information provided by users when placing their order, such as their allergies information.
Usage data: We collect data about how users interact with our services. This includes access dates and times, app features or pages viewed, browser type, and app crashes and other system activity.
Device data: We collect data about the devices used to access our services, including the hardware models, device IP address or other unique device identifiers, operating systems and versions, software, preferred languages, advertising identifiers, device motion data, and mobile network data.
Communications data: We collect data regarding communications between users that are enabled through Crooz’s apps. This includes communication type (phone, text or in-app message), date/time, and content (including recordings of phone calls solely when users are notified of the recording in advance).
3. Data from other sources. These include:
users participating in our referral programs. For example, when a user refers another person, we receive the referred person’s data from that user.
Crooz account owners who request services for or on behalf of other users (such as friends or family members), or who enable other users to request or receive services through their business accounts (such as Enterprise Customers).
users or others providing information in connection with claims or disputes.
Crooz business partners through which users create or access their Crooz account, such as payment providers, social media services, or apps or websites that use Crooz’s APIs or whose APIs Crooz uses.
Crooz business partners in connection with debit or credit cards issued by a financial institution in partnership with Crooz to the extent disclosed in the terms and conditions for the card.
service providers who help us verify users’ identity, background information, and eligibility to work, detect fraud, and screen users in connection with sanctions, anti-money laundering, or know-your-customer requirements.
insurance, vehicle, or financial services providers for drivers and/or delivery persons.
partner transportation companies (for drivers or delivery persons who use our services through an account associated with such a company).
publicly available sources.
marketing partners and service providers, including banks in connection with cash back programs, and data resellers.
law enforcement officials, public health officials, and other government authorities.
B. How we use data
Crooz uses data to enable reliable and convenient transportation, delivery, and other products and services. We also use data:
to enhance the safety and security of our users and services
for customer support
for research and development
to enable communications between users
for marketing and advertising
to send non-marketing communications to users
in connection with legal proceedings
Please see here for a summary of the data we collect and how we use it.
Crooz uses the data we collect:
To provide our services. Crooz uses data to provide, personalize, maintain, and improve our services. This includes using data to:
create/update accounts.
enable transportation, delivery and other services/features, such as:
using location data to navigate rider pick-ups and order drop-offs, calculate ETAs, and track the progress of rides or deliveries.
enabling features that involve data sharing, such as sharing driver first name and vehicle information with riders to facilitate pick-ups, or features that enable ETA sharing and fare splitting.
matching available drivers and delivery persons to users requesting services, including based on personal data such as location and proximity to other users, and user settings / preferences (such as preferred destinations), and non-personal data such as vehicle type requested.
enabling accessibility features.
enabling features that involve account linking
facilitating and optimizing rental cars’ reservation, pick up and drop off through Crooz Rent.
calculating prices and fares, including using location data and trip or order details (such as requested pick-up and drop off addresses). We may also consider non-personal data or factors, including date and time, estimated distance and time, minimum base fares, tolls, taxes and fees, and surge pricing.
process payments, and enable payment and e-money products such as Crooz Money.
personalize users’ accounts. For example, we may present order recipients with personalized restaurant or food recommendations based on their prior orders and delivery location.
facilitate insurance, vehicle, invoicing, or financing solutions.
provide users with trip or delivery updates, generate receipts, and inform them of changes to our terms, services, or policies.
perform necessary operations to maintain our services, including to troubleshoot software bugs and operational problems.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, are compatible with such uses, or are necessary for purposes of Crooz’s and its users’ legitimate interests.
2. Safety, fraud protection and security. We use data to help maintain the safety, security, and integrity of our services and users. This includes:
verifying users' accounts, identity or compliance with safety requirements.
For example, we review driver and delivery person background checks (including criminal history where required or permitted by law) to verify their identities and eligibility to provide transportation or deliveries.
In the South Africa, we may also perform rider and order recipient identity verification using names, date of birth, emails, telephone numbers, payment information, and third party wallets, to help deter use of our services by fraudulent accounts.
We process and compare user profile pictures, government-issued identification photos and numbers, or other user-submitted photographs to perform this verification, including in some regions through use of facial recognition technology. We also use such technology to prevent fraudulent use of identification photos, or to prevent users from creating multiple accounts.
We also use facial recognition technology to prevent fraudulent use of Crooz accounts by those other than the account owner. This is done through Crooz’s Real-Time ID Check, which regularly asks drivers and delivery persons to take a selfie before they can go online and compares it with their profile picture. (In the UK, we also use location and device data associated with such selfies for this purpose). We also use this feature to verify change of bank account information, and to facilitate regaining account access.
using customer service information (including reports of safety incidents), device data (e.g., to detect speeding or harsh braking / acceleration), transaction, and usage data to identify potentially unsafe drivers and driving. This can lead to drivers and delivery persons receiving messages encouraging safer driving, and/or account deactivation following human review.
using account, device, location, usage, transaction, wireless carrier, and other data, including communications between users and metadata, to prevent, detect, and combat fraud, including by guest users.
using reported incidents, user ratings, and other feedback to encourage safe use of Crooz’s platform and compliance with our terms and as grounds for deactivating users with low ratings.
using driver data (such as past trip information and reported incident rates) and rider data (such as account information, cancellation and reported incident rates, current pick-up and drop-off location, past trip information, and ratings information) to predict and help avoid pairings of users that may result in increased risk of conflict.* We also avoid pairings where one user has previously given the other a low (e.g., 1 star) rating.
using location, phone number, user name, vehicle details and other relevant information to provide live support from safety experts during trips or deliveries.
The fraud and unsafe driving prevention and detection activities described above may be considered profiling under applicable laws, and can result in deactivation of users (generally only after human review). For information regarding how to object to the above activities, please see “Choice and transparency” below.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, and/or for purposes of the legitimate safety and security interests of Crooz, our users and members of the general public.
3. Customer support. We use the information we collect (which may include call recordings, chat logs, in-app audio recordings and dashcam footage) to provide customer support, including to investigate and address user concerns and to monitor and improve our customer support responses and processes.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users or for purposes of Crooz’s legitimate interests in monitoring and improving its customer support services.
4. Research and development. We use data for analysis, machine learning, product development, research, and testing. This helps us make our services more convenient and easy-to-use, enhance the safety and security of our services, and develop new services and features.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in improving and developing new services and features.
5. Enabling communications between users. For example, a driver may message or call a rider to confirm a pick-up location, a rider may call a driver to retrieve a lost item, or a restaurant or delivery person may contact an order recipient with information about their order.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users.
6. Marketing and Advertising. Crooz uses data (other than guest users’ data) to market its services, and those of Crooz partners.
We specifically use account, approximate location, device and usage data, preferred language, and trip and order history to provide ads and marketing communications that are personalized based on users’ observed or inferred location, interests and characteristics (which may include inferred gender*).
This includes using this data to:
send emails, text messages, push notifications, and in-app messages or other communications marketing or advertising Crooz products, services, features, offers, promotions, sweepstakes, news and events. For example, we may send push notifications suggesting a user’s favorite destinations or merchants, or in-app messages offering discounts or promo for products or merchants similar to those a user has previously ordered.
display personalized advertising on third party apps or websites.
display third party advertising in Crooz’s apps or in connection with our services. For example, we display ads for restaurants or merchants that are available on Crooz’s apps. These ads (which are identified as “Sponsored Listings” in Crooz’s apps) include recommendations that are personalized based on users’ location and order histories.
We also display ads for third party products that are not available on Crooz’s apps. These ads may contain links to third party apps or websites. Users should refer to such third parties’ privacy notices for information on their collection and use of data when visiting such apps or websites.
We also provide ads that are personalized based on data about users’ current trip or delivery request, including time of request and services requested. For example, if a user requests a trip to a supermarket, we may display in-app ads for third party products that may be available at that supermarket.
We also measure the effectiveness of Crooz’s ads, and of third party ads displayed in Crooz’s apps or in connection with our services.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in informing users about Crooz services and features or those offered by Crooz partners.
7. Non-marketing communications. Crooz may use data to send surveys and other communications that are not for the purpose of marketing the services or products of Crooz or its partners. We may also send users communications regarding elections, ballots, referenda, and other political processes that relate to our services. For example, Crooz has notified users of ballot measures or pending legislation relating to Crooz’s services in those users’ areas.
Crooz performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users, or for purposes of Crooz’s and its users’ legitimate interests in informing users about events that may have an impact on their use of Crooz’s services.
8. Legal proceedings and requirements. We use data to investigate or address claims or disputes relating to use of Crooz’s services, to satisfy requirements under applicable laws, regulations, operating licenses or agreements, insurance policies, or pursuant to legal process or governmental request, including from law enforcement.
Crooz performs the above activities on the grounds that they are necessary for purposes of Crooz’s legitimate interests in investigating and responding to claims and disputes relating to use of Crooz’s services and features, and/or necessary for compliance with applicable legal requirements.
C. Cookies and third-party technologies
Crooz and its partners use cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this notice, and Crooz’s Cookie Notice.
Cookies are small text files that are stored on browsers or devices by websites, apps, online media, and ads.Crooz uses cookies and similar technologies for purposes such as:
authenticating users
remembering user preferences and settings
determining the popularity of content
delivering and measuring the effectiveness of advertising campaigns
analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services
We may also allow others to provide audience measurement and analytics services for us, to serve ads on our behalf across the internet or for other companies’ products and services on our apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and services.
D. Data sharing and disclosure
Some of Crooz’s services and features require that we share data with other users, or at users’ request or with their consent. We may also share such data with our affiliates, subsidiaries, and partners, for legal reasons or in connection with claims or disputes.
Crooz may share data:
1. With other users
This includes sharing:
riders’ first name, rating, and pickup and/or dropoff locations with drivers.
riders’ first name with other riders in a carpool trip. Riders in carpool trips may also see the other riders’ dropoff location.
order recipients’ first name and order details, including items ordered, allergies or food preferences and special instructions, with other recipients in a group order.
order recipients’ first name, delivery address, and order information (including drug prescriptions, special instructions, allergies or food preferences) with the restaurant or merchant and, for order deliveries, with the delivery person. We may also share ratings and feedback, or other information to the extent required by law, with the restaurant or merchant and, for order deliveries, the delivery person.
for drivers and delivery persons, we may share data with the riders, order recipients and restaurants or merchants, including name and photo; vehicle make, model, color, license plate, and vehicle photo; location (before and during trip); average rating provided by users; total number of trips; period of time since they signed up to be a driver or delivery person; contact information; and driver or delivery person profile, including compliments and other feedback submitted by past users. For drivers and delivery persons who self-identify as deaf or hard of hearing via our in-app accessibility settings, we will share that information with the riders and order recipients.
We also provide riders and order recipients with receipts containing information such as a breakdown of amounts charged, driver or delivery person first name, photo, and route map. We also include other information on those receipts if required by law.With an account owner when used by another person, such as when a rider uses their employer’s Crooz for Business profile, a rider or order recipients uses an account linked to their Family profile, a driver or delivery person uses an account owned by or associated with an Crooz partner transportation company or restaurant, or a delivery person acts as a substitute (UK only).
In addition, if a user creates an account using an email address affiliated with an Crooz for Business account owner (i.e., their employer), we may use, and share their profile data (such as name and email address) with such account owner, to help that user expense trips or orders to that Crooz for Business account.for those who participate in Crooz’s referral program, we share certain data of referred users, such as trip count, with the user who referred them as necessary to determine the referral bonus.
2. At users’ request or with users’ consent
This includes sharing data with:
Other people at a user’s request. For example, we share a user’s ETA and location with a friend when requested by that user, or a user’s trip information when they split a fare with a friend.
Crooz business partners. For example, if a user requests a service through a partnership or promotional offering made by a third party, Crooz may share certain data with those third parties. This may include, for example, other services, platforms, apps, or websites that integrate with our APIs; vehicle suppliers or services; those with an API or service with which we integrate; or restaurants, merchants or other Crooz business partners and their users in connection with promotions, contests, or specialized services.
Emergency services. We offer features that enable users to share their data with police, fire, and ambulance services in the event of an emergency or after certain incidents. For more information, please see “Choice and Transparency” and “Emergency Data Sharing” below.
Insurance companies. If a user has reported or submits a claim to an insurance company relating to Crooz’s services, Crooz will share certain data with that insurance company for the purpose of adjusting or handling the user’s insurance claim.
Merchants or restaurants. If an order recipient adds a merchant loyalty membership number to their user account, Crooz will share their loyalty membership and order details with such merchant or restaurant when they place an order. Order recipients may also opt-in to share their contact and order details with a specific merchant or restaurant to receive marketing communications from such merchant or restaurant.
General public. Questions or comments from users submitted through public forums such as Crooz blogs and Crooz social media pages may be viewable by the public, including any data included in the questions or comments submitted by a user.
3. With Crooz subsidiaries and affiliates
We share data with our subsidiaries and affiliates to help us provide our services or conduct data processing on our behalf. For example, Crooz processes and stores such data in the United States on behalf of its international subsidiaries and affiliates.
4. With Crooz service providers and business partners
These include the third parties, or categories of third parties, listed below. Where a third party is identified, please see their linked privacy notices for information regarding their collection and use of personal data.
payment processors and facilitators, including PayPal and Hyperwallet.
background check, identity verification and risk solutions providers.
cloud storage providers.
customer support platform and service providers.
Google, in connection with the use of Google Maps in Crooz’s apps.
social media companies, including Facebook and TikTok, in connection with Crooz’s use of their tools in Crooz’s apps and websites.
marketing partners and marketing platform providers, including social media advertising services, advertising networks, third-party data providers, and other service providers to reach or better understand our users and measure advertising effectiveness.
This includes advertising intermediaries, such as The Trade Desk, Google, Criteo and Rokt and others, that enable Crooz to display and/or measure the effectiveness of personalized ads for third party products that are displayed in Crooz’s apps. We share data -- including advertising or device identifier, hashed email address, approximate location, current trip or order information, and ad interaction data -- with these intermediaries to enable their services and for such other purposes as are disclosed in their privacy notices. Users may opt out from ad personalization in the Crooz app.research partners, including those performing surveys or research projects in partnership with Croozor on Crooz’s behalf.
service providers that assist Crooz to enhance the safety and security of Crooz apps and services.
service providers that provide us with artificial intelligence and machine learning tools and services.
accountants, consultants, lawyers, and other professional service providers.
insurance and financing partners.
insurance companies, in connection with insurance claims made or reported by a user relating toCrooz’s services, and for the purpose of adjusting or handling the insurance claim.
airports.
third-party vehicle suppliers, including fleet and rental partners.
5. For legal reasons or in the event of a dispute
Crooz may share users’ data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, insurance policy, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing data with law enforcement officials, public health officials, other government authorities, airports (if required by the airport authorities as a condition of operating on airport property), insurance companies, or other third parties as necessary to enforce our Terms of Service, user agreements, or other policies; to protect Crooz’s rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our services. In the event of a dispute relating to use of another person’s credit card, we may be required by law to share a user’s data, including trip or order information, with the owner of that credit card.
For more information, please see Crooz’s Guidelines for Law Enforcement Authorities - United States, Guidelines for Law Enforcement Authorities - Outside the US, and Guidelines for Third Party Data Requests and Service of Legal Documents.
This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
6. With consent
Crooz may share a user’s data other than as described in this notice if we notify the user and they consent to the sharing.
E. Data retention and deletion
Crooz retains user data for as long as necessary for the purposes described above. Users may request account deletion through the Crooz apps and websites.
Crooz retains user data for as long as necessary for the purposes described above, which varies depending on data type, the category of user to whom the data relates, the purposes for which we collected the data, and whether the data must be retained after an account deletion request for the purposes described below.
For example, we retain data:
for the life of users’ accounts if such data is necessary to provide our services. E.g., account data.
for 7 years if necessary to comply with tax requirements. E.g., drivers’ and delivery persons’ trip or delivery location information.
for defined periods as necessary for purposes of safety or fraud prevention. E.g., we retain incomplete driver applications for 1 year, and rejected driver applications for 7 years.
Users may request deletion of their account through the Privacy menus in the Crooz app, or through Crooz’s website.
Following an account deletion request, we delete the user’s account and data, except as necessary for purposes of safety, security, fraud prevention or compliance with legal requirements, or because of issues relating to the user’s account (such as an outstanding credit or an unresolved claim or dispute). For drivers and delivery persons, this generally means that we retain certain of their data for as long as necessary for actual or potential tax, litigation, or insurance claims. For rider and order recipients, we generally delete data within 90 days of an account deletion request, except where retention is necessary for the above reasons.
IV. Choice and transparency
Crooz enables users to access and/or control data that Crooz collects, including through:
privacy settings
device permissions
in-app ratings pages
marketing and advertising choices
Crooz also enables users to request access to or copies of their data, make changes or updates to their accounts, request deletion of their accounts, or request that Crooz restrict its processing of user data.
1. Privacy settings
Riders and order recipients can set or update their preferences regarding location data collection and sharing, emergency data sharing, and notifications in Crooz’s Privacy Center, which is accessible via the Privacy menu in the Crooz apps.
Location data collection (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s collection of their mobile device location data through their device settings, which can be accessed via Location Sharing menu in the Privacy Center in the Crooz apps.Share Live Location (riders and order recipients)
Riders and order recipients can enable/disable Crooz’s sharing of their mobile device real-time location data with their drivers or delivery persons (as applicable) through their device settings, which can be accessed via the Location Sharing menu in the Privacy Center in the Crooz apps.Gender identity
Riders can update their gender information through the Gender Identity menu, which can be accessed in the Ads and Data menu in the Privacy Center.Emergency Data Sharing
Riders may enable Crooz’s sharing of their mobile device real-time location data with emergency police, fire, and ambulance services. This includes sharing approximate location at the time the emergency call was placed; the car’s make, model, color, and license plate information; the rider’s name and phone number; pickup and dropoff locations; and the driver’s name.
Riders may enable/disable this feature via the Account > Settings > Privacy > Location Sharing menu, or the Safety Center.
Drivers and delivery persons can also enable/disable Emergency Data Sharing via the App settings > Emergency Data Sharing menu, or the Safety Toolkit.Notifications: discounts and news
Users may enable Crooz to send push notifications about discounts and news from Crooz. Users may control whether they receive push notifications here.Third-party app access
Users may authorize third-party applications to access their Crooz account data to enable additional features. Users can review / withdraw access by third-party applications by contacting support@crooz.io.
2. Device permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. Users should check the available settings on their devices, or check with their provider.
3. In-app ratings pages
After every trip, drivers and riders are able to rate each other on a scale from 1 to 5. An average of those ratings is associated with a user’s account and is displayed to other users for whom they provide or receive services. For example, rider ratings are available to drivers from whom they request transportation, and driver ratings are available to their riders.
Riders can see their average rating in the main menu of the Crooz app, and also access a breakdown of their average rating in Crooz’s Privacy Center.
Drivers can see their average rating after tapping their profile photo in the Crooz Driver app.
4. Marketing and advertising choices
Crooz provides users with the following choices regarding how their data is used for purposes of marketing and advertising:
Personalized marketing communications from Crooz: Users may choose here whether Crooz may use their data to send personalized communications (such as, emails, push notifications, and in-app messages) about Crooz products and services. Users may also choose here whether to receive any marketing emails or push notifications from Crooz.
Data Sharing and Tracking: Users may choose here whether Crooz may share their data with third parties, or collect data regarding their visits and actions on third-party apps or websites, for purposes of personalized ads.
Personalized Ads: Users may choose whether Crooz uses their Crooz trip, order or search history to personalize the ads they see on Crooz.
Cookies and related technologies: For information on how to control Crooz's use of cookies and related technologies, including for purposes of displaying personalized ads, please see our Cookie Notice.
5. User data requests
Crooz provides users with a variety of ways to learn about, control, and submit questions and comments about Crooz’s handling of their data. In addition to the methods indicated below, users may also submit data requests via our Privacy Inquiry Form (riders and order recipients here, drivers and delivery persons here).
Data access and portability: Depending on where they are located, users may have the right to “access” their data (meaning, to be informed of the data that Crooz has collected about them), and to “portability” of their data (meaning, to receive a copy of such data). Regardless of their location, Crooz provides several options for viewing and obtaining copies of the data Crooz has collected about them.
Users can access data including their profile data and trip or order history through the Crooz apps or via Crooz’s website.Changing or updating data: Users can edit the name, phone number, email address, payment method, and profile picture through the Settings menu in Crooz’s apps or driver portal.
Deleting data: Users may request deletion of their account by contacting support@crooz.io.
Objections, restrictions, and complaints: Users may request that we stop using all or some of their data, or that we limit our use of their data. This includes objecting to our use of data that is based on Crooz’s legitimate interests. Crooz may continue to process data after such objection or request to the extent required or permitted by law.
In addition, depending on their location, Users may have the right to file a complaint relating to Crooz’s handling of their data with the data protection authority in their country. For example, users in the EU and Latin America may submit such requests to the data protection authorities in the country in which they live.
V. Legal information
A. Data controllers and Data Protection Officer
Crooz (Pty) Ltd. is controller of the data processed in connection with use of Crooz’s services globally, except where it is joint controller with other Crooz affiliates.
Users may submit requests to exercise their rights regarding their data (riders and order recipients here; and drivers and delivery persons to support@crooz.io.
Users may also contact Crooz's Data Protection Officer by mail to support@crooz.io, regarding issues relating to Crooz's processing of their personal data, and their data protection rights.
B. Legal Framework for Data Transfers
Crooz operates, and processes user data, globally. We comply with applicable legal frameworks relating to the transfer of data.
Crooz operates, and processes user data, globally. This may result in processing of your personal data in countries, including the United States, whose data protection laws may differ from those where you live.
This includes processing of your data on Crooz’s servers in the United States, and transferring or enabling access to your data globally, in order to:
provide you services wherever you request them.
provide you access to your information, such as trip / order history, wherever you request it.
provide access to and responses from Crooz’s customer service agents.
respond to requests for information by governments or law enforcement, as necessary.
Crooz is committed to protecting our users’ personal data regardless of where they are located or where, or by who, their personal data is processed. This includes implementing global measures to protect users’ data, including:
securing user data when in transit, including through encryption, and at rest.
mandating company-wide training regarding privacy and data security.
implementing internal policies and procedures to limit access to, and use of, users’ data.
limiting government and law enforcement access to user data, except where required by law, there are imminent threats to safety, or users’ have consented to the access. Please see Crooz’s Transparency Report for more information regarding our practices relating to law enforcement requests.
When we transfer user data from the EEA, UK and Switzerland, we do so on the basis of the necessity to fulfill our agreements with users, consent, adequacy decisions regarding the country of transfer (available here, here or here), and transfer mechanisms such as the Standard Contractual Clauses adopted by the European Commission (and their approved equivalents for the UK and Switzerland), and the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”), as set forth by the U.S. Department of Commerce. Such data remains subject to the GDPR or equivalents after such transfer. Users may contact Crooz regarding the above, or to request copies of applicable Standard Contractual Clauses.
C. Updates to this Privacy Notice
We may occasionally update this notice.
We may occasionally update this notice. If we make significant changes, we will notify users in advance of the changes through the Crooz apps or through other means, such as email. We encourage users to periodically review this notice for the latest information on our privacy practices.
Use of our services after an update constitutes consent to the updated notice to the extent permitted by law.
Company
© Copyright 2024, All Rights Reserved by Crooz
Company
© Copyright 2024, All Rights Reserved by Crooz
Company
© Copyright 2024, All Rights Reserved by Crooz
Company
© Copyright 2024, All Rights Reserved by Crooz