Personal data is data that can be linked to you as an individual. This may include data such as your name, telephone number, or gender.
This statement gives you information about UIP Oslo Bysykkel AS (hereafter "UIP") and its processing of personal data in connection with the use of UIP's city bicycle services.
The Privacy Statement provides you with information about which personal data we collect, why we process your personal data, and your rights relating to the processing of your personal data.
UIP Oslo Bysykkel AS (org. No .: 914 253 721) operates and maintains Oslo Bysykkel, and is responsible for the processing of personal data in connection with the city bicycle services. As data controller, UIP is therefore responsible for the processing of your personal data. The person responsible for the data controller determines the purpose of the processing of the personal data, as well as how the data is used.
Our contact information is:
Address: Strandgata 19, 0152 Oslo
Phone: +47 915 89 700
UIP has a privacy representative who can be contacted at firstname.lastname@example.org
Which personal data we process, our purposes for data processing, and the legal bases under which we process data
Information about the use of the services which comes from legitimate interest includes:
The basis of the processing of the above information is in UIP's legitimate interest in providing its services and operating those services in the best possible manner. This includes identifying a user, giving the user access to scooters, communicating with the user on the platform, and notifying the user of their legal term expiration.
Information a user can choose to share with us, which is justified by our legitimate interests and which may be withdrawn at any time, includes:
We ask a user for consent to send messages by push notification, SMS, or email about the service or other services. Messages can include information such as when a season opens, the opening of new docks, urban scooter facilities in other cities, or information related to our partners.
We provide customized information to users only if they give consent. We use segmented information - such as a user’s postal code - to provide users with relevant information about our services. A user can quickly turn off specialized content in their user profile.
We retain usage history for a temporary period of time in order to safeguard our rights and obligations under contract, while keeping to GDPR standards of data minimizations. Among other things, we will do this to see where the need for scooters is greatest. We provide this data to users who want to have an overview of which bike trips they have taken over time. UIP also uses this history to improve its services.
We use data for system testing, quality assurance, troubleshooting and other processing needed to improve our services. It is in UIP's legitimate interest in improving its services, as well as delivering flawless services to its users. Users can choose whether they want to share error diagnostics and usage data with UIP in their user profile settings.
We share data in order to comply with legal obligations that UIP is subject to, as well as orders from public authorities, which can include requirements for bookkeeping.
We use data in order to safeguard UIP's rights, including to determine, enforce or defend a legal claim in respect of lost or damaged bicycles. We also use data to safeguard UIP's legitimate interests, such as warnings and exclusions in the event of late delivery of bicycles, or other rights under contract with UIP.
On the iPhone users can choose to store bike rides as training sessions in the Apple Health app. To calculate calorie burn, we process heart rate and weight in our own app. This data never leaves the user’s phone and is not used for data analysis or other purposes beyond the user’s personal history. A user can withdraw their consent for the processing of their health data at any time.
In order to fulfill our contract with a user, we need certain pieces of information, such as a credit card number and telephone number. We cannot meet an agreement with the user without this data.
We only give access to employees who need personal data to perform their duties. This mainly means our customer service team, as well as employees who follow up any disputes related to the services. A very limited number of our employees have access to our entire customer register to ensure its continuous operation.
UIP may disclose personal data to third parties if there is a legal basis for extradition. For example, UIP may disclose personal information to public authorities in order to comply with statutory requirements or orders (such as tax authorities or the police), or to safeguard our rights in connection with a dispute with a user (such as to the Consumer Disputes Committee).
We also share aggregated and anonymised data about our users and their use of the service - which cannot identify them as an individual - with research projects and institutions for statistical and research purposes. These research projects are available to the client, as well as open to the public. We also share personal information with partners who give our users membership benefits - such as OBOS. Delivery of this data is dependent on a user’s consent.
UIP uses external data processors to collect, store or otherwise process personal information on our behalf, such as in connection with our IT systems, payment services, email broadcasts, and chat services. The relationship with these suppliers is regulated by a data processing agreement (DPA), which, among other things, ensures information security for the personal information of our users. A list of providers with whom we have a DPA with can be provided upon request.
All processing of personal information about our users takes place within the EU / EEA area. If a users personal information is subject to processing or storage outside of the EU / EEA, UIP will ensure that your personal data is subject to adequate security guarantees, including through the use of EU standard terms of such transfer, transfer to companies subject to Privacy Shield certification, or by transfer to land which is pre-approved by the EU Commission.
A user has the right to demand access, correction or deletion of the personal data we process about them if the terms of this are met. They also have the right to demand limited processing, correct objection to the processing and, in some cases, the right to demand data portability. If the processing is based on a user’s consent, they may withdraw their consent at any time.
A user has access at all times to a list of consents and data we have stored about them in their user profile. There they can correct or delete data, as well as withdraw consent. If they have any questions about their rights, or wish to exercise their rights, they can contact the UIP or our Data Privacy Officer (DPO) via contact information provided on our website. The user also has the right to complain about our processing of their personal data to Datatilsynet.
UIP stores your personal information as long as it is necessary to achieve the purposes for which the personal information was collected as defined in this statement. This means that we keep the personal data as long as you are registered with us, unless otherwise expressly stated.
If you delete your account at Oslo Bysykkel, you immediately lose access to the service, and our client managers will no longer be able to see you. For operational reasons, however, it may take up to 3 months before all information about you is gone from UIP's systems.
However, continued storage of your personal data may be necessary as a result of UIP's need to:
UIP takes its users 'privacy seriously, and has taken appropriate technical and organizational security measures to protect employees' personal information against violations of personal data security, unauthorized access to, and disclosure of personal information, including:
Links to other sites
From time to time, UIP will make changes to this privacy statement. An updated version of UIP's privacy statement will be available at all times in the app and on our website. You are encouraged to visit this page regularly to keep up to date with our current privacy statement. If UIP makes changes to the processing of personal data, this statement will be updated. You will be notified of these changes via our app, on the website and / or through the contact information you have provided.