Sojo - Privacy Policy

The Sojo app offers you intelligent travel assistance – a navigation system for your daily mobility. Various data is collected and analysed to provide you with the best possible support for your travel. This service is provided by Axon Vibe Limited (hereinafter: "we"). We are committed to ensuring your privacy and confidentiality of your personal data.

This Privacy Policy describes how your personal data is collected, used, stored, erased, and shared when using the Sojo app (hereinafter: "the Service").

By using the Service, you consent to this Privacy Policy. If you do not agree to any part of it, you must immediately discontinue using the Service.

1. Scope of the Processing of Personal Data

The processing of personal data is limited to data required for the provision of content and services. We use the data collected by the Service to analyse your movement patterns and repetitive habits as well as to facilitate booking and payment of mobility services. The collected data and the analysis are used by us to provide you with personalized information and suggestions related to your current context (such as your current location and journey intent) and support your travel and commuting behaviour in general. Furthermore, we may provide you with personalized offers from third parties in connection with your travels. We may also use the collected data to improve our statistical models or for fraud prevention. The processing of your personal data is based on the purposes agreed through consent or on a legal basis. We only collect personal data necessary to implement and process our tasks and services, or if you provide personal data voluntarily.

2. Personal Data we collect and for what Purpose

When you are using the Service, the following personal data may be collected and processed:

Profile Information

Information you entered in the app, and basic profile information obtained from your Google or Apple account used for sign-in, such as name, address, phone number, email, or profile picture. We use this information to customize your profile, for the purpose of identification, support, and communication (such as collection of your feedback) and for the booking of mobility services. We may also ask you to enter your preferences (e.g. your favourite places, stations or preferred mode of travel), which we will use to personalize the Service provided to you.

Device Information

General device data such as technical specifications of the end device, its battery level, operating system, browser type or the name of the current mobile phone operator are recorded to analyse possible error sources and improve the user app experience. The IP address used by the device to access the Service is also recorded for fault analysis. A rough location (city/district level) is determined by the IP address and stored under user metrics.

Usage Information

We collect metrics relating to the usage of the app and the related websites (e.g. session duration, visited screens/pages, use of features, etc.) to improve our services and optimize your experience on an ongoing basis. We also collect survey feedback data you entered in the app. For this purpose, we use analytics services from Countly Ltd.
Our apps use the Firebase Crashlytics service from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). In case of an app crash or app not responding event, anonymous information related to the issue is submitted to Firebase Crashlytics service, allowing us to quickly trace and remedy the fault. The data transmitted to Firebase Crashlytics service is of a purely technical nature and contains no personal information.

Interaction Data

To provide you an optimal service that is tailored to your needs, we collect data from your interaction with our service, such as data related to your journey planning activity or feedback you provide on information rendered in the app. We use this data to personalize your experience and to improve our Service.

Location and Motion Information

If you allow the app to access your location, the Service will use it for the purpose of centring the map at or plan a journey from your current location. With your explicit consent, the Service will collect location data (such as geographical coordinates and visits) and motion data (such as motion activity and pedometer data). We use this data to understand your mobility behaviour (including the carbon emissions related to your travels) and predict future journeys. This enables us to provide you with automatic commuter or traffic alerts and personalized travel assistance. We may also provide you with contextual offers (e.g. retail vouchers or discounts). These advance features require that collecting your location and motion data also happens when the app is closed.

Booking Information

Booking data (such as your name, billing address, itineraries, etc.) also includes location data (start and endpoint of your journey). The collection of this data is necessary for booking, using, payment, invoicing, and support of mobility services. Booking data can also be used to improve forecasts of your travel behaviour and can be included in the statistics in anonymized form. Further, it can be used to optimize your experience and analyse errors.

Payment Information

We use Stripe Payments Europe, Ltd (“Stripe”) for payment, analytics, and other business services. Payment data includes your name, email address, billing address and details of the means of payment you use (such as credit card information). The collection of this data is necessary for processing payments and refunds as well as for support and detecting fraud.

Stripe also collects identifying information about the mobile devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

Chat Information

The information you voluntarily provide us via the in-app support and feedback chat is collected and stored for the purpose of supporting you, processing your feedback and following up on questions that may arise at a later stage. We use services from Zendesk Inc. and Slack Technologies Inc. to provide you with chat functionalities.

3. Integration of External Data Sources

We refine the forecasts of your travel behaviour with real-time data that is not specific to any individual, such as weather data, timetable data, rail, and road traffic data, as well as data relating to public transport stations or other places.

4. Integration of Map Services

To provide the Service, the app and the related websites include services of Google Maps Platform. These are used to e.g. display interactive maps and routes on our app for you, which requires the transmission of certain location data such as your current position.

5. Integration of Bus Fares Data

To provide you with bus fare information, the app uses services of the TransportAPI Platform provided by Placr Ltd (“TransportAPI”). The TransportAPI Privacy Policy is available at: https://www.transportapi.com/privacy/ .

6. Integration of Log-in Services of Google and Apple

The app uses the sign-in services of Google and Apple. We use basic profile information (such as name, email, profile picture) provided by the sign-in service to prefill your profile.

7. Sharing your Personal Information with Third Parties

We will not sell or otherwise pass your data to third parties other than stated below.

Subcontractors

We may enlist subcontractors to provide the Service. We shall assure that this privacy statement is binding on such subcontractors. Our subcontractors include:

  • Amazon Web Services (AWS)

  • Countly Ltd

  • Stripe Payments Europe, Ltd

  • Karhoo Europe (UK) Ltd

  • Mailjet Inc

  • Protect International SA (“Protect Group”)

  • Zendesk Inc.

  • Slack Technologies Inc.

Refundable Booking

When you opt in for the Refundable Booking option, we share your name and booking details (date, booking reference, booking value) with Protect Group. If you choose to apply for a refund, you are asked to do so directly via Protect Group’s web form, in which case Protect Group acts as an independent data controller where Protect Group’s privacy terms apply.

Third-party Service Providers

With your explicit consent, we may pass your personal data to third-party service providers to the extent necessary for the fulfilment of the third-party service. These third-party services act as independent data controllers with their own privacy policies. You should read the respective privacy policy before consenting.

These third-party services include:

  • Ferries Trains Planes Ltd (“RailEasy”)

  • various taxi and PHV fleets

Anonymized Data

Anonymized data and analysis can be passed on to third parties. We may supplement it with additional data not specific to any individual (e.g. to analyse commuter flows). We may also use anonymized data to improve the services rendered to you, e.g. by optimizing the routes we provide to you based on data collected through the Service.

Disclosure required by Law

We may disclose your personal data to government authorities if we are required to do so by law.

8. Data Security and Data Protection

We protect your personal data stored with us against manipulation, loss, or unauthorized third-party access. To ensure continuous protection, we are continually developing our security measures. We are certified according to the ISO 27001 standard for information security. The transmission of data over the Internet and via other electronic means always entails risks. Despite taking appropriate precautions, we cannot, therefore, guarantee the security of any information transmitted over the Internet.

The transmission of data over the Internet and via other electronic means always entails risks. Despite taking appropriate precautions, we cannot, therefore, guarantee the security of any information transmitted over the Internet.

We ensure that the countries to which we transfer data have a high level of data protection (e.g. EU Member States or adequate). Data from the support chat may also be stored and processed in the United States.

9. Your Data – your Rights

The Service contains the option that you, if necessary, can pause the recording of your location and motion data at any time by withdrawing the corresponding consents or by logging out of the app. Your raw location and motion data are processed and stored for a maximum duration of 12 months.

The Service allows you to view and export location and motion data or to completely and irretrievably erase all data linked to your profile, including the predictions generated using your location and motion data. Please note that certain booking data is exempted from deletion and will be stored for a maximum duration of six years due to legal obligations. Data that has arisen from interactions with our support chat is also exempted from deletion and will be stored for a maximum duration of 90 days.

We are allowed to keep data in an anonymized form.

You may also contact us in confidence using the contact details provided to erase your profile or exercise any other rights available to you concerning your personal data.

10. Data Editing by the User

You are responsible for using all content, data, and information offered by the Service exclusively in compliance with the contractual provisions and with the applicable legislation in your jurisdiction.

11. Data Storage Location

Your data is stored and processed in the European Union, Switzerland, and the United Kingdom. Data from the support chat may also be stored and processed in the United States.

12. Changes

We may update this privacy policy from time to time to reflect, for example, changes to our practices or other operational, legal, or regulatory reasons.

13. Data Protection Representative

We have the following data protection representative according to art. 27 GDPR in the European Economic Area (EEA), including the European Union (EU) and the Principality of Liechtenstein as an additional point of contact for supervisory authorities and data subjects for requests in connection with the General Data Protection Regulation (GDPR):

VGS Datenschutzpartner UG
Am Kaiserkai 69
20457 Hamburg
Germany
info@datenschutzpartner.eu

14. Contact us

Axon Vibe Limited
1 Purser Road
Abington, Northampton
Northamptonshire
NN1 4PG
United Kingdom
privacy@axonvibe.com

The operational Data Protection Officer of Axon Vibe Limited is available at said address c/o Data Protection Officer and privacy@axonvibe.com.

©Axon Vibe Limited, Version 1.2.0, last updated 02.09.2024