Privacy Policy – Taxi in Linköping

Last updated: 6 December 2025

This Privacy Policy describes how Linköping Punkt Taxi AB (company reg. no. 559348-6425), operating under the registered brand Taxi Point, processes personal data when you book and use our taxi services in Linköping and through our digital channels. This policy is written in accordance with the General Data Protection Regulation (GDPR) and Swedish law.

1. Data controller

The controller responsible for the processing of your personal data is:

Linköping Punkt Taxi AB (Taxi Point)
Company reg. no.: 559348-6425
Email: info@linkoping.taxi
Website: www.linkoping.taxi

2. What personal data we process

We only process the data necessary to provide safe and accurate taxi services:

Name and contact details (phone number, email address).
Pickup address, destination address, and any intermediate stop addresses.
Geographical information (e.g., coordinates) connected to the booking.
Booking details: date, time, number of passengers, vehicle type, price, discount, payment method.
Payment-related information such as receipt number and transaction ID (card details are handled by the payment provider).
Communication with us (e.g., chat, email, SMS, and support cases).
Technical information when using our website or app, e.g. IP address, browser, device type, and logs for troubleshooting.

3. Purposes and legal basis

We use your data for the following purposes and on the following legal bases:

3.1 Booking and providing the taxi ride – Contract

When you book a trip via the website, app, or phone, we process your data to receive the booking, plan the trip, send confirmations, show the correct information to the driver, and carry out the trip. This processing is necessary to perform the contract with you.

3.2 Accounting, receipts, and bookkeeping – Legal obligation

Certain data must be stored to comply with requirements under the Swedish Accounting Act and other mandatory legislation, for example data on receipts and invoices.

3.3 Customer service, complaints, and safety – Legitimate interests

We may process your data to handle customer service questions, investigate delays, manage lost property, prevent fraud, and follow up on traffic safety. In such cases, the processing is based on our legitimate interest in providing a safe and functional service.

3.4 Marketing and information – Consent or legitimate interests

Targeted digital marketing, newsletters, or similar communications are used only where permitted by law and, when applicable, based on your consent. You can opt out of such communication at any time.

4. Retention periods

We store personal data only for as long as necessary for the purposes described above or for as long as we are legally required to do so:

Booking data: typically up to 12 months after the trip is completed.
Financial records (receipts, invoices, etc.): up to 7 years in accordance with the Swedish Accounting Act.
Support cases & complaints: while the case is open and thereafter up to 12 months.
Technical logs: usually 3–12 months depending on log type and security needs.

5. Recipients of personal data

We do not sell your personal data. However, data may be shared with trusted recipients that help us deliver the service:

providers of booking systems, server operations, and IT security
payment providers (e.g., card acquirers and banks for Swish)
SMS, email, and push notification providers
accounting firms and auditors where required by law
authorities, where we are legally obliged to disclose data

These recipients act either as processors under a data processing agreement with us, or as independent controllers when they determine the purposes and means themselves (e.g., a bank or an authority).

6. Transfers outside the EU/EEA

If personal data is exceptionally transferred to a country outside the EU/EEA, we ensure the transfer is lawful under GDPR—for example by using the EU Commission’s Standard Contractual Clauses (SCC) and, where needed, additional safeguards.

7. Security

We take technical and organisational measures to protect your personal data, for example:

encrypted communication via HTTPS
restricted and logged access in internal systems
backup and incident management routines
continuous updates of software and security components

8. Cookies and tracking

Our website may use cookies and similar technologies to remember settings, enable booking flow functionality, and produce anonymised statistics. You can manage your cookie settings in your browser. More detailed information may be provided in a separate cookie notice if displayed on the website.

9. Your rights under GDPR

You have a number of rights when we process your personal data:

the right to confirmation of whether we process your data and the right to obtain an access request (register extract)
the right to request rectification of incorrect or incomplete data
in certain cases, the right to request erasure (“the right to be forgotten”)
the right to object to processing based on our legitimate interests
the right to request restriction of processing in certain situations
the right to receive the data you provided in a structured, commonly used, machine-readable format (data portability), when processing is based on contract or consent
the right to withdraw consent at any time without affecting the lawfulness of processing before the withdrawal

To exercise your rights, contact us at info@linkoping.taxi. We normally respond within 30 days.

10. Complaints to the Swedish Authority for Privacy Protection (IMY)

If you believe we process your personal data in a way that violates applicable rules, you have the right to file a complaint with the Swedish Authority for Privacy Protection (IMY):
www.imy.se.

11. Changes to this Privacy Policy

We may update this Privacy Policy when we make changes to our services or when laws and authority guidance change. The latest version is always available at www.linkoping.taxi. The date of the most recent update is shown at the top of this page.