Privacy Policy
Introduction
Omny Sweden AB (“Omny”, “we”, “our”, or “us”) is committed to safeguarding your privacy and handling your personal data with transparency and integrity. This Privacy Policy outlines how we collect, use, store, and protect your information when you:
– use the Omny app as a rider to request transportation services
– use the Omny Driver app as a driver or fleet partner to provide transportation services
– visit our websites, including omnyapp.se and related subdomains
We process all personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
Definitions
Rider: A user who requests transportation services via the Omny app.
Driver: A user who provides transportation services via the Omny Driver app and is linked to a business account (fleet). Drivers cannot operate independently and must be assigned to a registered fleet or business account.
Business Account Owner / Fleet Manager: An individual or Swedish‑registered legal entity (e.g., enskild firma or aktiebolag) that manages drivers and/or vehicles via the Omny Driver app; may also operate as a driver.
Services: The functionalities and tools provided through the Omny and Omny Driver apps, including ride‑hailing, fare negotiation, driver onboarding, fleet management, and payment processing.
Controller/Processor: Omny is the data controller for app operations; some providers (e.g., Stripe, hosting) act as processors or independent controllers for specific activities.
Data We Collect
Depending on how you use our services, we collect the following types of information:
a) Personal Information
Applies to all users.
• Name
• Email address
• Phone number
• Profile photo
• Account metadata, such as account creation and last login time
b) Location Data
Applies to users when location access is granted.
• Real-time GPS location
• Pickup and dropoff addresses
• Route and trip duration
• Location permission status
c) Trip & Usage Data
Collected to operate and optimize ride services.
• Trip history, including timestamps, route information, and fare offers
• Saved pickup and dropoff locations or preferences
• Trip status updates recorded throughout the ride lifecycle
• Driver availability status changes (e.g., going online or offline)
• In-app actions, such as button presses, screen views, or settings changes
• Support requests and feedback submitted via the app
• Cancellation reason, timestamp, and whether the cancellation was initiated by the driver or rider
• Data used to determine if a cancellation or no-show fee is applicable
d) Payment and Financial Information
Processed securely through our third-party payment processor, Stripe. We do not store raw card numbers, CVV codes, or full payment credentials on our servers.
Stripe’s processing of personal data is governed by their own privacy policy: https://stripe.com/privacy
For riders:
• Payment method type (e.g., card brand, Apple Pay, Google Pay)
• Cardholder name
• Last four digits of the card (tokenized and stored securely)
• Transaction records, amounts, and timestamps
• Payment confirmation status
• Refund or dispute-related information
For drivers:
• Payment platform account ID
• Onboarding and dashboard access URLs
• Bank account details for payouts
• Tax-related identifiers and payout eligibility
• Payout history and status
e) Driver and Business Account Information
Collected during registration and onboarding via the Omny Driver app to verify eligibility, assign roles, and ensure compliance with applicable transportation and financial regulations.
For Business Account Owners (individual or company-based)
Full name; Date of birth (if applicable); Email address; Residential address, town, and postal code; Business name; Company registration number; VAT number and tax identification number; Registered business address, town, and postal code; Bank account holder name; IBAN and bank name; Referral code (optional).
Required licensing and business documents, including:
– Company registration certificate
– Taxi operating license
– Driver license (if the business owner also drives)
– Taxi license (if applicable)
– Document upload dates and review status
For Vehicles Registered Under a Business Account
Vehicle make, model, year, and license plate number; Interior and exterior vehicle photos; Insurance documentation; Association with the registering business account; Upload timestamps and document review status
For Drivers Invited to a Business Account
Full name; Email address; Residential address, town, and postal code
Required licensing documents:
– Driver license
– Taxi license
– Driver photo for identification and verification
– Expiration dates for all licenses
– Document upload dates and verification status
f) Device & Technical Information
Collected automatically to ensure app functionality, performance, and security.
• Device model and operating system version
• App version and build number
• IP address
• Push notification token
• Diagnostic and error data used to detect bugs and improve stability
• Technical event timestamps, such as when the app is opened, closed, crashes, or goes offline
g) Cookies and Analytics Data
Collected from users interacting with our apps or websites to support functionality, analyze performance, and improve service reliability.
• Cookies used to store user preferences and enable core features
• Session-related data, such as time spent, referral source, and pages or screens viewed
• Aggregated usage statistics to understand user behavior and app performance
• Error and crash data collected to identify technical issues and improve app stability
• Device, browser, and operating system information when accessing our websites
h) Messaging and Chat
If you use our in-app messaging feature during an active trip, we may collect communication data to support coordination and ensure safety. This may include:
• Sender and recipient identifiers
• Message content
• Timestamps (sent and read times)
• Read/delivery status
Messages are stored only for as long as necessary to facilitate the trip, resolve disputes, or fulfill support and safety obligations.
How We Use Your Data
• To provide and operate the app (matching riders and drivers)
• To process payments via Stripe
• To track trip status and driver availability
• To comply with tax and legal obligations
• To improve app functionality and prevent fraud and abuse
• To respond to support inquiries
• To send important notifications (e.g., trip updates, changes in terms)
• To determine eligibility for cancellation fees, waiting charges, or no-show penalties based on trip timing, location, and user actions.
We may contact you via email, SMS, or phone number to verify your account, coordinate rides, respond to support requests, or send important service updates. These communications are part of our legitimate interest in ensuring a secure and reliable experience.
We do not sell your data to third parties.
Legal Bases for Processing Personal Data
We process your data under the following legal bases:
• Contract – to provide you the services (rides, payments, support)
• Consent – for location tracking and cookies
• Legal Obligation – for tax/reporting requirements
• Legitimate Interests – for fraud prevention, app improvement, safety, and service integrity
Data Sharing and Third Parties
We only share your personal data when necessary to provide our services, comply with legal obligations, or improve your experience. We do not sell your personal data.
a) Payment Processors
We use third-party payment processors (e.g., Stripe) to handle transactions securely. Depending on the activity, Stripe may act as an independent controller (e.g., fraud screening, regulatory checks) or our processor.
b) Hosting and Cloud Service Providers
We rely on trusted infrastructure providers (e.g., Firebase/Google Cloud) to host our services and store data under GDPR‑compliant terms.
c) Authentication and Security Services
We may share technical data to protect against abuse or fraud, ensure platform security, and provide support (e.g., authentication, crash reporting, push notifications).
d) Government Authorities and Legal Requests
We may disclose personal data when required by law or court order.
e) Other Users (Limited Sharing)
We may share:
• First name
• Profile photo
• Pickup/dropoff location
• Vehicle info
• Rating or feedback
• Estimated arrival/location
Only for purposes of completing or coordinating a trip.
f) Insurance/Claims & Safety Partners
Where a claim, incident, or investigation requires it, we may share relevant information with insurers, legal advisors, or safety partners.
International Transfers
We store personal data on secure servers in the EU and U.S., depending on the service. If transferred outside the EEA/UK, we apply safeguards like EU Standard Contractual Clauses (and UK Addendum where applicable), encrypted transmission and secure storage, and strict access controls and confidentiality agreements. You can request information about specific transfer mechanisms by contacting us.
Automated Decision‑Making
Some processes (e.g., cancellation fees, trip expiration, fraud signals) are automated. You may request a human review of any decision that significantly affects you and you may contest the decision. Contact: support@omnyapp.se
Data Retention
• Personal data is kept as long as your account is active.
• Trip data is retained for up to 7 years (for legal and financial records).
• Support tickets are stored for up to 1 year after resolution.
• You may request deletion of your data (see “Your Rights”).
Cookies and Tracking
We use cookies and similar technologies on our websites to:
– Analyze usage and traffic patterns
– Improve functionality and performance
– Remember user preferences (such as language or layout settings)
We do not use cookies for third-party advertising or marketing purposes.
Your Rights (under GDPR)
You have the right to:
• Access your data
• Correct inaccurate data
• Request deletion (“right to be forgotten”)
• Object to processing
• Withdraw consent
• Request data portability
To exercise your rights, contact: support@omnyapp.se. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY): imy.se.
Children’s Data
Our services are not intended for users under 18. We do not knowingly collect data from minors.
Security
We implement appropriate technical and organizational measures to protect your personal data, including:
• Encrypted communication (HTTPS)
• Secure authentication and role-based access
• Secure storage and transmission
• Use of Stripe for PCI-DSS–compliant payment handling
Changes to This Policy
We may update this policy. We’ll notify users via app updates or messages. Latest version always available at: https://omnyapp.se/privacy
Contact Us
Omny Sweden AB
Email: support@omnyapp.se
Org.nr: 559519-4100