Introduction
This Privacy Policy explains how Crown Rides (“we”, “us”, “our”) collects, uses, shares, and protects your personal data when you use our website, booking system, and services at www.crownrides.es. It also explains your rights under applicable data protection laws in Spain and the EU.
Data Controller Information
Data Controller: Crown Rides
Name: Usama Maroof
Business Activity: Private chauffeur services in Spain
Address: paseo castellana 60, Madrid Spain
Email: info@crownrides.es
Phone: +34632852950
Website: www.crownrides.es
Name: Usama Maroof
Business Activity: Private chauffeur services in Spain
Address: paseo castellana 60, Madrid Spain
Email: info@crownrides.es
Phone: +34632852950
Website: www.crownrides.es
Data We Collect
Personal Data from Bookings: Name, email, phone, pickup/drop-off details, flight number, luggage, number of passengers, and payment info (processed via Stripe or directly with driver).
Automatically Collected Data: IP address, browser, device, pages visited, time on site, and analytics (Google Site Kit/Analytics), only with consent.
Automatically Collected Data: IP address, browser, device, pages visited, time on site, and analytics (Google Site Kit/Analytics), only with consent.
Purpose and Legal Basis of Processing
We use your data to:
- Manage bookings and provide rides (legal basis: contract performance).
- Process payments securely (Stripe or in-person, contract/legal obligation).
- Communicate booking confirmations and updates (contract performance).
- Analyze and improve our website/services (consent for analytics).
- Comply with legal obligations (legal basis: legal requirement).
- Marketing communications (optional, with your consent).
- Manage bookings and provide rides (legal basis: contract performance).
- Process payments securely (Stripe or in-person, contract/legal obligation).
- Communicate booking confirmations and updates (contract performance).
- Analyze and improve our website/services (consent for analytics).
- Comply with legal obligations (legal basis: legal requirement).
- Marketing communications (optional, with your consent).
How We Share Data
Your data may be shared with:
- Assigned drivers (for bookings).
- Stripe (online payments).
- Hostinger (hosting/technical support).
- Google Analytics (if consented).
- Legal authorities if required.
All third-party providers are GDPR-compliant and contractually bound to use data responsibly.
- Assigned drivers (for bookings).
- Stripe (online payments).
- Hostinger (hosting/technical support).
- Google Analytics (if consented).
- Legal authorities if required.
All third-party providers are GDPR-compliant and contractually bound to use data responsibly.
Data Retention
We retain data only as long as necessary:
- Booking & service data: 5 years (Spanish tax laws).
- Payment records: 5 years.
- Communications: up to 2 years.
- Analytics: per Google retention settings.
- Marketing: until consent withdrawn.
- Booking & service data: 5 years (Spanish tax laws).
- Payment records: 5 years.
- Communications: up to 2 years.
- Analytics: per Google retention settings.
- Marketing: until consent withdrawn.
User Rights
You have rights under GDPR & Spanish law:
- Access, rectification, erasure (“right to be forgotten”)
- Restriction of processing
- Data portability
- Object to processing
- Withdraw consent (marketing/analytics)
Contact info@crownrides.es to exercise your rights.
- Access, rectification, erasure (“right to be forgotten”)
- Restriction of processing
- Data portability
- Object to processing
- Withdraw consent (marketing/analytics)
Contact info@crownrides.es to exercise your rights.
Cookies & Tracking
We use cookies to enhance your experience and track analytics:
- Strictly necessary: session, security
- Functional: preferences
- Analytics: Google Analytics (consent required)
- Marketing: only with explicit consent
Consent can be managed via the Cookie Banner (CookieYes).
- Strictly necessary: session, security
- Functional: preferences
- Analytics: Google Analytics (consent required)
- Marketing: only with explicit consent
Consent can be managed via the Cookie Banner (CookieYes).
International Data Transfers
Some data may be processed outside the EEA:
- Stripe: payments, US servers, GDPR compliant
- Google Analytics: may process outside EEA, GDPR safeguards applied
Safeguards: Standard Contractual Clauses, provider security.
- Stripe: payments, US servers, GDPR compliant
- Google Analytics: may process outside EEA, GDPR safeguards applied
Safeguards: Standard Contractual Clauses, provider security.
Security Measures
We implement technical and organizational measures to protect your data:
- SSL/HTTPS encryption
- Access control to staff/drivers
- Data minimization
- Hosting security (Hostinger)
- Third-party compliance (Stripe, Google, CookieYes)
- Monitoring & regular updates
Despite this, no system is 100% secure; breaches are reported to authorities per GDPR.
- SSL/HTTPS encryption
- Access control to staff/drivers
- Data minimization
- Hosting security (Hostinger)
- Third-party compliance (Stripe, Google, CookieYes)
- Monitoring & regular updates
Despite this, no system is 100% secure; breaches are reported to authorities per GDPR.
Children’s Data
Our services are for adults; we do not knowingly collect personal data from children under 16. Parents/guardians are responsible for supervision. Contact info@crownrides.es if you believe data of a child has been collected.
Changes to Privacy Policy
We may update this Privacy Policy to reflect legal, technical, or operational changes. Updates will be posted on this page with a “Last updated” date. Continued use after updates implies acceptance.
Contact Information
For questions or to exercise your rights, contact:
Email: info@crownrides.es
Email: info@crownrides.es
