Privacy Policy
1. Data Controller & Contact
Data controller: ZTaksi.
- Privacy / data requests: [email protected]
- Security reports: [email protected]
- Web: https://ztaksi.com
2. Data We Collect
| Category | Examples | Purpose |
|---|---|---|
| Identity & Contact | Full name, phone number | Account creation, OTP verification, ride coordination |
| Location (precise) | GPS coordinates | Passenger: pickup point & nearby driver matching. Driver: live location while on duty, navigation and trip tracking |
| Driver documents | Vehicle/plate info, driver license & registration photos, profile photo | Drivers only: registration approval and verification |
| Ride data | Ride history, saved addresses, fare, status | Service delivery, history view |
| Device & Technical | Device identifier (fingerprint), platform, app version, IP address, last connection time | Session security, single-device/session management, fraud prevention |
| Notifications | Firebase Cloud Messaging (FCM) push token | Ride status and driver/passenger notifications |
| Communications | In-app text/voice support messages | Customer/driver support |
| Referral | Referral code | Invite / campaign tracking |
We do not store your debit/credit card details inside the App.
3. Background Location Use
For driver accounts, location is collected while the driver is “online/available” or during an active trip, including when the app is in the background. This is required so the passenger can see the assigned driver live on the map, for accurate ETA, and for safe trip tracking. Background collection stops when the driver goes offline. For passenger accounts, location is only collected while the app is open and in use (foreground).
4. How We Share Data
- Driver ↔ Passenger: Name, location and necessary contact details are shared between matched parties to complete the ride.
- Google Maps Platform: Location is processed for maps, routing and address services.
- Google Firebase (Cloud Messaging, App Check): Notification delivery and device integrity.
- WhatsApp / SMS: Phone number for one-time verification code (OTP) delivery.
- Authorities: Where legally required, to the extent mandated by law.
We do not sell your personal data and do not share it for advertising.
5. Retention
Data is retained while your account is active and for as long as the service requires. Upon a deletion request, your personal data is deleted or anonymized within a reasonable period, except records we must keep under legal obligations (e.g. financial/commercial records).
6. Security
- All network traffic is encrypted via TLS/HTTPS.
- Session tokens are stored in secure device storage (iOS Keychain / Android Keystore).
- Secrets are hashed with argon2; no plaintext storage.
- Device integrity and root/jailbreak detection (RASP) plus Firebase App Check prevent abuse.
7. Your Rights (KVKK & GDPR)
You have the right to access, rectify, erase, restrict and object to the processing of your data. Send requests to [email protected].
8. Account & Data Deletion
To delete your account and associated data, use the Account Deletion page or request it via in-app support.
9. Children’s Privacy
The App is not intended for individuals under 18 and we do not knowingly collect their data.
10. Changes
This policy may be updated. Material changes will be announced in the app or on this page.