Manage Your Fleet
HomeAboutContactLogin
support@sisu-taxi.com
+358465480460
Sun 09:00 - 17:00 | Mon - Sat 08:00 - 22:00
We Provide
The Best Service & Discounts
For You

Privacy Policy


November 12, 2025

Introduction

Sisu Taxi Oy is a ride-hailing service provider based in Finland. We respect your privacy and are committed to protecting the personal data of our users, drivers, and partners. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our mobile application, website, and related transportation services in Finland.

We process personal data in accordance with the European Union General Data Protection Regulation (GDPR) and the Finnish Data Protection Act (1050/2018). This policy applies to all users of Sisu Taxi Oy’s services, including riders (passengers) and drivers using our platform, as well as visitors to our public website.

Minors: Our services are not directed to children under the age of 13. We do not knowingly collect personal information from anyone under 13 years old. If you are under 13, please do not use our app or website. If we learn that we have inadvertently collected personal data from a child under 13, we will take steps to delete it.

Data Controller

The data controller responsible for the processing of personal data described in this policy is:

Sisu Taxi Oy
If you have any questions about this policy or our data practices, please contact us using the above details.

Personal Data We Collect

We collect and process various types of personal data from users of our services. The categories of data we collect include:

  • Rider Information: This includes your name, phone number, email address; location data related to rides (such as pickup and drop-off points and route traveled); payment information (handled securely via third-party payment providers); and any communications or feedback you provide (for example, customer support inquiries or in-app chat messages).
  • Driver Information: This includes your name and contact details; driver’s license, taxi permit, or other identification details required to operate as a driver; vehicle information (e.g. registration number, make and model); location and GPS telemetry data during rides; banking details for payouts and payment settlements; and any tax or regulatory information required by Finnish law.
  • Technical and Usage Data: We collect technical information when you use our app or website, such as device identifiers (e.g. device ID, OS version), IP address, browser type, and timestamps. We also collect usage data including how you interact with our app/website, crash reports, and diagnostic logs. This may involve the use of cookies and similar technologies (explained further below).
No Biometric Data: We do not collect any biometric data or facial recognition information. Sisu Taxi Oy does not use fingerprint scanning, face identification, or any other biometric identifiers in our services.

We typically collect personal data directly from you (for example, when you create an account, book a ride, or sign up as a driver). In some cases, we may receive information from third parties – for instance, if a payment is processed by a provider like Stripe, they will confirm the payment status, or if required, we might verify a driver’s license with the relevant authority to ensure it is valid.

How We Use Your Personal Data

We use the collected personal data for the following purposes:

  • Providing Services: To provide, maintain, and operate the Sisu Taxi platform. For example, we use data to facilitate ride bookings, match riders with drivers, provide navigation, and enable payments. We also use driver information to manage driver accounts and payouts.
  • Safety and Compliance: To ensure the safety and security of all users. This includes verifying driver credentials, monitoring rides for safety, preventing fraud or abuse, and complying with applicable laws and regulations (such as Finnish transportation rules and reporting requirements).
  • Communication: To communicate with you about ride updates, trip confirmations, receipts, driver/rider details, customer support, and account administration. We may send in-app notifications, text messages, or emails related to your rides or use of our services.
  • Payments and Transactions: To process payments for rides (for riders) and to calculate and disburse earnings (for drivers). Payment information is handled via our third-party payment processors, but we use necessary data to generate invoices, receipts, and transaction records.
  • Service Improvement and Analytics: To analyze usage of our app and website, fix errors (for example, by reviewing crash reports), and develop new features. We use analytics data (including data from Google Firebase Analytics) to understand how users interact with our services so we can improve the user experience and quality of our service.
  • Marketing (with Consent): If you have given consent, we may use your contact information to send you promotional communications about new features, offers, or services. You can opt out of these communications at any time.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose (and where permitted by law). We do not use personal data for any automated decision-making or profiling that has legal or similarly significant effects on you without your knowledge or consent.

Data Sharing and International Transfers

No Selling of Data: We do not sell, rent, or trade your personal information to third parties for their own marketing or other independent use. We only share your data with third parties in the following circumstances, and always under appropriate protections:

  • Service Providers: We use trusted third-party companies to support our services. This includes payment processors (such as Stripe, Google Pay, and Apple Pay) to handle credit card and mobile payments, and analytics/crash reporting services (such as Google Firebase Analytics and Crashlytics) to help us understand app performance and improve our services. These providers only receive the information necessary to perform their functions and are contractually obligated to protect it.
  • Authorities and Legal Compliance: We may disclose information to government authorities or public agencies when we are required to do so by law. For example, we might need to provide data to Finnish transport regulators (like Traficom) or to law enforcement agencies in response to valid legal requests.
  • Business Transfers: In the event that Sisu Taxi Oy is involved in a merger, acquisition, or sale of all or a portion of its assets, personal data may be transferred to the acquiring organization as part of the transaction. We will ensure that the recipient of the data is bound to respect your personal data in a manner consistent with this Privacy Policy.

Typically, the core services (such as providing rides, handling payments, and managing driver accounts) are provided on the basis of contract or legal obligations, and our use of data for safety and service improvement is based on legitimate interests. We will seek your consent when we are required to do so (for example, for optional marketing or analytics). Withdrawing consent will not affect the lawfulness of any processing carried out before you withdrew it.
International Data Transfers: We primarily process and store personal data within the European Union/European Economic Area (EEA). However, some of our service providers may process data in other countries outside the EEA (for example, the United States). Whenever your personal data is transferred outside of the EEA, we will implement appropriate safeguards to ensure it remains protected.
  • Making sure the recipient country has been deemed to provide an adequate level of data protection by the European Commission, or
  • Using standard contractual clauses approved by the European Commission, and/or
  • For U.S. providers, ensuring they are certified under frameworks like the EU-U.S. Data Privacy Framework (if applicable).

By using such safeguards, we ensure that any data transferred outside Europe continues to have a level of protection equivalent to that under EU law. You can contact us if you would like more information about the mechanisms we use to transfer data internationally.

We remain responsible for the personal data we share with our third-party service providers, and we require all such parties to handle personal data in compliance with this Privacy Policy and applicable data protection laws.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy or to meet our legal obligations. How long we keep information depends on the type of information and the purposes for which we collected it:

  • Account Information: We keep your account data (like your name, contact details, and login credentials) for as long as you maintain an account with Sisu Taxi. If you choose to delete your account (or if we deactivate it due to prolonged inactivity), we will remove or anonymize your personal data within a reasonable timeframe after the account closure, except for any information we are required to retain for legal or regulatory reasons.
  • Ride and Transaction Records: We retain details of rides taken and payments made (including invoices, receipts, and transaction histories) for about 6 years, in line with Finnish accounting and tax regulations. This retention period ensures we meet our financial record-keeping obligations.
  • Driver Credentials and Records: For drivers, we retain your professional information (such as license details, background check results, and driving history on our platform) for as long as you are an active driver on our platform. If you cease driving with Sisu Taxi, we may retain certain records for a period required by law or for establishing or defending legal claims. Generally, driver records not needed for ongoing legal obligations will be deleted or anonymized after a statutory retention period.
  • Customer Support Data: Communications with our support team (emails, chat logs, call records) are retained as long as necessary to resolve your query or complaint, and for a short period afterward to ensure proper follow-up. Typically, support records are kept for up to 2 years unless a longer period is required for legal purposes (such as evidence in a dispute).
  • Marketing Data: If you have consented to receive marketing communications (like newsletters or promo offers), we will keep the information necessary for that purpose (e.g. your email address or push notification token) until you unsubscribe or withdraw your consent. Once you opt out, we will promptly remove your contact details from our marketing distribution lists (though we may keep a record of your opt-out request to ensure we respect your preference in the future).

After the applicable retention periods expire, we will securely destroy or anonymize the corresponding personal data. For example, we may retain aggregated or anonymized data (which no longer identifies you) for statistical analysis or business planning, but not in a way that can be linked back to you.

Please note that we may need to retain certain information for longer than the periods noted above if required to comply with our legal obligations, resolve disputes, or enforce our agreements. In all cases, we will continue to protect your personal data in accordance with this Privacy Policy for as long as we hold it.

Your Rights

As a data subject under the GDPR, you have several important rights regarding your personal data. Subject to certain legal exceptions, these include the right to:

  • Access Your Data: You can request confirmation of whether we are processing your personal data, and if so, request a copy of the data we hold about you. We will also provide additional details such as the purposes of processing and the categories of data, as required by law.
  • Rectification: You have the right to ask us to correct or update your personal data if it is inaccurate or incomplete. We encourage you to keep your information up-to-date so we can serve you best.
  • Erasure: You can request that we delete your personal data in certain circumstances—for example, if the data is no longer necessary for the original purposes, or if you have withdrawn your consent and no other legal basis for processing applies. We will honor valid deletion requests unless we are legally required to keep the data (for instance, for compliance or dispute resolution).
  • Restriction: You have the right to request that we limit the processing of your data in certain situations. This might apply if you contest the accuracy of your data or if you object to our processing and we are evaluating your request. When processing is restricted, we will still store your data but not use it for other purposes until the restriction is lifted.
  • Data Portability: For data you have provided to us and which we process by automated means under consent or contract, you have the right to request a copy in a structured, commonly used, machine-readable format (for example, CSV or JSON). You can also ask that we transmit this data directly to another service provider where technically feasible.
  • Object: You can object to our processing of your personal data when that processing is based on our legitimate interests or for direct marketing. If you object to direct marketing, we will stop processing your data for those purposes immediately. If you object to processing based on legitimate interests, we will evaluate your objection and will cease processing unless we have compelling legitimate grounds that override your rights or the processing is needed for legal claims.
  • Withdraw Consent: If we are processing your personal data based on your consent, you are entitled to withdraw that consent at any time. For example, you can opt out of marketing emails by using the "unsubscribe" link, or disable certain app analytics via your device settings. Withdrawal of consent will not affect the lawfulness of processing that occurred before you withdrew consent.
  • Lodge a Complaint: If you believe we have infringed your data protection rights, you have the right to complain to a supervisory authority. In Finland, this is the Office of the Data Protection Ombudsman (website: tietosuoja.fi). You also have the right to seek judicial remedy if you believe your rights have been violated.

To exercise any of your rights, please contact us at support@sisu-taxi.com. We will respond to your request as soon as possible, typically within one month as required by GDPR. Please note that we may need to verify your identity (for example, by asking you to provide information) before acting on your request, to ensure that we do not disclose data to the wrong person. Exercising your rights is free of charge. However, if your requests are manifestly unfounded or excessive (for instance, repetitive requests), we may charge a reasonable fee or refuse to act, as permitted by law.

Data Security

We take the security of your personal data very seriously. Sisu Taxi Oy implements a variety of technical and organizational measures to safeguard your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: We use encryption protocols such as HTTPS (TLS) to protect data in transit between your device and our servers. This means any data you send through our app or website is encrypted while it’s being transmitted. We also employ encryption-at-rest and secure hashing for certain sensitive data stored in our databases.
  • Secure Infrastructure: Our servers are hosted in secure facilities and we utilize reputable cloud service providers with strong security practices (including firewalls, intrusion detection systems, and regular backups). Access to these data centers is strictly controlled and monitored.
  • Access Controls: We restrict access to personal data to authorized employees and contractors who need it to operate, develop, or improve our services. All personnel with such access are bound by confidentiality obligations and undergo training on data protection. We also enforce strong authentication and access control mechanisms internally, following the principle of least privilege.
  • Monitoring and Testing: We continuously monitor our systems and infrastructure for potential vulnerabilities and attacks. Regular security assessments, penetration tests, and software updates are conducted to ensure that our defenses remain robust. We also have internal policies and incident response plans to handle any potential security incidents swiftly.

While we work hard to protect your information, no method of transmitting or storing data is 100% secure. We cannot guarantee absolute security of your data. You should also take care with how you handle and disclose your personal data. Remember, you are responsible for keeping your account login credentials (username and password) confidential. If you believe that your account or personal data has been compromised, please contact us immediately.

In the event of a data breach that affects your personal data, we will notify you and the relevant authorities without undue delay, as required by law.

Fraud Prevention and Misuse

We maintain strict policies and employ tools to detect and prevent fraud, abuse, or illegal activities on our platform. All users are expected to use Sisu Taxi’s services honestly and lawfully.

We may process and retain personal data for the purpose of fraud prevention and misuse detection. For example, we might analyze ride patterns, payment history, device information, and other usage data to identify potentially fraudulent activity (such as identity theft, fake accounts, or unauthorized use of credit cards) or violations of our terms of service.

If we have reason to suspect that fraud or misuse has occurred, Sisu Taxi Oy reserves the right to take appropriate actions. These actions may include investigating the issue, suspending or terminating the accounts involved, and, where necessary, reporting the matter to the police or other authorities. In such cases, we may share relevant personal data with law enforcement or fraud prevention agencies, but only to the extent permitted or required by law.
Any attempt to exploit, harm, or interfere with our services (for example, hacking into our app, manipulating ride fees, or endangering other users) is strictly prohibited. We will pursue legal remedies against individuals or entities involved in such behavior.
Liability for Misuse: Sisu Taxi Oy is not responsible for losses or damages resulting from unauthorized use of your account or our services if such use is not due to our negligence. It is important that you protect your account information and notify us immediately of any unauthorized access or suspected breach of your account. By using our services, you agree that we may take measures to prevent and mitigate fraudulent or abusive behavior as described above.

Cookies and Tracking Technologies

When you use our website or mobile application, certain information is collected automatically using cookies and similar tracking technologies. This section explains our use of these technologies:

  • Website Cookies: Our website uses "cookies," which are small text files placed on your device, to make our site work and to enhance your experience. Some cookies are essential for the website to function (for example, to keep you logged in or remember your preferences). We also use analytics cookies to collect information about how visitors use our website (such as which pages are visited most often, and if visitors get error messages from web pages) – this helps us improve the website over time. Where required by law, we will ask for your consent before setting non-essential cookies (such as analytics or advertising cookies). You can manage your cookie preferences anytime through your browser settings or our website’s cookie banner.
  • Mobile App Analytics: n our mobile app, we use third-party analytics and crash reporting tools, specifically Google Firebase Analytics and Firebase Crashlytics. These tools automatically collect certain data about your app usage and device. For example, Firebase Analytics may record events like ride bookings or app screens visited, and Firebase Crashlytics logs technical information when the app crashes (such as device model and software version at the time of a crash). This information helps us diagnose issues and understand overall app performance. The data collected through Firebase does not include sensitive personal identifiers like your name or contact details, but it may include device identifiers or other pseudonymous identifiers. We do not collect any biometric data, photos, or audio through these analytics tools. Google may process the Firebase data on servers located in the United States or other countries, but Google is committed to complying with GDPR and we have configured Firebase services to enhance privacy (for instance, by not collecting granular location data and by honoring user opt-outs for personalized ads).
  • Advertising and Third-Party Tracking: Sisu Taxi currently does not display third-party ads in our app or on our website, and we do not directly share your personal data with advertisers. If this changes in the future, we will update this Privacy Policy accordingly. However, our website and app may include social media plugins or links that can set cookies (for example, a Google Maps integration to show ride routes, or a Facebook "Share" button on our website). These third-party elements may collect data directly from your browser under their own privacy policies. We recommend reviewing the privacy policies of any third-party services you interact with for more information on their data practices.
  • Your Choices: You have options to control or limit how cookies and similar technologies are used:
    • On the website, you can set your web browser to refuse some or all cookies, or to alert you when cookies are being sent. You can also typically find an option in your browser settings to delete cookies that have already been set. Please note that disabling cookies might affect website functionality (for example, you might need to re-enter your login information or certain features might not work properly).
    • On the mobile app, you can opt out of certain tracking by adjusting your device settings. Both Android and iOS devices provide options to limit ad tracking or reset your advertising identifier, which can reduce the information collected by analytics and advertising tools. Additionally, you can uninstall the app to stop all data collection by the app.

Keep in mind that completely disabling cookies or tracking might prevent you from using some parts of our services that rely on these technologies. For instance, if you disable location services on your phone, the app may not be able to determine your pickup location. We only use cookies and trackers as necessary for the purposes described in this policy and in accordance with your preferences.

For more details about our use of cookies and tracking technologies, please see our Cookie Policy (if available on our website) or contact us with any questions.

Changes to This Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our services or to ensure compliance with new legal requirements. If we make any material changes, we will notify users by posting the updated policy on our website (and updating the "last updated" date at the top). In some cases, we may provide additional notice, such as via email or an in-app notification, for significant changes.

We encourage you to periodically review this page for the latest information on our privacy practices. Any changes to this Privacy Policy are effective when they are posted on this page. If you continue to use Sisu Taxi services after an update, you will be deemed to have accepted the changes, to the extent permitted by law.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We are here to help and will respond promptly.

Sisu Taxi Oy