Privacy Policy

Last updated: April 29, 2026

At Auto Taxi we take the privacy of everyone using our services very seriously. This document explains what personal data we collect, why we collect it, and what rights you have under the General Data Protection Regulation (GDPR).

1. Data Controller

P/F Auto
Niels Finsensgøta 28
FO-110 Tórshavn
Faroe Islands

Phone: +298 31 1234 / +298 31 36 36
Email: auto@auto.fo / booking@auto.fo

We are responsible for all personal data collected through the auto.fo website and the AUTO Taxi app.

2. What Data We Collect

When you book a taxi or shuttle ride on the website:

  • Name
  • Email address
  • Phone number
  • Number of passengers
  • Pickup address
  • Date
  • Flight number (for arrivals or departures)
  • Optional comments

When you use the contact form:

  • Name
  • Email address
  • Message

When you use the AUTO Taxi app:

  • Account details (name, email, phone)
  • Location data (when GPS is enabled, to dispatch a driver to you)
  • Trip and booking history
  • Communications with us

3. Why We Collect It (Legal Basis)

  • To process bookings and provide transport: performance of a contract (GDPR Art. 6(1)(b)).
  • To inform you about changes to your booking: performance of a contract.
  • To respond to enquiries: legitimate interest (GDPR Art. 6(1)(f)).
  • To prevent spam and abuse: legitimate interest.
  • To meet accounting and tax obligations: legal obligation (GDPR Art. 6(1)(c)).

4. How Long We Keep It

  • Website bookings: 1 year after the trip, to handle complaints and queries.
  • Contact form messages: 1 year after the conversation.
  • Accounting records: 5 years, as required by Faroese tax law.
  • App account: while the account is active, plus 1 year after deletion.

5. Who Has Access

  • P/F Auto staff who use the data to fulfil bookings.
  • Drivers, who receive only the information they need to pick you up (name, phone, pickup address).
  • Trusted external service providers (within the EEA) for hosting, database storage, and email delivery. All such providers are bound by data processing agreements that meet GDPR requirements.
  • Public authorities or law enforcement, if they request it on a valid legal basis.

We never sell your data to third parties.

6. Where Data Is Processed

All personal data is processed within the European Economic Area (EEA). We use service providers with servers located in Europe and adhere to GDPR rules.

7. Your Rights

Under GDPR you have the following rights:

  • Access: request a copy of the data we hold about you.
  • Rectification: if data is wrong or incomplete, ask us to correct it.
  • Erasure (right to be forgotten): ask us to delete your data when no longer needed.
  • Restriction: ask us to limit how we use your data.
  • Portability: receive a machine-readable copy to transfer to another service.
  • Objection: object to processing based on legitimate interest.
  • Withdraw consent: where we rely on consent, you can withdraw it at any time.

To exercise these rights, email auto@auto.fo.

8. Right to Complain

If you believe we are not following GDPR or good data practices, you have the right to complain to:

Dátueftirlitið (Faroese Data Protection Authority)
www.dat.fo

9. Security

We do everything reasonably possible to protect your data:

  • All forms are submitted over secure HTTPS connections.
  • Bookings are stored on secure servers with encryption.
  • Access is restricted to staff who need it.
  • We have spam and abuse protection in place.

10. Changes to This Policy

We may update this document from time to time. The "last updated" date at the top of the page reflects the latest version. Significant changes will be announced on the website.