Privacy Policy

This Privacy Policy outlines our practices regarding the collection, use, and sharing of your information through Bus Times App / London Live Bus Countdown (“Service”) when you use our app.

Mobicia Ltd provides the services in the app in collaboration with Partners, who act as processors under the control of Mobicia Ltd.

Mobicia Ltd (“we”, “us”, or “our”) respect your privacy and are dedicated to protecting the personal data of its users (“you” or “your”). This policy details the types of information we collect from you and your devices, explains how we use and protect that information, and specifies your rights in relation to that information.

We collect various of personal information, and with the “Rewards and Alerts” service, the intelligent travel assistance (such as automatic commuter alerts) and personalised offers (e.g. retail vouchers or discount codes) are provided through the careful analysis of various data points such as location and motion data.

By using our app and/or registering for the “Rewards and Alerts” service, you agree to the collection and use of information in accordance with this policy, which aims to ensure the privacy and confidentiality of your personal data.

This Privacy Policy applies to all users of our Service and is in compliance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA 2018), the California Consumer Privacy Act (CCPA), and other relevant laws.

The privacy and security of your data are of utmost importance to us. Please read this policy carefully to understand our practices and your rights regarding your personal data. If you do not agree to any part of this Privacy Policy, you must immediately discontinue using the Service.

Information Collection

We are transparent about the data we collect from our users. Here is an exhaustive list of the types of personal data we collect and the reasons for their collection:

1. Location Information: We collect precise or approximate location data from your device if you grant us permission. This information allows us to offer location-based services, analyse your mobility behaviour and usage patterns to predict your upcoming journeys, and provide personalised content. The “Rewards and Alerts” service require that collecting your precise location and motion data also happens when the app is closed.
2. Motion Information: To enhance the functionality of our app, we collect motion data (such as pedometer data) to understand your modes of transport, which helps in improving our mobility behaviour detection and journey prediction.
3. Journey and Place Data: Journey and place data is collected while you interact with the Service (e.g. when you enable notifications for a journey) or is automatically derived from your behaviour (e.g. from your significant dwells) and is processed to provide you with an optimal app experience, assistance for your travels, to personalise offers we may provide to you or to derive anonymized movement patterns that inform future public transport developments and facilitate the analysis of commuter flows.
4. Interaction Data: How you interact with our app helps us to optimise the user interface and personalise the user experience.
5. Usage Information: We collect information about how you use our application, including application opens, updates, first launches, and in-app purchases. This data is crucial for app improvements and to offer a seamless user experience.
6. User Feedback: Your feedback is collected to address your concerns, improve our services, and respond to your inquiries.
7. User Crash Logs: We gather information when the app crashes to identify and fix bugs, ensuring the app’s stability.
8. Device Information: Details about the hardware of your device, including the model and operating system, are used for analytics and to tailor our app’s performance to suit your device.
9. Network Information: Your network details, such as IP address and mobile network information, are used to maintain the security and operation of our app, and for internal analytics.
10. Unique Device Identifiers for Advertising: We use identifiers like the Google Advertiser ID or IDFA to deliver personalised advertising content, provided you have given us consent to do so.
11. Personal Identification Information: The app uses the sign-in services of Google and Apple. We don’t retrieve or store any profile information such as your name or email. We only store the account identifier provided by the Log-in service.
    If you interact with our support services, we collect your email address and full name to identify you, communicate with you, and provide you with support and services.

Data Usage

The information we collect serves a variety of purposes that are essential to delivering a high-quality service to you. Below we outline how and why we use your data:

• Personalised Travel Assistance: With your explicit consent, we use your data to provide you with contextual and personalized travel assistance (such as automatic commuter alerts). This includes analysing your location and motion data as well as journey data you provided to the app.
• Personalised Offers: With your explicit consent, we use your data to offer you rewards or show personalised advertisements that are tailored to your interests. This includes analysing your location, motion, and usage information to present offers and ads that are relevant to you and your context.
• Service Improvement and Analytics: The data we collect helps us understand how our app is used, identify what works well, and what can be improved. We analyse usage patterns, app stability (through crash logs), and device performance to enhance the functionality and user experience of our app.
• Third-Party Sharing: We share certain information with trusted partners to provide advertising, remarketing, behavioural targeting services and personalised offers. These partnerships help us keep the app free for users and support our business operations. We ensure these partners adhere to strict data protection and privacy standards. These third-party services act as independent data controllers with their own privacy policies. You can learn more about our trusted partners and their policies here: https://mobicia.com/privacy/partners

• Partner Information:

  • Axon Vibe Limited (Blisworth, Northamptonshire, United Kingdom)
    Collaboration: Provision of the “Rewards and Alerts” functionality within the app, enhancing user experience with intelligent travel assistance and personalised offers.
  • Monedata Ltd (128 City Road, London, EC1V 2NX, United Kingdom, privacy@monedata.io https://monedata.io/privacy).
  • Huq Industries Limited (154-160 Fleet St, London, Greater London, EC4A 2DQ, United Kingdom, dpo@huq.io https://huq.io/our-privacy-policy/).
  • Outlogic Inc (https://outlogic.io/privacy-policy/).
  • Umlaut Solutions (https://umlautsolutions.com/uk/privacy-policy/)
  • M2catalyst LLC (https://www.m2catalyst.com/privacy)
  • Teragency Limited (https://teragence.com/privacy-policy/)
  • CellRebel AB (https://www.cellrebel.com/privacy_policy)
    This application integrates with select third-party services which may gather information such as device details, location, network performance, and app usage statistics, always with your explicit permission. This collaboration allows us to offer tailored features and improvements. You have full control over your data: consent can be modified at any time through the More->Ad Personalisation option. Details on data collected and to view our partner list here.
• Offers from Third-Party Advertisers: The service may present you with personalised offers from third-party advertisers in the form of web links. We use services from AWIN Inc. to track your visit across this app and advertiser sites for the purpose of sales attribution. AWIN makes use of cookies and other tracking technology. We don’t share any personal data or user identifier with AWIN, and AWIN doesn’t know who the user is – AWIN simply tracks that the same user started their journey in this app and completed it with the advertiser’s site.

• • You can review AWIN’s Privacy Policy here:
    https://www.awin.com/gb/privacy#section_awin-consumers
  • Details about the tracking cookies used by AWIN can be found here:
    https://privacy.awin.com/#sale-attribution-awin  

• Legal Obligations and Rights Protection: We may use your data to comply with legal obligations, respond to enforcement requests, or protect the rights and interests of our users, ourselves, or third parties. This may include detecting and preventing malicious or fraudulent activity.
• User Support and Feedback: We use the feedback you provide to address your concerns and improve our services. When you reach out to our support team, we use the information you provide to resolve issues and respond to your inquiries.
• Infrastructure and Platform Services: To ensure the smooth operation of our app, we use your information to maintain and improve the infrastructure and hosting platforms of our service. To provide the Service, the related websites (such as the Privacy Dashboard) include services of Google Maps Platform and Here Maps Platform. These are used to e.g. display interactive maps and routes for you and provide you with nearby points of interest.

1. • You can view the Google Terms of Service here:
     https://policies.google.com/terms
   • The Google Maps/Google Earth Additional Terms of Service can be found at:
     https://www.google.com/help/terms_maps
   • The Google Privacy Policy is available at:
     https://policies.google.com/privacy
   • Here Maps End User Terms of Service at: https://legal.here.com/en-gb/terms/here-end-user-terms
   • Here Maps Privacy Policy is available at: https://legal.here.com/en-gb/privacy

• We may enlist subcontractors to provide or administer the Service. We shall assure that this privacy statement is binding on such subcontractors. Our subcontractors include:

1. • Amazon Web Services (AWS)
   • Google Cloud
   • Microsoft Azure
   • Databricks Inc.
   • Typeform SL
   • Slack Technologies Inc.
   • FreshDesk (Freshworks Inc.)
   • AWIN Inc.

• Data Transfer Outside the EU: We transfer data to countries with a high level of data protection. This includes transfers within the EU, EEA, Switzerland, and the UK, and in certain instances, the United States, under strict data protection arrangements.
• Integration of External Data Sources: We refine the forecasts of your travel behaviour with real-time data that is not specific to any individual, such as weather data, timetable data, rail, and road traffic data, as well as data relating to public transport stations or other places that you may access.
• Anonymised Data: Anonymised data and analysis can be passed on to third parties. We may supplement it with additional data not specific to any individual (e.g. to analyse commuter flows). We may also use anonymised data to improve the services rendered to you, e.g. by optimising the routes we provide to you based on data collected through the Service.

Consent

Consent is a cornerstone of our data collection philosophy. We are dedicated to ensuring that your personal data is processed only when we have your explicit consent to do so, in accordance with relevant data protection laws.

Obtaining Consent

Upon your first use of the app, you will encounter a consent banner powered by Google’s Consent Management Platform (CMP). This banner provides detailed information about the types of data we collect and the purposes for which it is used. You have the option to:

• Grant consent for the processing of your data for specific purposes.
• Deny consent for any purpose that you are not comfortable with.

Your choices on the consent banner determine how we process your personal data.

Managing Consent Preferences

To ensure ongoing control over your personal data, our app includes a dedicated section named “Personalisation” within the ‘More settings’ screen. Here you can:

• View your current consent choices.
• Update your preferences for each specific purpose.
• Withdraw your consent entirely at any time.

Withdrawal of Consent

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. If you withdraw your consent, we will cease to process the data for the purposes you have withdrawn, and take steps to delete any data that requires your consent to hold.

Please note that the withdrawal of consent may affect the functionality and features offered to you within the app. If you have any questions or need assistance with managing your consent preferences, please contact us at consent@mobicia.com.

We are committed to upholding your rights and will ensure that your preferences are respected. Please review your consent choices regularly to ensure they continue to reflect your wishes.

Data Sharing and Disclosure

Your privacy is important to us, which is why we only share your information as described in this policy and when we have your consent or under the following circumstances:

1. With Service Providers: We employ other companies and individuals to perform functions on our behalf. These may include hosting our data, providing infrastructure and services, marketing assistance, processing payments, and conducting customer service. These service providers have access to personal data needed to perform their functions but are not permitted to use it for other purposes.
2. For Legal Reasons: We may disclose your information if we believe that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to enforce our agreements, terms, and policies; to protect the security or integrity of our services; to protect our app, our customers, or the public from harm or illegal activities; or to respond to an emergency which we believe in good faith requires us to disclose information.
3. With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to choose not to share the information.
4. International Transfers: We transfer information we collect about you to countries other than the one in which the information was originally collected. When we transfer your information to other countries, we will protect it as described in this privacy policy and such transfers will be in compliance with applicable law.

Data Transfer Outside the EU

Your information may be stored and processed in any country where we have facilities, collaborate with partners or processors, or in which we engage service providers, including the United States. By using our app, you understand that your information may be transferred to countries outside of your country of residence, which may have different data protection rules than in your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your information remains protected to the standards described in this privacy policy.

Third-Party Privacy Policies

Our app may contain links to third-party websites, products, or services. Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.

User Rights

We recognize and support all user rights as outlined by data protection laws applicable in the United Kingdom, the European Union, and the United States, including the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA 2018), and the California Consumer Privacy Act (CCPA). As a user of, you have the following rights:

1. Right to Access: You have the right to request a copy of the personal data we hold about you.
2. Right to Rectification: If the information we hold about you is inaccurate or incomplete, you have the right to have it corrected.
3. Right to Erasure: You may request the deletion or removal of personal data when there is no compelling reason for its continued processing.
4. Right to Restrict Processing: Under certain circumstances, you have the right to ‘block’ or suppress further use of your data.
5. Right to Data Portability: You have the right to obtain and reuse your personal data for your own purposes across different services.
6. Right to Object: You have the right to object to the processing of personal data in some circumstances, including the right to opt-out of sales as understood under the CCPA.
7. Rights in Relation to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Exercising Your Rights

To exercise any of these rights, please follow these steps:

• Via the App: To manage your consent preferences, access the ‘Personalisation’ section within the ‘More settings’ screen. Optionso manage your data within scope of the Rewards and Alerts features including viewing, exporting, or erasing your personal data are located at the bottom of the Rewards and Alerts screen.

• Contact Us: If you wish to exercise any of the above rights, please contact us using the contact details provided in this policy. We will respond to your request within a reasonable timeframe and provide assistance as required by law.

Children’s Privacy

Our app does not address anyone under the age of 13. If we learn that we have collected personal data from a child under age 13 without verification of parental consent, we will take steps to remove that information from our servers. If you are between 13 and 17 years of age, it is assumed that such use has been consented to by your parent or guardian.

Changes to Your Data

You are responsible for ensuring that all personal data you provide to us is accurate and up to date. You can edit your personal information within our app at any time.

If you have any concerns about the use of your data or these rights, please contact our Data Protection Officer at dpo@mobicia.com.

Data Security

We take the security of your data seriously. We have implemented a range of physical, technical, and administrative measures to safeguard your personal information against loss, theft, and misuse, as well as against unauthorised access, disclosure, alteration, and destruction.

Security Measures for the “Rewards and Alerts” functionality Include:

1. ISO 27001 Compliance: Location and Motion Information, like Journey and Place Data are protected according to the stringent standards of ISO 27001, an internationally recognized standard for information security management systems, ensuring that your data is managed securely.
2. Data Encryption: We use encryption to protect your data in transit and at rest, making sure that your personal information is secure from unauthorised access.
3. Access Controls: Strict access controls are in place to ensure that only authorised personnel have access to your personal data, and only for permitted purposes.
4. Regular Security Training: Our staff receives regular training on best practices in data security and privacy to ensure they understand the importance of protecting user data.
5. Continuous Monitoring and Development: We continuously monitor our systems for potential vulnerabilities and attacks and develop our security measures to ensure the ongoing protection of your data.

Security Breaches

Despite our efforts, the transmission of data over the Internet is not completely secure. In the event of a data security breach, we will comply with applicable law in notifying you and any applicable regulators of the occurrence, as well as any steps you should take to protect your data.

International Data Transfers

Your data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) in compliance with legal and regulatory standards. By submitting your personal data, you agree to this transfer, storing, or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Third-Party Data Security

When sharing your data with third parties, we take steps to ensure that they also employ robust security measures. However, we cannot guarantee the security of your data once it is transferred to third parties and will not be liable for any breaches that occur by these third parties.

Your Responsibility

You are an integral part of the data security process. Please help keep your account safe by using a strong password for your Apple or Google account and keeping those login credentials private. If you believe your privacy has been breached, please contact us immediately.

Retention Periods:

1. Location and Motion Data: Your raw location and motion data are stored for a maximum duration of 12 months unless we are required to retain this data for a longer period due to legal obligations.
2. Account Inactivity: In the event of inactivity for a period of 6 months, we will take steps to fully and irrevocably delete all data associated with your profile.
3. User Feedback and Support Data: Data you provide through feedback forms, support requests, or customer surveys may be stored for a maximum duration of one year to ensure we can adequately address any follow-up issues that may arise.
4. Anonymised Data: We may retain data in an anonymised form beyond the above retention periods for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Managing Your Information:

Our app provides you with the ability to manage your information:

• You can pause the recording of your location and motion data at any time by withdrawing the corresponding consents and by logging out of the service.
• You have the option to view, export, and delete your location and motion data directly within the app.
• Full deletion of your profile and associated data can be initiated from within the app settings or by contacting our support team.

Data After Closure of Your Account:

Upon closure of your account, we will delete your personal information within 30 days except for information that we are obliged to retain for a longer period due to statutory retention periods or if we require the data to assert, exercise, or defend against legal claims. In such cases, we will restrict the processing of data for other purposes.

Responsibility for Third-Party Data Deletion:

If we have shared your data with third parties, we will take reasonable steps to inform them of your deletion request. However, you may also contact these third parties directly to request deletion of your data processed by them.

Changes to the Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in our operations or legal and regulatory requirements, and to accommodate new technologies, industry practices, and for other legitimate purposes.

Responsibility to Review:

• It is the responsibility of the user to stay informed of any changes to this Privacy Policy by checking this page periodically.
• Your continued use of the Service after any changes to the Privacy Policy signifies your acceptance of our updated terms.

Reviewing the Privacy Policy:

• We recommend that you review the Privacy Policy regularly to ensure you are updated on any changes.
• The date of the last update will be indicated at the bottom of this Privacy Policy for your convenience.

Acceptance of Changes:

Your use of our Service following any amendment of this Privacy Policy will signify your assent to and acceptance of its revised terms for all previously collected information and information collected from you in the future.

Contact Information

Mobicia Ltd

8 Blackstock Mews
London, N4 2BT United Kingdom
privacy@mobicia.com

The operational Data Protection Officer of Mobicia Limited is available at said address c/o Data Protection Officer and privacy@mobicia.com

©Mobicia Limited, Version 1.01, last updated 21/12/2023