What You Should Know About Uber’s Privacy Policy

Uber recently updated its privacy policy, so we gave it a look to see what Uber does (and doesn’t do) with the data it collects from you via their app, website, and various other third parties.

P.S. if you’re interested in what Twitter is doing with your data, check out this article

Uber collects a lot of data

Uber gathers a lot of your data through its app, website, partners, and third-parties. This includes:

  • Demographic and identity verification data
  • Usage, device, communication, and location data
  • Data from business partners that use Uber’s API, business partners related to the Uber Visa card, “publicly available sources” and “marketing service providers”

This doesn’t even cover how much data is collected by pixels and beacons. That deserves its own section.

Invasive cookies and pixels help serve you ads

Cookies and pixel tags are used across browsers, apps, and mobile devices to help identify you and your devices. This collects data such as:

  • Device type
  • Operation system,
  • Browser type and version,
  • Websites you visit (and when)
  • Referring website
  • IP address
  • Advertising ID
  • Similar information.

Cookies are used for a variety of reasons, including synchronizing the ads you see across devices and platforms.

Uber has an entire page dedicated to how it uses cookies, which you can find here.

Your Uber data is used for marketing, personalization, advertising, and even election-related purposes

Uber specifies that it personalizes marketing and advertising based on location, use of Uber, preferences, and settings. It will also contact users about elections and other political purposes related to Uber in user areas.

If you’ve ever received a newsletter or ad related to an upcoming bill or local election related to Uber’s ability to serve your area, that communication is made possible with the data it collects.

Uber sells your data, but only with your consent

According to its privacy policy, Uber does “not sell users’ personal data to, or share it with, such partners or others for purposes of their own direct marketing or advertising, except with users’ consent.” (emphasis ours).

This gives users control over how their data is sold, which is a good thing.

Your data is used to make pricing decisions

“Dynamic pricing,” Uber’s term for charging more or less for the same service or product, is based on different factors, including riders and drivers available, estimated time, traffic, and predicted route.

Your communication data isn’t private

Communication information between you and your driver is seen by Uber and is used for various purposes, such as determining whether or not you get a cancellation fee in case you cancel a ride.

Location data is used to avoid charging cancellation fees

Data is used to make various automated decisions by Uber. One of these decisions is related to cancellation fees, which are usually incurred by a user who cancels a ride before a driver arrives at their location. Uber uses location data to ensure that a driver isn’t purposefully trying to force a user to cancel the ride. If they are, Uber can detect that and avoid charging users a cancellation fee.

Uber likes to share

Your data is shared with a lot of partners including marketing and marketing platform providers, data analytics providers, research partners, insurance partners, airports, third-party vehicle suppliers, and more.

Uber keeps your data, even if you delete your account

While Uber deletes most of your data when you delete your account, for regulatory and legal reasons, they will keep location, device, and usage data for at least 7 years and may use it for “safety, security, fraud prevention and detection, and research and development” reasons.

Uber will share your information with law enforcement, but with some caveats

While some companies freely provide information to law enforcement at nearly any request, Uber requires a little more in the interest of their users’ privacy. Here are some details worth pointing out.

They require a subpoena tied to a criminal investigation to “compel the disclosure of basic information”. There are a few exceptions to this, in the case of “emergency and exigent requests”, if the user has provided consent, or if different legal or regulatory standards apply.

Uber will notify riders and drivers whenever law enforcement has requested information unless the notice would be “counterproductive”, create further risk, if there is a non-disclosure order tied to the request, or if law enforcement has a strong enough case to prevent Uber from notifying a user. If provided a non-disclosure order, Uber may still provide notification to a user after the order expires or is withdrawn.

Uber’s privacy policy: par for the course, strict on law enforcement

We weren’t surprised by too much of what we saw in their privacy notice and were even surprised to see how some data was used to automate some decision-making. We like that Uber is transparent in how they comply with law enforcement requests and are willing to communicate to users whenever their information is being shared in this way.

We hope this article shines a light into how your data is collected and used by Uber. If it makes you uncomfortable, and you decide to delete your account, remember that your data will be kept for 7 years. If you want to see the entire privacy notice for yourself, you can find it here.

Photo by Victor Xok on Unsplash

Show More
Back to top button