Privacy Policy

1. Commitment to Privacy, Discretion, and Operational Integrity

Luxoro Chauffeurs Inc. ("Luxoro," "we," "us," or "our") operates a premium chauffeured transportation service built on discretion, trust, and operational precision. Our business model depends on a coordinated network of clients, corporate account holders, third‑party independent chauffeurs, fleet vehicles, dispatch systems, and external technology service providers that support booking, routing, payments, and communication infrastructure.

Because of the nature of executive transportation, Luxoro may process sensitive travel patterns, business itineraries, corporate scheduling data, and real‑time location information. Such data is treated as confidential operational information, not merely personal data, and is protected under strict privacy‑by‑design, security‑by‑design, and least‑privilege operational principles.

This Privacy Policy describes how Luxoro collects, uses, discloses, stores, transfers, and protects personal information in compliance with:

• PIPEDA (Canada)
• Quebec Law 25
• Canadian Anti‑Spam Legislation (CASL)
• Apple App Store Review Guidelines
• Google Play User Data and Data Safety requirements
• Industry‑standard security and data governance practices for regulated mobility services

By using Luxoro services, including mobile applications, websites, or booking systems, users acknowledge and consent to the processing practices described in this Policy.

2. Scope and Application of This Policy

This Privacy Policy applies to all personal and operational data processed through Luxoro systems, including but not limited to:

• Mobile applications (iOS and Android)
• Website booking platforms and APIs
• Chauffeur dispatch and fleet management systems
• Corporate travel management accounts
• Payment processing systems
• Customer service and communication channels (email, SMS, phone, chat)
• GPS‑based ride coordination and navigation systems
• Fraud prevention, security monitoring, and audit systems
• Third‑party integrations supporting booking, analytics, communications, and cloud infrastructure

Luxoro services are intended exclusively for individuals aged 18 years and older. Where transportation services involve minors as passengers, Luxoro limits data collection to the minimum operationally required and applies enhanced safeguards consistent with legal obligations and safety standards.

3. Data Controller, Accountability, and Privacy Governance

Luxoro Chauffeurs Inc. acts as the data controller for personal information collected in connection with its services.

4. Lawful Basis for Processing Personal Information

Luxoro processes personal information only where a valid legal basis exists, including:

Contractual necessity

Processing required to:

• accept and manage bookings
• dispatch chauffeurs and assign vehicles
• complete transportation services
• process payments and invoicing
• manage corporate accounts and service agreements

Consent

Where legally required or operationally appropriate, including:

• marketing communications (where explicit opt‑in is obtained, such as via checkbox, in‑app notice, or email confirmation; implied consent is only used where expressly permitted by CASL)
• optional location permissions outside active trips
• optional app features requiring additional data access

Legal obligation

Including compliance with:

• tax and accounting laws
• insurance requirements
• regulatory obligations
• lawful access requests from authorities

Legitimate business interests

Including:

• fraud detection and prevention
• cybersecurity and system protection
• safeguarding Luxoro assets (vehicles, chauffeurs, dispatch systems, booking infrastructure)
• operational optimization and service quality improvement
• incident investigation and dispute resolution

Luxoro ensures that legitimate interests are balanced against individual rights and does not process data in a manner that is unfair, intrusive, or unrelated to service delivery.

5. Categories of Information Collected

Luxoro collects only data necessary to operate a safe, reliable, and high‑end transportation service.

Definition of personal information

For the purposes of this Policy, "personal information" means any information about an identifiable individual, including but not limited to identity, contact, location, transaction, and device data.

Identity and Contact Data

Includes:

• full name
• phone number
• email address
• billing and corporate contact details
• emergency contact information (if provided)

Booking and Travel Data

Includes:

• pickup and drop‑off locations
• route and trip history
• scheduling details
• flight or itinerary data (when provided)
• service notes and instructions

Payment and Billing Data

Payments are processed exclusively through PCI‑DSS compliant third‑party processors. Luxoro does not store full credit card numbers or CVV data.

We may retain:

• transaction identifiers
• billing metadata
• invoice references
• payment status logs

Location Data

During active trips, Luxoro may process:

• real‑time GPS location
• route progression
• ETA calculations

Location data is:

• limited to active service windows
• disabled outside trip context unless explicitly authorized
• not used for unrelated surveillance or continuous background tracking

Technical and Device Data

Includes:

• IP address
• device identifiers
• operating system and app version
• crash logs and diagnostic data
• authentication and security logs

Communication Data

Includes:

• customer support communications
• SMS and email confirmations
• booking updates and alerts
• recorded calls where legally disclosed

Fraud and Security Data

Includes:

• risk scoring signals
• abnormal activity detection
• authentication attempts
• security event logs

6. Operational Use of Personal Information

Luxoro uses personal data strictly for legitimate operational and service‑related purposes, including:

• booking fulfillment and chauffeur dispatch
• real‑time trip coordination and navigation
• customer support and communication
• payment processing and financial reconciliation
• fleet and chauffeur coordination
• safety monitoring and incident response
• fraud prevention and account security
• system performance monitoring and improvement
• legal compliance and audit requirements

Luxoro may also use aggregated or anonymized data for analytics, operational reporting, and service optimization, provided such data cannot identify individuals.

7. CASL Compliance and Communication Controls

Luxoro fully complies with the Canadian Anti‑Spam Legislation (CASL).

Commercial electronic messages (CEMs) are only sent:

• with express consent, primarily obtained via explicit opt‑in mechanisms (e.g., checkbox, in‑app confirmation, or email confirmation), or
• where legally exempt (e.g., transactional messages).

All marketing communications include:

• clear identification of Luxoro as sender
• valid unsubscribe mechanisms
• immediate opt‑out processing

Operational messages (such as booking confirmations, trip updates, safety alerts) are not considered marketing communications and are required for service delivery.

8. Strict Non‑Sale and Non‑Brokerage of Data

Luxoro does not sell, rent, trade, or lease personal information.

Luxoro does not:

• provide data to data brokers
• allow third‑party resale of client information
• permit external advertising targeting using Luxoro customer data

Personal information is only shared with service providers strictly for operational purposes described in this Policy.

9. Chauffeurs, Fleet Assets, and Operational Security Model

Luxoro operates a hybrid transportation model involving:

• independent contractor chauffeurs
• fleet vehicles owned or managed by Luxoro or partners
• centralized dispatch and booking systems

All chauffeurs and operational personnel are subject to strict confidentiality obligations.

Chauffeurs receive only minimal necessary trip data, such as:

• passenger name
• pickup and drop‑off location
• trip timing and instructions

They are strictly prohibited from:

• storing or copying customer data
• using data for personal purposes
• disclosing trip information externally
• recording or sharing client activity

Luxoro treats chauffeur access as a controlled operational privilege, not ownership of data. Any violation may result in immediate termination of access, contractual penalties, and legal action.

Fleet data, dispatch systems, and booking engines are considered core business assets and are protected through restricted access controls, audit logs, and monitoring systems.

10. Third‑Party Service Providers and Booking Infrastructure

Luxoro relies on vetted third‑party providers for essential infrastructure, including:

• payment processors (e.g., Stripe)
• mapping and navigation services (e.g., Google Maps Platform)
• SMS and communication providers (e.g., Twilio)
• cloud hosting providers
• analytics and crash reporting tools (e.g., Firebase services)

All third parties are contractually obligated to:

• use data only for specified purposes
• maintain appropriate security safeguards
• comply with applicable privacy laws
• prohibit secondary use of data

Luxoro performs vendor due diligence and privacy impact assessments prior to onboarding providers that handle sensitive operational or location data.

Luxoro treats these third‑party providers as data processors under applicable data‑protection‑style obligations and requires them to bind any subcontractors or subprocessors to equivalent safeguards. Where corporate account holders provide data to Luxoro (e.g., for booking an executive), such data is treated as personal information under applicable law.

11. International Data Processing and Transfers

Luxoro may store or process personal data in jurisdictions outside Canada, including the United States, depending on third‑party infrastructure locations.

Where international transfers occur, Luxoro implements contractual, technical, and organizational safeguards—such as standard contractual clauses‑style protections where applicable, encryption at rest and in transit, and purpose‑limitation controls—designed to ensure protection comparable to Canadian privacy standards.

Users acknowledge that foreign jurisdictions may allow lawful access to data under applicable laws of those regions.

12. Data Retention and Operational Justification

Luxoro retains personal data only as long as necessary for operational, legal, insurance, fraud prevention, and compliance purposes.

Retention periods are determined based on:

• legal limitation periods
• tax and accounting obligations
• insurance claim windows
• fraud and security monitoring needs
• operational continuity requirements

When no longer required, data is securely deleted or anonymized.

13. Account Deletion and Data Removal

Users may request deletion of their Luxoro account through in‑app tools or by contacting the Privacy Office.

Luxoro distinguishes between:

• deletion of data from active systems (removal from production and customer‑facing environments)
• data that must be preserved under legal, compliance, insurance, or fraud‑prevention obligations (kept in restricted or anonymized form)

Some data may remain in anonymized or restricted form where required for compliance, fraud prevention, or dispute resolution.

14. User Rights and Privacy Requests

Subject to applicable law, users may request:

• access to personal information
• correction of inaccurate data
• withdrawal of consent (where relied upon)
• deletion of eligible data
• data portability (structured formats such as JSON or CSV, designed to be both machine‑ and human‑readable where feasible)
• information about processing practices

Luxoro will respond to such requests within applicable regulatory timeframes (e.g., within 30 working days, unless otherwise required by law) after verifying the requester's identity.

Requests are subject to identity verification and legal limitations; Luxoro may refuse a request where required by law or necessary to comply with legal obligations, safety, or fraud‑prevention requirements.

15. Cookies and Tracking Technologies

Luxoro uses cookies and similar technologies to support:

• authentication
• booking continuity
• fraud prevention
• analytics
• system performance monitoring

Where applicable, non‑essential cookies are placed only after explicit user consent (e.g., via banner or in‑app notice) and can be withdrawn at any time through browser or in‑app controls.

16. Automated Systems and Human Oversight

Luxoro uses automated systems for:

• dispatch optimization
• fraud detection
• security monitoring
• ETA prediction
• operational analytics

However, Luxoro does not rely solely on automated decision‑making that produces legal or significant effects without human oversight.

Where automated systems flag risk activity, human review is required before final decisions such as account suspension or booking rejection.

Under Quebec Law 25, profiling or models that produce legal or significant effects for individuals are not used without human review. Users may request information regarding automated processing that affects their service experience; such requests may be made to the Privacy Office and will be addressed within applicable Quebec‑mandated timelines.

17. Privacy Impact Assessments and Governance

Luxoro conducts privacy impact assessments for high‑risk processing activities, including:

• GPS tracking systems
• third‑party integrations
• cross‑border transfers
• fraud detection systems

These assessments ensure compliance with PIPEDA and Quebec Law 25 and reinforce responsible data governance across Luxoro's operational ecosystem.

18. Security Safeguards and Incident Response

Luxoro implements layered security controls, including:

• encryption in transit and at rest where appropriate
• role‑based access controls
• authentication safeguards
• audit logging
• monitoring systems
• employee and contractor confidentiality obligations

In the event of a data breach posing a real risk of significant harm, Luxoro will notify affected individuals and applicable regulators in accordance with Canadian legal requirements and will initiate its incident‑response protocol within 24–72 hours of confirming a breach.

19. Mobile Application Permissions and App Store Compliance

Luxoro mobile applications comply with:

• Apple App Store Review Guidelines
• Apple App Tracking Transparency framework
• Google Play Data Safety requirements

Permissions such as location, notifications, camera, or contacts are:

• requested contextually
• limited to specific functionality
• revocable by users at any time

Luxoro does not engage in cross‑app tracking for advertising purposes without explicit consent.

20. Children and Minors

Luxoro services are not directed at children under 13. Where minors are transported, Luxoro limits data collection strictly to operational necessity and applies enhanced safeguards.

21. Regulatory Complaints and External Oversight

Users may contact Luxoro directly regarding privacy concerns. If unresolved, users may also contact:

22. Governing Law

This Privacy Policy is governed by the laws of Ontario, Canada, and applicable federal privacy legislation. Quebec privacy law applies where relevant based on jurisdiction and user location.