1. Who We Are
Drakkar AS (org. nr. 935 975 530) is the data controller for personal information processed through the Drakkar platform. Drakkar serves multiple user types including riders, drivers, vehicle owners, fleet operators, and business customers.
This policy applies to all users of the Drakkar platform: riders (passengers), drivers (transport providers), car owners (løyvehavere), fleet owners and fleet employees, and corporate/employer accounts.
Contact: personvern@drakkkar.no
2. Information We Collect
Account Information (All Users)
Name, phone number, and email address used to create and manage your account.
Location Data (Riders & Drivers)
Pickup and destination locations when you book a trip. During an active ride, we collect the driver's real-time location to track the trip and provide navigation.
Payment Information (All Users)
Payment data is processed securely through third-party providers (Stripe, Vipps). We do not store your card details. For car owners and fleet owners, we also process payout information.
Driver Information
Identity verification through BankID, driving credentials, vehicle registration details, and insurance information.
Car Owner Information
BankID-verified identity, company registration details, vehicle registrations, insurance certificates, and employee/driver assignment records.
Fleet Owner Information
BankID-verified identity, fleet company details, vehicle fleet registrations, driver assignment and invitation records, manager information, and fleet analytics data.
Employer & Corporate Information
BankID-verified administrator identity, organisation details, employee ride spending records, and corporate billing data.
Trip Data
Routes, times, fares, and passenger and driver ratings.
Communications
In-app messages between riders and drivers, fleet communication logs, and conversations with our support team.
Voice Input (Optional)
If you use voice-based booking, your speech is converted to text for processing. The audio file itself is not stored.
Technical Data
Device type, app version, and IP address for security, troubleshooting, and service improvement.
3. How We Use Your Information
- Provide and improve our ride-hailing service
- Match riders with available drivers
- Process payments and prevent fraud
- Verify driver identity and credentials
- Ensure safety during trips
- Handle support requests and resolve disputes
- Comply with Norwegian transport and tax regulations
- Send service-related notifications
4. Automated Decision-Making
When you request a ride, our system automatically determines which available driver to assign. This decision considers factors such as proximity to your pickup location, driver availability, and service reliability.
This automated matching directly affects which drivers receive trip offers and may impact driver earnings.
Your Rights Regarding Automated Decisions:
- You have the right to request a human review of any automated decision that affects you
- Submit a review request through the app
- A member of our team will review your case within 72 hours
- We will explain the factors that influenced the decision in clear, understandable terms
We do not make decisions based on race, gender, religion, or any protected characteristic.
5. Data Sharing
We share your information only when necessary and in accordance with applicable law:
- With drivers: your name and pickup location when a trip is booked
- With riders: driver name, vehicle details, and real-time location during a trip
- With car owners and fleet owners: trip and earnings summaries for drivers under their management
- With employers: employee ride spending summaries for corporate billing
- With payment providers (Stripe, Vipps) to process transactions and payouts
- With identity verification services (BankID) for driver, car owner, fleet owner, and employer onboarding
- With authorities when required by Norwegian law
We do not sell your personal data to third parties.
6. International Data Transfers
Your data is primarily stored within the EU/EEA. Some service providers (payment processing, notifications) may process data in the US under appropriate safeguards including Standard Contractual Clauses.
7. Data Retention
- Trip and payment records: Retained as required by Norwegian accounting law (up to 5–6 years per bokføringsloven)
- Location data: Automatically deleted after a limited period
- Account data: Retained while your account is active; deleted or anonymized upon account deletion request
- Driver, car owner, and fleet owner identity documents: Deleted upon account deletion; regulatory copies retained as required
- Corporate billing records: Retained for 5 years per Norwegian accounting law
- Voice recordings: Not stored; only text transcriptions are retained temporarily
- Support conversations: Retained for up to 1 year
- Anti-money laundering records: 5 years after end of business relationship (hvitvaskingsloven § 30)
8. Your Rights
Under GDPR and Norwegian data protection law (personopplysningsloven), all Drakkar users — riders, drivers, car owners, fleet owners, employers, and employees — have the right to:
- Access your personal data
- Correct inaccurate information
- Request deletion of your data
- Export your data in a portable format
- Withdraw consent at any time
- Object to processing based on legitimate interests
- Request human review of automated decisions (GDPR Article 22)
- Lodge a complaint with Datatilsynet (Norwegian Data Protection Authority)
For full details on how to exercise these rights for your specific account type, visit our Data Rights page.
Contact: personvern@drakkkar.no
Datatilsynet: www.datatilsynet.no
This policy is governed by the General Data Protection Regulation (EU) 2016/679 and the Norwegian Personal Data Act (Personopplysningsloven).
9. Cookies
We use essential cookies to keep you signed in and ensure the application functions. Learn more in our cookie policy.
In the event of any conflict between the Norwegian and English versions of these terms, the Norwegian version shall prevail.