Privacy statement

Privacy statement Dumoco

Processing personal data

Your privacy is important to us. This statement forms the basis on which all personal data that we collect from you or that you provide to us is processed by Dumoco (hereinafter “Dumoco”, “we”, “us” or “our”). Please read the following carefully to learn how Dumoco handles your personal data. The term “Personal Data” refers to information about you personally (name, registration number, telephone number, email, etc.). Please note that due to both changes in the law and the ever-changing nature of technology, our privacy policy is subject to change. Whenever a change occurs, we update our Privacy Statement without notifying you. The most recent version of our Privacy Statement applies. We therefore recommend that you check this statement regularly. Personal data is processed by us with the greatest possible care in accordance with the General Data Protection Regulation (GDPR). The starting point for processing is that data that are processed are sufficient, not excessive and relevant.

Who is responsible for the data?

Dumoco, with its registered office in Amersfoort, is the Data Controller for the Processing of your data. This statement applies to the collection and more generally the processing of personal data by Dumoco, the main purposes of which are the processing of payments and the provision of mobility services from Dumoco.

Retention period

We do not store the personal data collected by us for longer than is necessary for the purposes for which this personal data was collected and for a maximum of 18 months after its expiry, unless stated otherwise in this Privacy Statement. After the retention period stated here, all your personal data will be deleted, unless the data must be kept longer due to legal obligations. Deletion implies anonymising, destroying or editing in such a way that it is no longer possible to identify you.

What data is collected and for what purpose?

You may provide us with information by filling out forms on our website(s) or through your employer, by using our website, by contacting us by phone or email, by using third party services or otherwise. This includes information you provide when you register on our websites, use third-party mobility services, send us a request, contact our customer service, contract for the provision of services, participate in promotions or surveys and when you report a problem with our site. The personal information you provide, which is necessary to enable us to provide you with our services and/or to provide us with an answer, may include your name, address, email address, telephone number, ride information (location, time, supplier, customer number ), and contain bank details. We do not use your personal data for purposes other than those described in this Privacy Statement. We will never sell your personal data. More specifically, in order to provide, change or update your request to provide one or more (mobility) services, we need to collect information from you in the following cases.

Registration via website

Dumoco carries out projects on behalf of various clients. In order to give you the opportunity to participate in our projects, we ask you to fill in a registration form. During this registration you also agree to the Privacy Statement of Dumoco. This data is used on a legal basis, namely to implement the agreement. We keep your data on our website for up to 18 months after termination of the agreement.

Entering into an invoice relationship

If we enter into an invoice relationship with you, Dumoco needs your account details such as personal details, name and address details and bank account number. This data is used on a legal basis, namely to carry out our administration obligation. We will keep this data for 10 years after the invoice date.

Activating and using third party transportation services

Within the project you can use services from third parties. These third parties are, for example, Greenwheels (car sharing), OV-Fiets (bicycle sharing), RCBKA (public transport), Transvison (taxi) and Yellowbrick (parking). For the proper functioning of these third-party services within Dumoco, we must in some cases exchange your data with these third parties, in other cases you do this yourself. When you use third-party services via Dumoco, we exchange data with these third party(ies).

Dumoco receives journey data from transport services to monitor and settle consumption and for data analysis and research. We take safeguards to prevent an invasion of your privacy. For example, we only pass on data to third parties that these parties need for the performance of their services. In some cases this is just your customer number, in other cases your name and contact details will be provided. We receive travel information and journey data from third parties. This includes the location, date, supplier and price of a travel transaction.

These third parties act as independent Controllers for you. By using the services of these third party(ies) through Dumoco, you agree to the terms and conditions and the privacy statement of these party(ies). We only do business with parties selected by us that meet high privacy requirements. Nevertheless, after receipt of your data, the relevant party is the Responsible Party. We are not responsible for the content, privacy and security practices and policies of these third parties with whom we share information. We encourage you to review the privacy and security practices and policies of the third party before submitting any information to them. You can find these on the website of the third party, if necessary you can request the third party to provide them to you.

The basis for the exchange of data with third parties is the execution of the agreement. We process your data from third parties for up to 18 months after the termination of your user account. The retention period with the third parties can be found in the privacy policy of the relevant party.

Customer contact and (electronic) messages

In order to answer your questions or to help you with something, it is sometimes necessary for us to use your data. This information has been provided to us by you. This concerns, for example, your contact details, your ride data or your device data. We may need to use your bank details to handle complaints or requests.

We will send you, without permission, messages that are not advertising in nature, for example messages about the purchase, management, modification or termination of Services or about the use of Services from third parties, such as in the event of changes or calamities.

The basis for the processing of this data is the execution of an agreement. We keep your customer contact information and electronic messages for up to 18 months after the termination of your user account.


We use as much as possible aggregated data, for example travel data, to prepare reports and carry out statistical research. We do not use names, email addresses or other directly identifying information for reports to Dumoco’s management. Names and contact details are used for reports to your employer.

The basis for the processing of this data is the performance of an agreement and the representation of Dumoco’s legitimate interests. We keep reports up to 18 months after termination of the agreement.

Improving Dumoco

Dumoco is constantly improving its services and your user experience. In order to improve our services, analyzes are made of your data. For example, travel data, website visits, system and account data are analysed.

The basis for the processing of this data is the representation of Dumoco’s legitimate interests. We keep this data for 18 months after the termination of your user account.

Keeping Dumoco safe

Met het oog op fraudepreventie en -detectie kunnen wij uw contact- en reisgegevens gebruiken. Ook kunnen wij voor beveiligingsdoeleinden gebruik maken van uw account- en systeemgegevens als ook uw IP adressen.

For the purposes of fraud prevention and detection, we may use your contact and travel details. We may also use your account and system information as well as your IP addresses for security purposes.

To whom do we provide personal data?

We may provide you with the personal data relating to you. We provide your data to the following category of recipients:

1) Hosting parties​

2) Customer service software

3) Phone providers

4) Analysis software

5) Security software to keep our services safe

6) File sharing

7) Research software and services

Storage data

Links to Third Party Sites


Six rights

Questions or complaints?