Hizke

Data processing agreement

When a taxi or private-hire firm runs on Hizke, Hizke processes personal data — passenger bookings, driver records, journey data — on that firm's behalf. That relationship needs a proper data processing agreement (DPA), and every pilot firm signs one during onboarding.

What the DPA covers: the roles of controller (your firm) and processor (Hizke); the categories of data processed; security measures including tenant isolation, encryption of credentials and audit trails; sub-processor commitments (including our cloud infrastructure providers); breach notification duties; and data return or deletion when an agreement ends.

Safeguarding data: school and SEN transport work involves children's data. The DPA addresses this explicitly, with stricter handling requirements matching the platform's safeguarding design.

The standard DPA text is provided to pilot firms with the pilot legal pack. Councils and corporate clients with their own processing requirements: email hello@hizke.com and we'll work through them.