Uber transfers personal data of drivers to countries outside their country of residence, including to the United States. For data transfers from the EEA or UK, Uber relies on Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms, to ensure an adequate level of protection for the transferred data.
The Irish DPC fined Uber €290 million in 2023 specifically because its international data transfer safeguards were inadequate. This provision is directly relevant to that ongoing compliance risk.
Uber collects extensive personal data from drivers and delivery people, including real-time location data continuously while the app is active, telematics data measuring driving behavior, government-issued ID and background check information, and potentially audio and video recordings from in-cabin devices. This data is shared with insurance companies, background check providers, law enforcement on request, and third-party business partners, and can influence a driver's ability to remain on the platform. You can access, correct, or request deletion of your personal data by submitting a request through Uber's privacy portal at privacy.uber.com.