​Uber Technologies says that if you catch a ride with one of its drivers, your personal and financial data are safe — from Uber itself.

The ride-booking company on Friday used a blog post to release the results of what it described as a thorough outside examination of its privacy and personal data policies.

While popular with users and investors, the company has faced criticism that its employees inappropriately accessed customer data. That is just one problem that Uberis trying to overcome — another is that it does not properly screen drivers that connect with passengers through its app to ensure they have clean criminal records.

In the blog post, Uber said attorneys from the law firm Hogan Lovells spent six weeks reviewing documentation and interviewing executives and concluded that, “overall our privacy program is strong.”

“While Uber is encouraged by these findings, we fully acknowledge that we haven’t always gotten it right,” according to the blog post.

Specific recommendations include:

  • Specialized Employee Training: Uber will introduce mandatory, job-specific training on privacy and data security issues, including periodic refresher sessions to make certain all employees are up to date on policies.
  • Improved Clarity for Users: Hogan Lovells concluded that Uber “comprehensively describes” its data collection and data use, but they find that we can do better and recommend we make policies easier to understand. The report recommends we make it more clear how Uber uses consumer information; to this end, we will be publicly releasing new privacy policies soon.
  • Reinforced Access Controls:  Hogan Lovells finds that Uber has appropriate policies, implemented by technical and other measures to restrict access to user data to authorized employees. But they conclude that we can make these measures more granular, reinforcing and tightening existing technical controls. We are currently working to make these changes.

Last fall, the company said it would investigate whether one of its general managers violated its privacy policies by snooping on a reporter’s ride. That news followed a report that an Uber senior vice president threatened to look into the personal lives of journalists that have criticized the company.

The review also cited improvements that Uber could make — and the company said it would adopt the recommendations. They include employee training and greater restrictions on who can access customer data.