Car-sharing service Uber, already under fire for a plan to attack journalists, appears to be scrambling to get ahead of another potential PR nightmare — this one related to its allegedly cavalier use of customers’ personal information.

On Tuesday evening, Uber published a blog post stating it has a “strict policy prohibiting all employees at every level from accessing a rider or driver’s data” and that it relies on careful privacy standards to preserve the trust of its users. Those claims, however, may not be reflected in Uber’s existing privacy policy, which dates from July 2013, and is (for now) still posted on the company’s website.

One item that stands out is Uber’s claim that it shares “Personal Information” (defined to include name, email address and phone number) and the location with companies — presumably black car dispatchers — associated with its drivers:

We also provide some of your Personal Information (such as your first…