This Privacy Statement details Our policies and procedures in relation to the Personal Data We process. Rapid Vehicle Management Limited (“Rapid”) are committed to processing data in accordance with the General Data Protection Regulation (“GDPR”) and the Data Protection Act (“DPA”) and take all reasonable steps to prevent any unauthorised access to Your Personal Data.
Data Controller – A Data Controller determines the purpose and means of processing Personal Data.
Data Processor – A Data Processor is responsible for processing data on behalf of the controller.
Personal Data – Any information relating to an identifiable person who can be directly or indirectly identified.
Special Categories of Personal Data – Genetic Data, Racial or Ethnic Origin, Political Opinions, Religious or Philosophical Beliefs, Trade Union Membership, Bio metric Data, Health/Medical Data, Sexual Orientation.
You or Your – Means the individual whose Personal Data We are processing.
We, Our or Us – Means Rapid Vehicle Management Limited (“Rapid”)
Registration Number: 05714220
Our full details are Rapid Vehicle Management Limited, registered in England and Wales with company registration number 05714220
Name or title of Point of Contact: Data Privacy Manager
Email address: email@example.com
We use Your Personal Data for the following purposes:
We process Your Personal Data in order to provide services to You under Our contracts with You, including but not limited to vehicle rental agreements.
This may include sharing Your Personal Data with:
1. Your Insurer.
2. Subcontractors and service providers to process Your Personal Data and provide services on Our behalf.
3. Third parties involved in a claim, including their insurer, solicitor, or representative.
4. The DVLA, Your Driving Licence Number may be provided to the DVLA in order for a search to be carried out to confirm Your licence status, entitlement and relevant restriction information and endorsement/conviction data. Searches may be carried out as part of Our validation enquiries and at any point throughout the duration of Your contract with Us. A search with the DVLA will not show on Your driving licence record. For details relating to information held about You by the DVLA, please visit www.dvla.gov.uk. Undertaking searches using Your driving licence number helps Us check information to prevent fraud and reduce incidences of negligent misrepresentation and non-disclosure.
5. Private hire vehicle licencing authorities to verify the validity of Your and Your vehicle’s taxi licence.
6. Local or District Councils and Law Enforcement (prevention, detection, apprehension, and/or prosecution of offenders to provide Your Personal Data for the administration of all charges, fines and court costs including congestion charges, parking, traffic, speeding or other offences, and any civil penalties You may be liable for.
7. Third party payment processors in order to process payments relating to a hire agreement We enter into with You. If We use a third party order processing service, they will collect and send Your data to Us securely, which will then be incorporated into Our databases.
8. Credit Reference Agencies – We may carry out credit and identity checks when You apply for vehicle hire services from Us. We may use Credit Reference Agencies (CRAs) to help Us with this. If You use Our services, from time to time We may also search for information that the CRAs have, to help Us manage those accounts. We will share Your Personal Data with CRAs, and they will give Us information about You. The data We exchange may include:
Name, address and date of birth; Credit application; Details of any shared credit; Financial situation and history; Public information from sources such as the electoral register and Companies House.
We’ll use this data to: Assess whether You can afford to make regular payments; Make sure what You’ve told Us is true and correct; Help detect and prevent financial crime; Manage accounts with us; Trace and recover debts.
To manage and administer Our relationship with You, including Your registrations, transactions and communications with Us, to perform all orders and contracts with You, to provide the services and information You request, and to respond to Your comments, questions and support requests, and to monitor compliance with and enforce the terms of Our relationship and any contracts with You.
We may monitor and record telephone calls for the purpose of security and training. This data can be held for up to six years.
Market Research/Data Analysis
To help improve Our services We, Our agents and recipients of Your Personal Data may also use Your Personal Data for the purposes of marketing research and data analysis. This helps to develop and improve the products and services that are offered. We will get Your express opt-in consent before We share Your Personal Data with any company outside Our group of companies for marketing purposes. You can ask Us to stop sending You marketing messages at any time by contacting Our data privacy manager on: firstname.lastname@example.org.
We may also use web beacons and pixel tags, these are similar to cookies and allow Us to collect information about how You use Our website and help Us to offer You the best service. We may use web beacons and pixel tags alongside cookies both on Our website and in any emails We send to You. Again, web beacons and tags are commonly used across many websites and do not harm Your computer system.
Information collected may include items such as the IP address of Your computer, the time You visited Our website and what links You clicked on or when You opened Our emails.
We may, from time to time use and serve cookies, pixel tags, action tags or similar technologies. We use the information We collect for various purposes, including to understand how You use Our website and to assist Us in tailoring the website to customer needs.
To investigate and respond to complaints made in relation to services We have provided.
Before We provide services to You, We may undertake checks for the purposes of preventing fraud and money laundering and to verify Your identity. These checks require Us to process Personal Data about You.
The Personal Data You have provided, We have collected from You, or We have received from third parties will be Used to prevent fraud and money laundering, and to verify Your identity.
Details of the Personal Data that will be processed include, for example, name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details.
We and fraud prevention agencies may also enable law enforcement agencies to access and Use Your Personal Data to detect, investigate and prevent crime.
We process Your Personal Data on the basis that We have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect Our business and to comply with laws that apply to Us. Such processing is also a contractual requirement of the services You have requested.
Fraud prevention agencies can hold Your Personal Data for different periods of time, and if You are considered to pose a fraud or money laundering risk, Your data can be held for up to six years.
If We, or a fraud prevention agency, determine that You pose a fraud or money laundering risk, We may refuse to provide the services that You have requested, or to employ You, or We may stop providing existing services to You.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to You. If You have any questions about this, please contact Us on the details below.
Whenever fraud prevention agencies transfer Your Personal Data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect Your Personal Data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
Your Personal Data is protected by legal rights, which include Your rights to object to Our processing of Your Personal Data; request that Your Personal Data is erased or corrected; request access to Your Personal Data.
Telematics tracking device
Where You enter into an agreement with Us that includes a telematics tracking device being fitted to a hire vehicle, We will (at the time of usage) collect information regarding the speed of Your car, acceleration, braking, cornering and mileage. The above information will be used to build a profile of how, where and when the hire vehicle is driven. We will use this information to identify extreme driving events which could result in the cancellation of Our agreement. We will also monitor the data collected from the telematics tracking device to assess when and how far You drive the hire vehicle, to calculate Your total mileage. Where either of these amounts exceed the amounts stated and set out in the agreement, We reserve the right to cancel the agreement. The GPS location data obtained from the telematics tracking device assists Us in assessing the types of roads You use and may also help the police recover the hire vehicle if it is stolen. However, We will not release Your data to the police or to any civil authority, unless We have Your consent to do so, or We suspect fraud (or attempted fraud) or, if We are required to do so by law. Legitimate Interests
- Service Provision
- Prevention of fraud and financial crime
- Establishment, exercise or defence of legal claims
- Legal/regulatory obligations
We will release Your Personal Data when We are required to do so for legal or regulatory purposes or as part of legal proceedings.
Categories of Personal and Special Category Data
Including, but not limited to: Name, Address, Personal Email Address, Work Email Address, Date of Birth, Residential Address and Address History, Occupation, Payment Details, Contact Details, Claims History, Motoring Convictions, Criminal Convictions, Employment Details, Financial Information, Identifiers assigned to Your computer including Your Internet Protocol (IP) Address, Vehicle Details, Driving Licence Details, Driving Qualifications, Claims History, Accident Details, Injury Details, VAT Status, Credit History, Medical Conditions, Residency Details, Property Details, Insurance Cover details.
We will obtain Your express consent in order to process any Special Category Data.
We do not use any automated decision making or profiling when handling Your Personal Data.
Recipients of Personal Data
Depending on the type of service We provide to You, Your Personal Data may be provided to the following recipients.
Fraud Prevention Agencies
Third Parties, including their insurer, solicitor, or representative
We may also receive Your Personal Data from the above parties.
We may pass Your Personal Data to other companies who process the data on Our behalf. Some of these companies may be based outside the European Economic Area. In all cases We always take steps to ensure that Your Personal Data is kept securely.
Your Personal Data will not be kept for longer than is necessary and to allow Us to comply with Our legal obligations.
Vehicle hire and insurance records – 7 years plus after the hire end date or policy expiry
Claim records – 6 years plus 4 months after the claim is deemed finalised by Us, unless the claim involved a minor, in which case the data will be retained for 6 years 4 months from when that party turned 18.
Telephone calls – 6 years from the date that the telephone call was made or received
New business queries only (where no subsequent claim has been pursued) – 18 months.
We have put in place appropriate security measures to prevent Your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, We limit access to Your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your Personal Data on Our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected Personal Data breach and will notify You and any applicable regulator of a breach where we are legally required to do so.
We do not transfer Your Personal Data outside the European Economic Area.
Right to be informed
This Privacy Statement sets out how We will collect and use Your data.
Right to access
You have the right to obtain confirmation as to whether Your data is being processed, and a copy of Your Personal Data which is being processed.
Right to rectification
You have the right for Your Personal Data to be rectified where it is inaccurate or incomplete.
Right to be forgotten/Right to erasure
You have the right to request the deletion or removal of Personal Data where there is no compelling reason for its continued processing.
Right to restrict processing
You have the right to restrict the processing of Your Personal Data.
Right to data portability
You have the right to obtain a copy of Your Personal Data which You provided to Us in order to transfer the data to other service providers.
Right to object
You have the right to object to:
– processing based on legitimate interests
– direct marketing (including profiling)
– processing for purposes of scientific/historical research and statistics.
Rights on automated decision making – including profiling
Automated decision making may only be carried out where the decision is:
necessary for the entry into or performance of a contract; or
authorised by Union or Member state law applicable to Haven; or
based on Your explicit consent.
You may notify Us at any time if You wish to withdraw Your consent.
Please contact Us at email@example.com if You wish to exercise any of Your above rights.
You have the right to make a complaint to Rapid’s Supervisory Authority:
Links to other websites
Our website may contain links to other websites of interest. However, once You have used these links to leave Our site, You should note that We do not have any control over that other website. Therefore, We cannot be responsible for the protection and privacy of any information which You provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Version 1.2 January 2020