PRIVACY POLICY
Pursuant to Art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

The leaser informs you that the personal data you provide during the subscription of the services will be processed in accordance with the general data protection regulation (EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, hereinafter the GDPR 679/2016) concerning the protection of natural persons. Here you can find the information related to the methods of processing data.

CONTROLLER

Pursuant to Art. 4 and 24 of GDPR 679/2016 the Data Controller is:
NOLEGGIARE S.R.L.
Registered Office:
Via Alcide de Gasperi, 14/1 – 38123 Trento (TN)
Administrative and operational headquarters:
Via Evangelista Torricelli, 6 — 37121 Verona

TYPE OF PROCESSED DATA

Under the subscribed services we may process the following data:

  • personal data, that is (according to Art. 4) any information related to an identified or identifiable natural person (which includes but is not limited to personal data related to the account holder and the renter of the vehicle, identification number, place of residence, driving license, E-mail address, etc.)
  • special categories of personal data, that is (according to Art. 9 and 10) data or information revealing racial or ethnic origin, citizenship, data concerning health for the purpose of managing eventual accidents, and personal data related to criminal convictions, offences and administrative sanctions, such as traffic violation, traffic fines, etc.
PURPOSES OF ACQUIRING AND PROCESSING PERSONAL DATA

The data that users provide when using the contact form or requesting a quote and/or signing a possible agreement will be processed for the purposes set out below:

A) contact and information requests, quotes, agreements, administrative and accounting activities related to the services offered by the Controller;
B) when renting a vehicle, use of a tracking system in order to find the vehicle in the event of theft or other crimes.
C) sending commercial communications and advertising material on products, services and other facilities provided by the Controller (MARKETING purpose)
D) sending promotional communications based on the consumer’s choices, habits, personal preferences or interests (PROFILING purpose)

DATA PROVISION

Pursuant to Art. 6 of GDPR 679/2016 for the purposes referred to in points A and B, data processing is carried in the exercise of official authority vested in the Controller, for compliance with legal obligations laid down in laws, Regulations and Union or Member State law, that is regulation from official authorities as well as body in charge of vigilance and control. Data provision is therefore compulsory. In case of refusal to provide personal data, it will be impossible to establish or carry out contractual obligations, if the above mentioned data are essential for the contract implementation.

As for the purposes referred to in point C (MARKETING) and D (PROFILING) data provision is OPTIONAL and subject to users’ explicit consent until they withdraw it. In case of refusal there will be no consequences, but without consent it would not be possible to receive information on our offers, promotions, discounts, etc.

METHODS AND STORAGE OF DATA PROCESSING

The processing of personal data will be carried out with automated as well as manual means, in order to ensure an appropriate level of security and confidentiality, by subjects that, pursuant to Art. 32 of GDPR 679/2016, have the right to request data. Personal Data will be stored on Controller’s server in Italy, for a period of time not exceeding what is necessary to achieve the purposes for which they have been collected, and, in any case, not longer than the one provided for by the applicable regulations or with a possible additional duration required by storage obligations.

For the purposes mentioned in points c) and d) personal data will be processed during the time established by the law within the limits granted by the Regulations and according to Supervisory Authority (the Personal Data Protection Authority) for a period of 24 months from registration (for MARKETING purposes) and 12 months (PROFILING purposes) from initial consent and/or its renewal.

DISCLOSURE OF PERSONAL DATA

Your personal data will not be disclosed (passed to unspecified subjects) and could be communicate to partners and companies connected to NOLEGGIARE S.R.L for related purposes. Your data could be communicated to the following third parties:

  • companies managing services performed by credit card;
  • external consultants in charge of accounting tasks;
  • insurance companies, brokers, experts or other persons appointed for managing accidents;
  • solicitors or debt collector agencies providing legal assistance in contracts and controversy;
  • financial institutions;
  • information system and telecommunication service providers, companies tracking vehicle locations;
  • entities/companies/professionals and partners participating in the Controller’s activity in different fields, in order to fulfil the above purposes;
  • authority responsible for monitoring the application of law and/or of regulation from public entities.

The above mentioned subjects carry out their activities as Autonomous Controllers or External Responsible of data processing.  Customers can receive from the Controller, upon request, the full list of subjects in charge of data processing, appointed by the Controller.  

YOUR RIGHTS

According to the law in force (Art. 15-16-17-18-19-20-21 of EU Regulation 679/2016) users can exercise specific rights. At any time, the data subjects have the right to: request whether or not their personal data are in our possession, which are the contents, source, purposes and the way of processing of their personal data, how personal data are processed in case of use of electronic means, information about the controller, the processors, the recipients or categories of recipients to whom the personal data have been disclosed.
Moreover, the data subject has the right to obtain from the controller: the access, the copy, the rectification, the integration, the portability of data, the erasure (right to be forgotten), the anonymization or block of personal data which have been unlawfully processed, and objection to the processing in any case for legitimate grounds. The data subjects can lodge a complaint with the data protection authority if they think the processing of their personal data has been performed in contrast with the Regulation. Moreover, pursuant to Art. 34 of EU Regulation 679/2016 personal data subjects should be informed about any serious violation of their data affecting their rights and freedom.
In order to exercise the above mentioned rights you can contact the data Controller:

NOLEGGIARE S.R.L.
Registered office:
Via Alcide de Gasperi, 14/1 – 38123 Trento (TN)
Administrative and operational headquartes:
Via Evangelista Torricelli, 6 — 37121 Verona
Tel. +39 045 20 59 301
mail: privacy@noleggiare.it