PRIVACY AND POLICY
Introduction
Renta® will ensure that personal information is stored securely and handled carefully to protect our guests. This page aims to help you understand what information we may collect, and how it’s used and stored.
What is the GDPR?
The General Data Protection Regulations came into force on 25th May 2018. These regulations replace the Data Protection Act 1998 and enforce stricter rules on how companies within the European Economic Area (EEA) can process and store data. The laws also give individuals more rights to access and manage companies’ data.
What are the legal bases for data collection?
The GDPR outlines 6 legal bases that a company may use to collect individual data. All data collected and processed must fall under one of these categories. Otherwise, the data may not be contained in the first place.
At Renta, we use contractual obligations, legal compliance, legitimate interest and consent. We explain these below; however, if you would like to read about the other legal bases, you can find more information on the Information Commissioner’s Office website.
Contractual obligations mean we must collect and process personal data to complete contracts with you. This is a legal basis used normally when you purchase one of our services.
Legal compliance means we are required to collect and process your data as may be required by the law.
Legitimate interest means we may collect personal data for our good, such as marketing. This is reasonably expected to run our business.
We may need to ask for consent to collect and process your data.
What personal data does Renta collect?
Renta collects data throughout the customer journey. This will enable us to tailor our services to your needs and fulfil all contractual obligations.
- When you visit our page, we collect data on how you use our page; this enables us to improve the website. We obtain permission through a cookie banner.
- When booking directly through the website or the phone, we will collect; your name, address, phone number, email, vehicle registration and payment card details. We use this information to create your booking and check-in details. We may need your vehicle registration to grant you access to the car park on arrival.
- When you enquire on the website we will collect; your name, phone number, email and booking information. This is to enable us to contact you about your query.
- When you sign up for our newsletter, you consent to receive monthly marketing from us.
- When you are a landlord or partner and enter into a contract with us, we will store your personal information to fulfil our contractual obligations.
- When you interact with us on social media, we will use this data to enhance our customer service and available services.
Data use for legitimate interests
Any data may be used for the company’s legitimate interest; this will include monitoring the following;
- Website performance
- Customer service performance
- Social media performance
- Reporting on demand trends within the market to improve promotions and rates
- Occupancy and revenue reporting
- Corporate client spending and credit
- We may use your booking history to offer exclusive discounts
How does Renta store your data?
Security is critical to us and our guests therefore, we always treat any personal data with the most care and take appropriate steps to ensure it is protected. Our website is secure and transits data encrypted to prevent data breaches.
Where possible we do not store any personal data locally on company premises. All data is stored in our third-party systems, and any local copies are immediately destroyed. We have strict data security policies that all our staff understand and agree to. This is to ensure that all data is processed and stored correctly and in a secure manner.
We ensure all our third-party systems meet the General Data Protection Regulations and are PCI compliant where required, which enforces stricter rules. Access to these systems is only given to staff members who need it to complete their daily tasks. Each design is secured via a ‘https’ connection and only accessible via a password-protected portal.
All sensitive data, such as payment card details, are secured outside the systems our staff can access to ensure they are protected.
We regularly monitor our systems for possible vulnerabilities and attacks and conduct penetration testing to identify ways to strengthen security further.
How long do we keep your data?
We only keep the information as long as necessary when we collect it. After this period, your data will be deleted or anonymised. We will only use information that is non-identifiable for statistics and analysis.
The retention of data varies depending on what information is collected. Booking information must be stored for 10 years to comply legally.
The information will only be kept with website enquiries until the query is dealt with. Once the question has been solved, information is permanently deleted. However, in some cases, we own the enquiry message to improve customer service performance; this data is kept in a non-identifiable method.
Who do we share your data with?
At times we share information with third parties; however, we have a strict policy on what information we share with third parties to keep our guests’ data safe and private.
Ensure that we only provide the information required for specific services, any data provided is used for exact purposes specified in the contract with them, we ensure that anyone who holds your data protects it at all times, and if we stop using their services any data they have is deleted immediately.
We will share information with law enforcement bodies on request where fraudulent or potentially fraudulent activity is suspected on our premises or systems.
Your Rights
The GDPR gives individuals more rights to how companies collect and process their data. Under the guidelines, you have the following rights:
- It would help if you always were informed how personal data would be used at the point of collection
- You have the right to request access to all personal data that a company holds
- You should be able to instruct a company to update and correct any information that they keep on you
- You have the right to request a company delete any personal data that it may hold
- You can instruct a company how they can and cannot process your data
- You have the right to request a copy of all data a company hold on you in a readily usable electronic format
Questions
We hope this privacy notice helps you understand how and why we process your data when using our services.
However, if you have any questions or concerns about the information provided in this notice or how we process your data, please feel free to contact us.
You can email us at globalrecruitment@eu-collegegroup.com