Privacy Policy for EuropcarGO

End-User Privacy Notice for EuropcarGO app

1. Introduction

This is a description of how your personal data is collected and used while you use EuropcarGO application (“Application”, “us”, “our”) services. 

By downloading the Application and using services you also agree to our collection, use, and disclosure practices, as well as any other activities described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, you should immediately discontinue the use of the services and refrain from accessing the Application. 

The Controller of your personal data described in this Privacy Policy is a legal entity Hansa Rent OÜ, 11695889, Lelle tn 24 Tallinn Harjumaa 11318, Estonia.

• How do we receive personal information?

The personal information we process is provided to us directly by you in order to use our service or provided to us by our business partners when you provide the required data to them in order to use our services. 

We also collect customer behavioural data inside our service. Please see the detailed overview below. 

3. What kind of data is processed and why?

Data	Purpose	Legal basis
Mobile application account registration data (Full name, Date of birth, Address, Phone number, E-mail address, Driving license and Verification of driving license by third-party service provider Veriff, payment information).	Providing the service	Performance of Contract
Mobile application usage data.	Business statistics and optimization	Legitimate interest
Vehicle tracking data when the car rental service is activated through a mobile application and used by the end-customer, including GPS data.	Providing the service	Performance of Contract
Driver behavioural analytics and telemetries	Customer profiling for service and price provision	Legitimate interest
Car access sharing	Providing the service	Performance of Contract
IP address of the device, device type (unique device identifiers)	Providing the application and its functionalities	Performance of Contract

4. Sharing your personal data

Any data you provide, or we collect will not be publicly displayed or shared with others if not required by law or by contracts with our business partners. Our employees and business partners have access to personal data only to the extent necessary for the performance of their work duties and have contractual obligations for confidentiality and personal data protection.

Public authorities may request us to provide information that we process. If such a request is legally binding, we may disclose the requested data to authorities.

We also use third-party processors to help us provide our services. 

Use of service providers

Reason for use

Service-provider

Business partner for service-related mobile applications and technical solutions for digital car key and vehicle fleet management platform.

We have engaged a service provider to manage the Digital Key Platform (learn more at https://movitronic.com/#makes). This platform is essential for providing the mobile application, enabling digital key access to our vehicles, determining driver behaviour scores, optimizing insurance pricing, and ensuring the protection and security of our service processor provides the platform where data is processed through hardware devices that are installed to vehicles and connected to a software platform provided by Movitronic Tehnologies OÜ. The service also enables, the end-users, to open and close vehicles through the mobile application. In order to do this, the end-user must download the application and register as identified users.

5. Ensuring the security of personal data

We have taken necessary technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse or other processing in violation of applicable law. 

6. Retention and deletion of personal data 

The storage period of personal data depends on the purpose of the processing of the data. For example, accounting, customer behaviour, and application usage, all have different purposes for processing and thus different retention times.  

7. Your rights and preferences

Under data protection law, you have rights including:

1. Right to be informed and to access. You may get information regarding your personal data processed by us.
2. Right to data portability. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party. 
3. Right to erasure. You have the right to have personal data we process about you erased from our systems if the personal data are no longer necessary for related purposes. 
4. Right to object and restrict. You have the right to object to the processing of your personal data and restrict it in certain cases.
5. Right to rectification. You have the right to make corrections to your personal data. 
6. Right to withdraw consent. When you have provided us consent to process your personal data, you may withdraw said consent at any time.

To exercise any of the abovementioned rights, please contact info@europcar.ee . We will respond to your requests within 30 days. 

8. Complaints 

If you have questions or concerns about our use of your personal information, please feel free to contact us at info@europcar.ee. You may also lodge a complaint to the personal data supervisory authority, authority e-mail.