Connexus Hire Solutions takes the protection of personal data very seriously. As a result we have put in place many measures to ensure that any personal data we obtain from you is processed and maintained in accordance of the General Data Protection Regulation 2016 (GDPR). This statement provides you with details of the type of information we may hold about you, how we obtain and use the information and how we protect your privacy.
Security of personal data is our priority, we protect this information by maintaining physical, electronic and procedural safeguards that meet or exceed applicable law.
We train our employees in the handling of personal information. When we use other companies to provide services to us, we also require them to protect the confidentiality of the personal information that they receive to a similar or increased level.
We may also record telephone calls for training and monitoring purposes.
We may collect information about you in different ways – directly from you, or provided to us by an insurance broker, insurer, vehicle body shop repairer, your employer, family members or a third party who may be providing your information which names or benefits you.
The personal data that we will collect will be, company name if applicable, name, address, email address, contact details, occupation, vehicle registration number, date of birth, gender, drivers licence number and expiration date, your credit card details, passport, proof of address information, delivery or collection address if different to your registered address. Previous insurance history, driving convictions, reason for hire, and any additional drivers.
Personal description of incident when necessary for the administration of a claim.
Photographs of your driving licence or proof of address through camera features available on some of our mobile applications.
Our vehicles are equipped with a vehicle telematics system. All telematics system functionality may or may not be active during rental periods. Telematics systems may provide us with use of disclosure of or access (1) location information (2) crash notification and related crash data and (3) operational condition, mileage, diagnostic and performance reporting of vehicles as permitted by law.
The table below explains the reasons we have for using personal data across our business activities and the applicable legal basis.
| We use your personal data | The legal basis for its use |
|---|---|
| Providing the hire of a vehicle | To carry out a performance of a contract |
| In order to assist you with your claim | To carry out a performance of a contract |
| To provide you with information, products or services that you request from us or which we feel may interest you | In order to pursue our legitimate interests as a business |
| To notify you about changes to our service | This is for our legal and regulatory obligations |
| To conduct research and testing in order to continually improve our products services and customer service | In order to pursue our legitimate interests as a business |
| To meet our legal and/or regulatory obligations and to safeguard against fraud and financial crime | Legal and regulatory requirement |
| To demonstrate compliance within regulatory framework | |
| Deal with complaints |
We may disclose your personal information to any of our staff, third parties involved in providing products or services to us, or to service providers who perform services on our behalf where it is reasonable to do so. (If consent is necessary to facilitate this sharing we will ensure it is obtained prior to processing).
These include:
We may be legally obliged to disclose your personal information to the extent that we are required to by law in connection with any ongoing prospective legal proceedings in order to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing risk).
We may also disclose your personal information:
We may transfer your personal data to destinations outside the European Economic Area (“EEA”). Where we transfer your personal data outside of the EEA, we will ensure that it is treated securely, and in accordance with this privacy notice and the Legislation. We only transfer data to countries deemed as having adequate protection by the European Commission.
You may instruct us to provide you with any personal information we hold about you, via a ‘Subject Access Request’. Upon receipt of such request we will, after confirming identity, provide all relevant data we may hold to you in the most practical format unless otherwise stipulated and reasonably possible within 30 days. We will not charge you to do so, however we may charge you for duplicate copies should this be part of your request.
Individuals are entitled to have their personal data rectified if inaccurate or incomplete and we will respond to a rectification request within one month if not deemed complex. We will also inform related third parties where possible if the personal data was disclosed to them.
You have “The right to be forgotten” or “right to erasure” if there is no compelling reason for possession and continued processing. Specific circumstances stated by the Information Commissioner Office includes:
You have the right to ask us to transfer your data that you have provided in a structured, commonly used and machine – readable format and also have the right to transmit data to another controller.
You have the right to ask us to not process your data for marketing purposes.
If you feel we have not dealt with your request satisfactory you do have the ultimate recourse to refer your complaint to the ICO (Information Commissioner Officer). You can find out more details by visiting https://ico.org.uk.
Where you have provided consent, we may share personal data that you provide to us within our Group of Companies and with other companies that we establish commercial links with. They and we may contact you (by mail, e-mail, telephone, text, or other agreed means) in order to tell you about products, services or offers that we believe will be of interest to you, or to provide you with commercial updates.
Wherever possible, your personal data will not be obtained, held, used or disclosed unless you have given consent. We understand that “consent” means you have been fully informed of the intended processing of your personal data and have signified your acceptance.
Your data will not be retained for no longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of six (6) years following the expiry of the hire agreement, or closure of claim, unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.
We are registered as a data controller with the information Commissioner Office (ICO) and our registration numbers are: – Z3293722.
For any Data Protection queries please email dataprotection@connexushiresolutions.co.uk and our Compliance team will respond accordingly.
Copyright © 2023 Connexus Group Limited | Telephone: 0333 043 1285
