Français 
English (UK) 
Русский 
Deutsch 
Polski 
Italiano 
Ελληνικά 
Türkçe 
한국어 
简体中文 
日本語 
Українська 
Slovenčina 
Română 
Nederlands 
Português 
Svenska 
Suomi 
Čeština 
Español 
العربية 1. Scope and applicability of this document
1.1. This Privacy and Data Protection Policy (hereinafter the “Policy”) in relation to the processing and security of personal data determines the position and intentions of GetRentaCar, Inc. (hereinafter the “Company”) in the field of processing and ensuring the security of personal data in order to respect and protect the rights and freedoms of each person and, in particular, the right to privacy, personal and family secrets, protection of the honor and good name of users of the Company’s service available at https://getrentacar.com or via respective mobile apps (hereinafter the Service).
1.2. In order to maintain business reputation and ensure compliance with the requirements of the current international regulations of personal data protection, the Company considers the most important task to ensure the legitimacy of the processing and security of personal data of subjects in business processes. To solve this problem, the personal data protection system has been introduced, is functioning and is undergoing periodic review (control).
1.3. The Policy applies to all personal data of subjects processed in the Company using automation tools and without using such tools.
1.4. This document determines the Company’s Policy in the field of processing and protecting personal data and is located at https://getrentacar.com. This Policy is applicable to any subject of personal data.
1.5. The Policy is developed and used in conjunction with the consent to the processing of personal data, which any person willing to use the Service as the vehicle owner or the client/renter (hereinafter the “User”) acknowledges and agrees to when completing the User’s registration in the Service. This consent represents the User’s agreement to and acceptance of the terms of this Policy.
1.6. The Company reserves the right to make at its own discretion any amendments to this Policy at any time and without any special notice to this effect. The new version of this Policy shall come into effect upon posting of the same on the https://getrentacar.com (hereinafter the “Website”). Continuing using the Website, the User confirms its consent to comply with the terms and conditions of the Policy in its current version. The Company recommends the Users to review the Policy more often in order to make sure that the User understands the terms, while using the Service. If the User does not agree with the terms of the Policy amended by the Company, he/she shall not be entitled to use the Service.
1.7. Any time frames set forth herein, are stated according to time zone UTC-4, unless otherwise stated in the text of this Policy. The beginning and the end of calendar dates set forth herein, including those used to determine the duration of a term, shall be determined according to the beginning and the end of respective days in time zone UTC-4.
1.8. This version of the Policy shall come into effect on May 20, 2021 and remain valid until approval of a new version.
2. Principles and conditions of personal data processing
2.1. Processing and ensuring the security of User’s personal data in the Company is carried out in accordance with the requirements in the field of personal data of the Delaware Online Privacy Protection Act (DOPPA, 6 Del. C. § 1205C) and the General Data Protection Regulation 2016/679 of the European Union (GDPR).
2.2. When processing personal data, the Company adheres to the following principles: (a) legality and fairness; (b) restrictions on the processing of personal data to the achievement of specific, predetermined and legitimate goals; (c) the reliability of personal data, their relevance and sufficiency for processing purposes; (d) prevent processing of personal data that is incompatible with the purposes of collecting personal data; (e) prevent the merging of databases containing personal data that are processed for purposes that are incompatible with each other; (f) the legitimacy of organizational and technical measures to ensure the security of personal data; (g) processing of personal data that meets the purposes of their processing; and (h) compliance content.
2.3. The Company processes personal data only in the presence of at least one of the following conditions: (a) processing of personal data is carried out with the consent of the subject of personal data to the processing of his personal data; (b) processing of personal data is necessary to achieve the objectives stipulated by law, for the implementation and fulfillment of the functions, powers and responsibilities of the operator imposed by international standards in the field of personal data; (c) processing of personal data is necessary for the execution of the contract, of which either the beneficiary or the guarantor is party, according to which the subject of personal data is, and also to enter into a contract on the initiative of the subject of personal data or the contract on which the subject of personal data will be the beneficiary or surety; (d) processing of personal data is necessary for the exercise of the rights and legitimate interests of the Company or third parties or to achieve socially significant goals, provided that it does not violate the rights and freedoms of the subject of personal data; (e) processing of personal data is necessary when receiving feedback, analyzing the improvement of the quality of the Service, as well as obtaining information about loyalty and satisfaction with the Company’s Service, further research and processing of this information; (f) processing of personal data is carried out, access of an unlimited number of persons to which is provided by the subject of personal data or at his request; and(g) processing of personal data to be published or mandatory disclosure in accordance with international standards in the field of personal data.
2.4. the Company has the right to transfer the User’s personal data to other Users in relation to vehicle rent booked on the Website and to the Company’s business partners, including marketing and advertisement purposes. The Company may also use the User’s personal data, including any video and/or photographic images posted on the Website, for advertising of the Website and/or the relating Company’s services.
2.5. The Company destroys or depersonalizes personal data upon the achievement of processing objectives or in case of loss of the need to achieve the processing objective.
3. Purposes of personal data processing
3.1. The Company processes personal data of the subject of personal data solely for the following purposes: (a) maintaining the Service activity and organization of support services; (b) the conclusion, execution and termination of contracts concluded by Users via the Service; (c) identification of Users; (d) informing about the Company’s or it’s subsidiaries’ or partners’ advertising and/or marketing campaigns, surveys, questionnaires, and marketing research regarding the Service and / or the services provided by the Company’s subsidiaries or partners; (e) communicating with the Users, if necessary, including sending notifications, requests and information related to the Service, as well as processing the User’s requests; (f) improving the quality of services provided, ease of use, development of the new services, and (g) conducting statistical and other studies based on anonymized data.
3.2 The Company collects the following information as a subject of personal data: (a) full name; (b) year of birth; (c) place of registration / residence; (d) phone numbers; (e) email address; (f) data that is transmitted automatically depending on the settings of the software used by the User, including, but not limited to: IP address, cookies data, information about the User’s browser (or another program that allows access to the Service), date and time of access to the Company’s services, addresses of the requested pages and other similar information. The Website has the right to establish requirements for the composition of the Personal Information of the User, which must be provided for the use of its Services. If certain information is not marked as mandatory by the Website, its provision or disclosure is carried out by the User at its discretion.
4. Right of personal data subjects
4.1. The User, whose personal data are processed by the Company, has the right to:
4.1.1. receive from the Company: (a) confirmation of the processing of personal data by the Company; (b) legal grounds and purposes for the processing of personal data; (c) information about the methods of personal data processing used by the Company; (d) name and location of the Company; (e) information on persons who have access to personal data or to whom personal data may be disclosed in accordance with international standards in the field of personal data; (f) a list of processed personal data relating to the User from whom the request was received and the source of their receipt, unless otherwise provided by law for the provision of such data; (g) information on the processing time of personal data, including the storage period; (h) information on ongoing or alleged cross-border transfer of personal data; (i) name and address of the person processing personal data on behalf of the Company; and (j) other information stipulated by international standards in the field of personal data;
4.1.2. require clarification of their personal data, their blocking or destruction if personal data are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
4.1.3. demand elimination of illegal actions of the Company in relation to his personal data;
4.1.4. appeal against the actions or inaction of the Company to the supervisory and control authority in the field of personal data protection or in court if a person believes that the Company processes their personal data in violation of the requirements of international personal data standards or otherwise violates its rights and freedoms;
4.1.5. protect their rights and legitimate interests, including damages and / or moral damages in court.
4.2. The withdrawal of consent to the processing of personal data does not affect the legality of data processing based on your consent prior to its withdrawal. If you want to send a request, you should contact the Company in writing using the contact information provided below. The Company makes a decision on your request within four weeks.
4.3. The User has the right to receive personal data about him or her that he or she provided to the Company in a structured, commonly used and machine-readable format and has the right to transfer this data to another operator without objection of the Company if: (a) processing is based on consent in accordance with Article 1.5. of this Policy; (b) processing is carried out by automatic means.
4.4. In exercising its right to data portability in accordance with the provisions of this Section the User has the right to transfer personal data directly from the Company to another operator, where it is technically possible.
4.5. The exercise of the right mentioned in Section does not prejudice the right to delete User data. This right does not apply to the processing required for a task performed in the public interest or in the exercise of official authority granted to the Company.
4.6. The User’s right referred to in this Section shall not adversely affect the rights and freedoms of third parties. When exercising its rights provided for in this Policy, the User may not infringe on third-party rights or the rights of others to protect their privacy and personal data.
5. Order, terms and methods of processing personal data
5.1. The processing of personal data of the User of the Website is carried out in accordance with this Policy, the User Agreement, as well as the consent of the User to the processing of personal data.
5.2. The Company processes personal data both in an automated way and without the use of automation.
5.3. The Company stops processing personal data in the following cases: (a) achieving the goals of personal data processing; (b) withdrawal of the consent of the subject of personal data; (c) identification of illegal processing of personal data; and (d) termination of the Company’s activities.
5.4. The processing of the User’s personal data is carried out by the Company in the following ways: collection, recording (including on electronic media), systematization, accumulation, storage, drawing up of lists, labeling, updating (updating, changing), retrieving, using, transferring (distributing, providing, access), de-identification, blocking, deletion, destruction, cross-border transfer of personal data, obtaining User’s video and photographic images, as well as performing any other actions with personal User data subject to applicable law.
6. Transboundary transfer of personal data
6.1. GetRentaCar, Inc is an international company. In order to achieve the objectives specified in the Policy, the Company reserves the right to transfer personal data to countries other than the country from which they were originally received. In this case the personal data may be transferred to processed by the Company’s subsidiaries, advisors, consultants, business partners, etc.
6.2. In case of cross-border transfer of personal data, the Company protects data in accordance with this Policy and consent to the processing of personal data.
6.3. Information that published on the Website or submit for publication via the Service may be accessible via the Internet throughout the world. The Company cannot prevent third parties from using or misusing such information.
6.4. By posting the information to the Service the User gives his/her expressly consent to the transmission of personal information described in this Section.
7. Ensuring personal data security
7.1. The Company applies the necessary and sufficient organizational and technical measures, including the use of information security tools, the detection of unauthorized access facts, the restoration of personal data, the establishment of rules for access to personal data, and the monitoring and evaluation of the effectiveness of the measures applied.
7.2. All persons authorized by the Company to process personal data are familiar with the provisions of the applicable legislation on personal data, including international requirements for the protection of personal data, documents defining this Policy regarding the processing of personal data, and local acts for the processing of personal data.
7.3. The Company has the following organizational measures: (a) the persons responsible for organizing the processing and ensuring the security of personal data are appointed; (b) developed local acts on the processing of personal data; and (c) internal control over the compliance of the processing of personal data with the requirements for the protection of personal data is carried out.
7.4. When collecting personal data of Users, the Company undertakes to ensure the recording, systematization, accumulation, storage, refinement (update, change), extraction of personal data of Users using databases.
8. Cookies and web beacons
8.1. A cookie is a file that is stored on te User’s computer’s hard drive in the browser. Cookies can be “persistent” or “session”: a permanent cookie will be stored in a web browser and will remain valid until its expiration, unless it is deleted by the User until it expires; the cookie session expires at the end of the User’s session when the web browser is closed. Cookies usually do not contain information that personally identifies the User, but personal information that we store about you may be related to information stored and obtained from cookies.
8.2. A web beacon, also called an internet or pixel tag, is used to collect information about the use of the Internet. Thanks to this, the Company can provide the Users with more specific information. When using the Website, the Company informs any User about which cookies and web beacons are related to the Website, and invites them to consent to the placement of these cookies and web beacons.
8.3. Blocking or deleting all cookies adversely affects the usability of the Website.
9. Sites of third parties
9.1. Le Site Web peut contenir des liens hypertextes vers des sites Web de tiers. La Société ne contrôle pas et n'est pas responsable de leurs politiques de confidentialité et de leurs activités.
10. Responsabilité
10.1. En cas de non-respect des dispositions de cette Politique, la Société sera responsable conformément aux lois applicables de l'État du Delaware, États-Unis.
10.2. Pour obtenir des éclaircissements sur les questions de traitement des données personnelles, il est nécessaire d'envoyer une demande officielle à l'adresse électronique info@getrentacar.com.
10.3. En cas de demande formelle de l'administration du Site Web, les éléments suivants doivent être indiqués dans le texte de la demande : (a) nom complet de l'Utilisateur ; (b) numéro du document principal certifiant l'identité de la personne concernée ou de son représentant, informations sur la date de délivrance dudit document et l'autorité émettrice ; (c) informations confirmant le fait que l'Entreprise traite vos données personnelles ; et (d) signature.
10.4. Les demandes et plaintes formelles sont soumises par écrit et à l'adresse spécifiée de la Société, préalablement transmise de manière fiable. Pour résoudre tout litige concernant l'interprétation ou sa propre compétence, il est fait appel à la compétence des tribunaux de l'État du Delaware, aux États-Unis.
11. Limitation de la politique de confidentialité
11.1. Les personnes concernées par les données personnelles sont tenues de faire preuve de prudence et de responsabilité quant à la publication de leurs propres données personnelles dans le domaine public, y compris sur le Site Web dans le cas de la publication de commentaires et d'évaluations.
11.2. La Société n'est pas responsable des actions de tiers qui ont accédé aux données personnelles de la personne concernée par la faute de cette dernière.
11.3. La Société se réserve le droit, à sa seule discrétion, d'apporter des modifications à cette Politique à tout moment et sans préavis particulier. La nouvelle version de cette Politique entre en vigueur dès sa publication sur le Site Web.
12. Limitation de la politique de confidentialité
12.1. Traitement des données personnelles : toute action ou ensemble d'actions portant sur des données personnelles, effectuées à l'aide de moyens d'automatisation ou sans ceux-ci, notamment la collecte, l'enregistrement, la systématisation, l'accumulation, le stockage, le perfectionnement (mise à jour, modification), l'extraction, l'utilisation, le transfert (diffusion), la dépersonnalisation, le blocage, la suppression, la destruction des données personnelles.
12.2. Données personnelles : Toute information se rapportant directement ou indirectement à un utilisateur spécifique ou définissable. Ces informations comprennent notamment : (a) les informations relatives à l’ordinateur, y compris l’adresse IP, la situation géographique, le type, la version du navigateur et le système d’exploitation ; (b) les informations relatives à toute activité de l’utilisateur sur le site web, y compris la source de la référence, la durée de la visite, les pages consultées et les chemins de navigation sur le site web ; (c) l’adresse électronique de l’utilisateur, qui a été saisie lors de l’inscription au service ; (d) les informations qui ont été saisies lors de la création d’un profil dans le service, comme par exemple, le nom, les photos de profil, le sexe, la date de naissance, la situation amoureuse, les intérêts et les loisirs, les données relatives à la formation et les informations sur l’emploi ; (e) le prénom, le nom de famille et l’adresse électronique de l’utilisateur qui ont été saisis pour mettre en place un abonnement à des courriels et/ou des bulletins d’information ; (f) les informations qui ont été saisies lorsque l’utilisateur conçoit des services via le service ; (g) les informations qui sont créées lors de l’utilisation du service, notamment quand, à quelle fréquence et dans quelles circonstances il a été utilisé ; (h) les informations que tout utilisateur publie sur le site web et/ou via le service, indiquant la publication sur Internet, qui peuvent inclure le nom d’utilisateur, les photos de profil et le contenu des messages ; (i) les informations contenues dans tous les messages que tout utilisateur envoie à la société par courrier électronique ou par le biais du service, y compris son contenu pour la communication et les métadonnées ; (j) toute autre information personnelle qui peut être envoyée par l’utilisateur via le service ou à la société.
12.3. Diffusion des Données Personnelles : Actions, accès à la divulgation des données personnelles à un cercle indéterminé de personnes.
12.4. Consentement au traitement des données personnelles : L'autorisation de l'Utilisateur du Site Web, qu'il donne à la partie intéressée pour recevoir, collecter, stocker et utiliser des informations personnelles le concernant.
12.5. Personnes concernées par les données personnelles : Entité qui est directement ou indirectement déterminée ou déterminée par des données personnelles.
12.6. Transfert transfrontalier de données personnelles : Le transfert de données personnelles vers le territoire d'un État étranger à l'autorité d'un État étranger, à une personne physique étrangère ou à une personne morale étrangère.