Toronto City Street With Buildings In Background

Chief Vehicle Rentals Ltd
Privacy Policy

Chief Vehicle Rentals Limited (CVR) is committed to protecting your privacy and keeping your personal information secure. By using our services, you agree to the collection and use of your personal data as outlined in this policy.

What is Personal Data?

Personal data (or personal information) refers to any information that can identify a living individual, either on its own or combined with other data held by the data controller. The processing of personal data is governed by the UK General Data Protection Regulation (UK GDPR).

How We Comply

CVR complies with the UK GDPR by:

Keeping personal data accurate and up to date
Storing and disposing of it securely
Collecting only necessary information
Protecting data from loss, misuse, or unauthorised access
Implementing appropriate technical and organisational safeguards

Who We Are

CVR is the data controller (referred to as "Chief Vehicle Rentals Limited", "we", "us", or "our") and is responsible for how your personal data is used. We have appointed a Privacy and Compliance Manager (PACMAN) to oversee matters related to this policy.

If you have any questions or wish to exercise your legal rights, please contact PACMAN using the details provided below.

Contact Details:
Chief Vehicle Rentals Ltd, The Coachworks, Roundham Road, Paignton, TQ4 6DS
Privacy and Compliance Manager
Phone: 01803 663838
Email: compliance.officer@chiefrentals.com

Security, Integrity and Confidentiality

We are committed to protecting the confidentiality and security of the information you provide to us, and we put in place appropriate technical, physical and organisational security measures to protect your data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put into place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach when we are legally required to do so.

The personal data we collect and the legal basis for its processing.

We will use your information to provide you, your business, or your employer’s business, with a vehicle for hire, lease, or purchase. This may be a contract directly with us, or via an insurer or insurance intermediary.

We may use your information in connection with an insurance contract or for our claims management services. This may include arranging and administering a policy, renewals, adjustments, or claims. We may require special category data from you, such as health or criminal conviction information. We do so on the basis that there is a substantial public interest for insurance to be available to you, in support of a legal claim or to fight crime.

As we are a regulated firm, your data will be used to ensure we meet legal and regulatory requirements. We also have a legitimate interest in using your data for business operations to ensure we can continue to provide our services to customers.

We may use your data to send you marketing information. This will either be on the basis that we have a legitimate interest to do so, or where you have consented. You will be able to withdraw your consent or unsubscribe easily at any time from these communications.

We also need to use your information to process payments and collect debts. This may include credit checks. This is also to provide a contract to you, or as we have a legitimate interest in providing these services and collecting debts.

We may obtain your data directly from you, your business or your employer. We also gather data from a variety of other sources, for instance through in-vehicle dash cams, and in-vehicle telematics devices. These provide us with the use of or access to location information, crash notification and related crash detail, operational condition, mileage, diagnostic and performance reporting of vehicles.

We may receive personal data about you from various third parties such as insurers, insurance intermediaries, claims management companies, and their representatives. This may also include garages and firms involved in vehicle repairs, engineers, solicitors, taxi firms, or firms who introduced you to us. We also obtain information from publicly available sources for instance; Companies House, when setting up an account with us.

Purpose of Processing	Types of Personal Data	Lawful Basis
Arranging and administering Insurance, claims, renewals and adjustments	Names, Addresses, Risk Information, Claims circumstances	Performance of a Contract
Arranging and administering Insurance, claims, renewals and adjustments	Special Categories including Health and Criminal Convictions	Substantial Public Interest
Arranging and administering vehicle hire, vehicle lease, vehicle sales	Names, Addresses, Contact Details, Date of Birth, National Insurance number, Driving Licence, Proof of address, Vehicle dash cams, Photographs, Telematics devices, Claims circumstances	Performance of a Contract
Business operations and administration	All non-Special Category data	Legitimate Interest
Business operations and administration	Special Categories including Health and Criminal Convictions	Substantial Public Interest
Legal and Regulatory compliance	Names, Addresses, Risk Information, Claims circumstances	Compliance with a Legal Obligation
Legal and Regulatory compliance	Special Categories including Health and Criminal Convictions	Substantial Public Interest
Marketing	Names, Contact Details, Marketing Preferences	Recognised Legitimate Interest or Consent
Payments, debts, Premium Finance	Name, Address, Bank Details & Credit/Debit Card, Credit History	Performance of a Contract or Legitimate Interest
Regulated claims management	Names, Addresses, Contact Details, Claims circumstances	Performance of a Contract
Regulated claims management	Special Categories including Health and Criminal Convictions	Substantial Public Interest, Legal Claims

Sharing your data

Your personal data will be treated as strictly confidential, and will only be shared within the organisation to those who require if for the purpose of the carrying out the task for which the data was collected for.

Your personal data will only be shared with third parties on a need to know basis, and for them to carry out the task for which the personal data was collected for i.e. to check for driving endorsements, claim liaison with external bodies etc. Examples of third parties we may share your data with:

Liaising with insurance companies and their representatives, third parties, garages, engineers, solicitors

Local Authorities/Police when dealing with Penalty Charges
Regulatory bodies such as FOS, LO & BVRLA when dealing with Complaints
Small Claims Courts/Debt Recovery Agencies when Recovery of vehicles/equipment or monies is required
Merchant Services when handling payments
Service Providers if a vehicle outside our fleet is required to fulfil a booking
Any person or organisation where we are required to because of a Court order, legal duty, or statutory obligation
Credit reference, and fraud prevention, agencies to help prevent and detect fraud, or as part of our debt collection process
Like many Credit Hire Organisations, Accident Management businesses, and Insurers, we previously passed information relating to claims to the VBASE database (VBASE), which is operated by Verius Risk Solutions Limited. The aim is to help us check information provided and to also prevent fraud. We will pass information relating to Your incident to Verius Risk Solutions Limited for analysis as part of its risk appraisal business. In dealing with Your incident, we may search VBASE. VBASE is also accessible by other clients of Verius Risk Solutions Limited and third parties with whom Verius Risk Solutions Limited contracts, other providers of data to VBASE, financial service providers and insurance industry in general for the purposes of risk assessment, identification, prevention, detection and management of fraud and other associated law enforcement purposes.

We previously passed information relating to claims to the Netfoil database (Netfoil), which was owned and operated by Hill Dickinson LLP. Any information passed to
Netfoil between November 2012 and November 2017 will be transferred to VBase.

International Transfers

We generally do not transfer your personal data out of the UK or the European Economic Area (EEA). If we must transfer information to a third country outside the UK/EEA/EU, we will only do so if a similar level of protection applies.

Accuracy

We will take reasonable steps to ensure the accuracy of personal data, that it is kept up to date and that actions are taken to avoid storing old or redundant data. We will ensure that the source of personal data is clear. We will take action to ensure that inaccurate personal data about the purposes for which they are processed should be erased or rectified without delay.

Storage/Retention

We will ensure that personal data is kept in a form that permits identification of data subjects for no longer than necessary, to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
We will archive personal data as we are required to do so by law as outlined in the CVR Data Retention Policy. We will securely delete or anonymise information that is no longer needed. Most personal data is stored for 7 years in line with HMRC requirements for all information that can or does have a financial impact.

Your rights and your personal data

You can obtain a copy of your personal information from us without charge by contacting us at the address above. This may include the right to transfer information to other providers.

You have the right to ask us to correct information.

You have the right to ask us to delete your information or stop using it, unless it is necessary for us to retain it as set out in our retention policy.

You may have the right to be informed about, respond to, contest, and request human intervention if decisions about you are made solely by a computer.

You have the right to complain to the Information Commissioner at www.ico.org.uk, Tel 0303 123 11132.

Log Data

We may also collect information that your browser sends whenever you visit our websites, this may include information such as your computer’s Internet Protocol (“IP”), address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time you spent on those pages etc. In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this type of information to increase our Service’s functionality. These third-party service providers have their own privacy policies addressing how they use such information.

Cookies

Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive. We use Cookies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some aspects of the website.

Links to other sites

Our website may contain links to other websites, plug-ins and applications that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise that you review the Privacy Policy of every site you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party websites.

Marketing

We may provide you with updates and offers for CVR products and services via marketing tailored you through online digital services (e.g. online advertising, social media communications, mail chimp) or by direct marketing (e.g. email or text). We will always give you the opportunity to ‘opt out’ or ‘unsubscribe’ to direct marketing when you complete a rental agreement or receive any email, text or other direct marketing communication.

We will never release information about our customers or business partners to any other person or organisation for marketing purposes unless we have your permission to do so.

To update your information or change your marketing preferences please contact the Compliance Officer:

By phone: 01803 663838
By email: compliance.officer@chiefrentals.com
By post: Chief Vehicle Rentals Ltd, The Coachworks, Roundham Road, Paignton, TQ4 6DS

To request a copy of all the information we hold about you, please write to us on the above address F.A.O. The Compliance Officer.

You have the right to make a compliant at any time to inform the Information
Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org). We would, however, appreciate the chance to deal with any concerns you have before you approach the ICO so please contact us in the first instance.

Changes to this Policy

We may amend this policy from time to time, for example, to keep it up to date or to comply with legal requirements. It is advisable to review this policy periodically for any changes. Changes to this Privacy Policy are effective when posted on this page.