Privacy Policy
1. General provisions
1.1. This Privacy Policy (hereinafter: "Policy") sets out the principles, scope and purpose for the processing of personal data (hereinafter: "Personal Data"), terms of access to Personal Data, the rectification of Personal Data and deletion of Personal Data by customers (hereinafter: "Customers") of the company under the name: "Envio Group Poland Spółka z ograniczoną odpowiedzialnością Spółka komandytowa" with its registered office in Bydgoszcz, at ul. Jagiellońska 21, 85-097 Bydgoszcz, entered into the Register of Entrepreneurs of the National Court Register under the KRS number: 0000716322, for which the registration files are kept by the District Court in Bydgoszcz, 13th Commercial Division of the National Court Register, holding the NIP number: 9532640176 and the REGON number: 341473272 (hereinafter: "Envio Rental Car").
1.2. Every customer has the option of reading and downloading the Policy onto their device as well as printing it out.
2. Contact details of the Personal Data Controller:
2.1. Envio Rental Car is the controller of the Customers' Personal Data.
2.2. Contact with Envio Rental Car is possible:
2.2.1. by phone at: +48 504 505 435;
2.2.2. by e-mail at: biuro@erc.pl;
2.2.3. via a contact form located on the website: www.erc.pl;
2.2.4. by post, to the address: ul. Jagiellońska 21, 85-097 Bydgoszcz.
2.3. Customers may contact Envio Rental Car on all matters concerning the processing of Personal Data and the exercise of rights relating to the processing of Personal Data.
3. Legal basis for the processing of Personal Data
3.1. Envio Rental Car provides vehicle rental services to its Customers (hereinafter: "Services").
3.2. Customers' Personal Data is processed by Envio Rental Car based on:
3.2.1. Art. 6 para. 1(b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation) (hereinafter: "GDPR"), i.e. for the purpose of providing the Services to the Customers, presenting details of the Services offer or providing information on the subject of the Services provided;
3.2.2. Art. 6 para. 1(f) of the GDPR when necessary for the legitimate interests pursued by Envio Rental Car set out in section 5.1 of this Policy;
3.2.3. consent granted by Customers, including consent to receive commercial information electronically.
4. The scope of Personal Data collected by Envio Rental Car
4.1. The scope of Personal Data provided to Envio Rental Car by Customers includes:
4.1.1. first name(s) and last name;
4.1.2. contact details: telephone number, e-mail address;
4.1.3. bank account number;
4.1.4. age, date of birth;
4.1.5. information about the type of driving licence held.
4.2. In the event that it is necessary to collect additional Personal Data not indicated in section 4.1 above, Envio Rental Car shall obtain additional consent from the Customer for the collection of Personal Data.
5. Purpose of collecting Personal Data
5.1. The Customers' Personal Data will be collected and processed by Envio Rental Car for the purposes necessary to provide the Services to Customers and where this is necessary for the purposes arising from the legitimate interests pursued by Envio Rental Car – based on Art. 6 para. 1 (f) of the GDPR – which are deemed to be the performance of the Agreement, prevention of fraud, ensuring security, the application of internal processes for overseeing legal compliance and, in addition, the establishment, assertion and defence against claims.
5. Retention period of Personal Data
6.1. The period for which Envio Rental Car processes Customer Personal Data depends on the purpose of the processing:
6.1.1. in the case of the processing of Personal Data to perform the Agreement, the Personal Data shall be processed for the period necessary for its performance;
6.1.2. in the case of the establishment, assertion or defence against claims – until the statute of limitations for such claims has expired;
6.1.3. in the case of the provision of Services to Customers – for a period of 6 (in words: six) years, due to tax law regulations.
6.2. After the expiry of the time limits set out in section 6.1. Customers' Personal Data will only be stored for the purpose of its deletion or anonymisation.
7. Security of Personal Data
Security of Customers' Personal Data is very important for Envio Rental Car. Envio Rental Car makes every effort to protect Customers' Personal Data from unauthorised access by third parties and to ensure the security of Customers' Personal Data. Envio Rental Car processes Customers' Personal Data only for the purposes indicated in this Policy and in compliance with the highest security standards. Access to the Customers' Personal Data is granted only to those Envio Rental Car employees and entities whose access is necessary for the purpose of providing Services to Customers and only in the manner described in the Policy.
8. Information on the voluntary nature of the provision of Personal Data
Envio Rental Car informs its Customers that the provision of Personal Data by them is entirely voluntary, however, failure to provide Personal Data may impede or prevent Envio Rental Car from providing Services to Customers.
9. Customer rights concerning the processing of Personal Data
9.1. In relation to the processing of Personal Data by Envio Rental Car, each Customer is entitled to:
9.1.1. obtain information about the Personal Data processed by Envio Rental Car;
9.1.2. access their Personal Data;
9.1.3. rectify or delete their Personal Data;
9.1.4. object to the processing of Personal Data;
9.1.5. restrict the processing of Personal Data.
9.2. To exercise their rights, the Customer may use any of the forms of contact with Envio Rental Car indicated in section 2.2 of this Policy.
10. Right to submit a complaint regarding unlawful processing of Personal Data
Each Customer is entitled to submit a complaint with the supervisory authority of the President of the Personal Data Protection Office responsible for the protection of personal data. Complaints should be addressed to: Head of the Personal Data Protection Office (PUODO)
ul. Stawki 2, 00-193 Warsaw, Poland.
11. Final Provisions.
11.1. The division of the Policy into sections and the titling of individual sections is only intended as a matter of order and should not affect their interpretation.
11.2. The Policy as amended above is effective as of 01.03.2021.
11.3. Any comments, feedback or information can be sent via the CONTACT tab found at www.erc.pl.