GDPR Compliance Policy
28.12.2023.
Fuerte d.o.o.("we," "us," or "our") is committed to ensuring the protection of personal data in accordance with the General Data Protection Regulation (GDPR) of the European Union. This policy outlines our commitment to GDPR compliance and how we handle personal data.
GDPR Compliance Policy for Fuerte d.o.o. (Avax rent a car)
Last Updated: 01.01.2024.
1. Data Protection Principles
We adhere to the following GDPR principles when processing personal data:
-
Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently.
-
Purpose Limitation: We collect and process personal data for specified, explicit, and legitimate purposes.
-
Data Minimization: We only collect and process data that is necessary for the intended purpose.
-
Accuracy: We take reasonable steps to ensure the accuracy of personal data.
-
Storage Limitation: We retain personal data for no longer than necessary for the intended purpose.
-
Integrity and Confidentiality: We implement appropriate measures to ensure the security and confidentiality of personal data.
2. Data Collection and Processing
We collect and process personal data for the following purposes:
-
Providing and managing car rental services.
-
Processing reservations and fulfilling contractual obligations.
-
Responding to customer inquiries and providing customer support.
-
Marketing communications (with the option to opt-out).
3. Data Subject Rights
We respect the rights of data subjects under the GDPR, including:
-
The right to access personal data.
-
The right to rectify inaccurate or incomplete data.
-
The right to erasure of personal data.
-
The right to restrict processing.
-
The right to data portability.
-
The right to object to processing.
4. Legal Basis for Processing
We process personal data based on one or more of the legal bases outlined in the GDPR, including the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, the performance of a task carried out in the public interest or in the exercise of official authority, and legitimate interests pursued by the data controller or a third party.
5. Data Security
We implement appropriate technical and organizational measures to ensure the security of personal data. This includes measures to protect against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
6. Data Breach Response
In the event of a data breach, we have procedures in place to identify, assess, and report the breach to the relevant supervisory authority and, where required, to the affected data subjects.
7. Data Protection Officer (DPO)
We have appointed a Data Protection Officer to oversee GDPR compliance. The DPO can be contacted at gdpr@support.avaxrent.com
8. Updates to this Policy
This GDPR Compliance Policy may be updated periodically to reflect changes in our data processing activities or changes in applicable data protection laws. Any updates will be published on our website.
9. Contact Information
For any inquiries or concerns related to data protection or GDPR compliance, please contact us at gdpr@support.avaxrent.com