Privacy policy

Updated: 20 April 2023

GENERAL PROVISIONS

We respect your privacy and are committed to protecting your personal data. This privacy policy (hereinafter referred to as the “Privacy Policy“), contains information on how your personal data is processed and stored when using the website http://hertzlease.ee/ (hereinafter referred to as the “Website“), what rights you have, and other relevant information related to your personal data.

Your personal data is processed by APR-Rent AS (Company code: 10276625, address: Lõõtsa 4, 11415 Tallinn) (hereinafter referred to as the “Company” or “We“) acting as a Data Controller in accordance with the definition of this term established in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the “GDPR” or “Regulation”), and in accordance with the applicable national laws.

As used in this Privacy Policy, the term “personal data” (“Personal Data“) refers to any information or set of information from which you can be identified, directly or indirectly, such as your name, surname, email address, telephone number, etc.

This Privacy Policy applies to all Personal Data that we collect and process when you use the website http://hertzlease.ee/. If you use our Website, contact us, subscribe to our newsletters, we consider that you have read and agreed to the terms of this Privacy Policy. If you do not agree to the Privacy Policy, you may not use the Website or contact us about our services.

THIRD-PARTY LINKS ON OUR WEBSITES

Third-party links on our website Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

PRINCIPLES FOR PROCESSING PERSONAL DATA

We process personal data in accordance with the European Union’s General Data Protection Regulation (EU) 2016/679, the Law on Legal Protection of Personal Data of the Republic of Lithuania, the instructions of the controlling authorities, and other legal acts governing the processing of personal data.

The amount of personal data processed depends on the services you order or use and the information you provide when visiting our Website.

We process data in accordance with the following principles:

  • Personal data is collected only for clearly defined and legitimate purposes.
  • Personal data shall only be processed lawfully and fairly.
  • Personal data is kept up to date.
  • Personal data shall be kept securely and for no longer than required by the stated purposes of processing or by law.
  • Personal data shall be processed only by those persons who are authorized to do so by virtue of their functions.
  • Personal data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data is processed.

The data is processed in accordance with one or more of the following criteria for lawful processing: (I) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; (II) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (III) processing is necessary for compliance with a legal obligation to which the controller is subject; (IV) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (V) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.

When processing and storing your personal data, we implement organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, or any other unlawful processing. Access to your personal data is limited to those persons for whom it is necessary for the performance of their job functions.

You are responsible for ensuring that the personal data you provide is accurate, correct, and complete. If the personal data you have provided changes, you must inform us immediately. We will not be liable for any damages caused to a person and/or third parties as a result of a customer or potential customer providing us with incorrect and/or incomplete personal data or failing to request the data to be updated and/or amended in the event of a change.

By submitting their personal data, customers or potential customers, visitors to the Website jointly grant us the right to collect, store, systematize, use, and process, for the purposes set out in this Policy, any and all personal data that data subjects provide directly or indirectly by visiting the Website, and in other ways when they use the services we provide.

SOURCES OF PERSONAL DATA

Personal data is usually obtained directly from the data subject when he or she provides it by visiting the website.

Personal data may also be obtained from other sources, for example, when we receive information from public registers, public authorities, our partners, for example, who deliver goods to you, other third parties, for example, payment institutions, about payments made, etc.

Certain limited data may also be automatically generated when a customer browses our website. 

Although customers and potential customers are not obliged to provide us with any personal data, it is possible that certain services may not be provided to the customer if personal data is not provided.

WHAT PERSONAL DATA DO WE PROCESS AND WHY?

When administering your enquiries regarding car rental and car subscriptions, we may process the following personal data: name, surname, email address, company name, relation to the company, telephone number.

Legal basis for processing: The processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) GDPR).

Period of data retention: For the duration of the contract or the administration of the request (if no contract is concluded with the data subject) and for a period of 10 years from the end of the contract or the administration of the request.

To improve our website and to ensure its smooth operation, we collect your IP address and other data provided by cookies and other related browser settings. For more information about the cookies we use, please see the section “cookies”.

Legal basis for processing: the data subject’s consent to such processing (Article 6(1)(a) of the GDPR); the legitimate interests of the controller or a third party (Article 6(1)(f) of the GDPR).

Data retention period: the website data is stored as described in the section of this privacy policy titled “Cookies”.

With your consent, we may use your Personal Data for the purpose of direct marketing in order to provide you with newsletters, offers or other relevant information about our services, as well as to get feed-back about the quality of our services. For this purpose, we collect your name and email address.

Newsletters may be sent to you by email or other electronic communication channels. Your contact details may be passed on to our partners and data processors who provide us with newsletters or quality assessment services.

When we send newsletters, we may collect information about the individuals who received them, such as which message they opened, which links they clicked on, etc. This information is collected in order to offer you personally relevant and more tailored news.

Even if you have given your consent to the processing of Personal Data for direct marketing purposes, you can easily withdraw this consent at any time in relation to all or part of the Personal Data processing activities. To do so, you can:

  • notify us of your cancelation in the manner indicated in the received email (for example, by clicking on the “unsubscribe” link in the newsletter, etc.); or
  • by sending us a notice to the email address specified in this Privacy Policy. If you request to withdraw your consent this way, we may ask you to confirm your identity.

If you withdraw your consent, we will endeavor to stop sending newsletters to the contact details you have provided immediately.

Withdrawal of consent does not automatically oblige us to destroy your Personal Data or to provide you with information about the processing of your Personal Data. You should make a separate request for these actions. 

Legal basis for processing: the data subject’s consent to such processing (Article 6(1)(a) GDPR);

Data retention period: The data will be processed for 2 years from the date of consent.

COOKIES

In order to improve your experience when visiting our website, we may use cookies, which are small pieces of textual information that are automatically generated when you browse our website. This information is stored on the visitor’s computer or other terminal device.

The information collected by cookies allows us to provide a more user-friendly browsing experience on the Website and to learn more about the behavior of visitors. This helps us to analyze trends and to improve our Website.

We may use mandatory cookies which are necessary for the operation of the Website; analytical and functional cookies which are designed to analyze the use of the Website, remember user preferences and tailor them to the Website so that we can provide enhanced functionality; also performance cookies, third party cookies, advertising cookies which are designed to show you personalized and generic advertising.

You can choose whether to accept cookies. If you do not agree to cookies being placed on your computer or other device’s browser, you can opt-out at the cookie consent bar or change the settings of the browser you are using and disable cookies (either all at once or one at a time or in groups). If you wish to refuse cookies on your mobile device, you must follow the official instructions for that device. Please note that in some cases, refusing cookies may slow down your browsing speed, restrict the functionality of certain websites or block access to a website. For more information, please visit http://www.AllAboutCookies.org or https://www.google.com/privacy_ads.html.

You can deactivate the use of third-party cookies for advertising-related purposes by visiting the Network Advertising deactivation page at http://www.networkadvertising.org/managing/opt_out.asp.

We use the following cookies to ensure you get the best experience on our website:

TITLE OF THE COOKIEPURPOSEEXPIRATION DATE
cookielawinfo-checkbox-analyticsNecessary cookie for basic functions of the website. Used to determine whether the visitor has accepted the statistical cookie category in the cookie selection bar. The cookie is necessary to comply with GDPR requirements.The cookie expires automatically after 1 year.
cookielawinfo-checkbox-necessaryNecessary cookies for basic functions of the website. Determines whether the user has checked the consent box for the use of cookies.The cookie expires automatically after 1 year.
rc::aNecessary cookies for basic functions of the website. A cookie is used to distinguish humans from bots.Long-term
rc::bNecessary cookies for basic functions of the website. A cookie is used to distinguish humans from bots.The cookie expires automatically at the end of the browsing session, i.e. i.e. when you close your web browser.
rc::cNecessary cookies for basic functions of the website. A cookie is used to distinguish humans from bots.The cookie expires automatically at the end of the browsing session, i.e. i.e. when you close your web browser.
_gaOptional, statistical. Registers a unique identification code used to generate statistical data about how the visitor uses the website. The cookie is provided by Google Analytics.The cookie expires automatically after 2 years.
_gatOptional, statistical. Google Analytics uses a cookie to limit the number of visits.The cookie expires automatically after 1 day.
_gidOptional, statistical. Registers a unique identification code used to generate statistical data about how the visitor uses the website. The cookie is provided by Google Analytics.The cookie expires automatically after 1 day.
NIDNo marketing required. Registers a unique identification code that identifies the returning user’s device. The identification code is used to display targeted advertising.The cookie expires automatically after 6 months.
webforms/o/93231/s6p1g9No marketing required. Mailerlite uses a cookie to identify reliable web traffic and when a visitor wants to subscribe to the newsletter.The cookie expires automatically at the end of the browsing session, i.e. i.e. when you close your web browser.
cookielawinfo-checkbox-advertisementNot required, unclassified.The cookie expires automatically after 1 day.

TRANSMISSION AND STORAGE OF PERSONAL DATA

Personal data shall be protected against loss, misuse, and damage. Physical and technical measures are in place to ensure that the personal data we collect from you is secure. We remind you that data transmitted over the Internet is not completely secure. The company cannot guarantee the complete security of the data, but is committed to take all necessary steps to protect it.

We are committed to our duty of confidentiality in relation to the personal data of our customers, potential customers and visitors to the website. Personal data may only be disclosed to third parties if this is necessary for the conclusion and performance of a contract or for the benefit of the data subject, or other legitimate reasons. We transfer the data we receive from our customers to third parties only to the extent and insofar as it is necessary for the provision of the relevant services and/or to comply with legal obligations. If personal data is not necessary for the provision of a particular service, it is not transferred. We transfer personal data to these third parties based on a data provision agreement or a specific legal act, in strict compliance with the statutory requirements.

We may transfer your personal data:

To our partners or consultants, such as auditors, lawyers, tax advisors, etc., as well as to the Personal Data processors we use, such as couriers, CRM service providers, IT companies, companies providing advertising and marketing services, companies providing accounting services, etc. We require data processors to store, process and handle Personal Data as responsibly as we do and only on our instructions. If you wish to obtain information about the data processors we use, you can do so by submitting a request to [email protected]

We may also provide your personal data in response to requests from the courts or public authorities to the extent necessary for the proper execution of applicable law and the instructions of public authorities. 

Your personal data will not be transferred to third countries, i.e. outside the European Union, unless such transfer is required by law or by the courts.

YOUR RIGHTS

If your Personal Data are covered by the GDPR (that is, if you are an individual within the European Economic Area), you have the following rights with respect to your Personal Data:

  • The right to request access to the Personal Data that Hertz Lease has about you;
  • The right to rectify or correct any Personal Data that is inaccurate or incomplete;
  • The right to request a copy of your Personal Data in electronic format so that you can transmit the data to third parties, or to request that Hertz Lease directly transfer your Personal Data to one more third parties;
  • The right to object to the processing of your Personal Data for marketing and other purposes;
  • The right to erasure of your Personal Data when it is no longer needed for the purposes for which you provided it, as well as the right to restriction of processing of your Personal Data to certain limited purposes where erasure is not possible.

To exercise any of these rights, please contact us using the information provided below.

Please note that erasure or restriction of processing is only possible if and to the extent that the processing of Personal Data is based on your consent or our legitimate interests. If data processing is based on consent, note that you have the right to withdraw your consent at any time, but that the withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. In the event of an erasure request, we may retain a copy of your Personal Data for our record-keeping purposes and to avoid entering your personal data into our systems after your request.

If you wish to make a complaint about our processing of Personal Data, please submit it to us in writing, providing as much information as possible. We will cooperate with you and endeavor to resolve any issues promptly.

If you believe that your rights under the Regulation have been violated, you may lodge a complaint with our supervisory authority, for further information and contact details please visit the Inspectorate website (https://vdai.lrv.lt/). We aim to resolve all disputes efficiently and fairly, so you are welcome to contact us first.

UPDATES TO THIS PRIVACY NOTICE

From time to time, we may revise this Privacy Notice. Any such changes to this Privacy Notice will be reflected on this page. Hertz Lease recommends that you review this Privacy Notice regularly for any changes. The date on which this notice was last revised is located at the top of this notice.

CONTACT INFORMATION

If you need to contact us for any reason (including to exercise any of your rights in relation to your personal data as set out above) please send us your request at: [email protected] or reach us by phone: +372 611 6333.

Fill out the application

After filling out the car rental application, we will contact you within 1 working day.

Application completed successfully

Thank you! We will review your application and contact you within 1 business day.

Take me home