Privacy Policy

This is the registry and privacy statement in accordance with the Company’s Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).

Created on May 19, 2018.
Last updated on October 7, 2021.

When you rent a car, we ask for your personal information. Personal information refers to your name, full personal identification number, work and home address, phone number, email address, and credit card information. With this information, we can serve you better and more flexibly in matters related to car rental.

The storage of personal data is in compliance with the Personal Data Act. Scandia Rent car rental does not disclose consumer personal data to external parties.

REGISTRAR

MABI Mobility Oy
Rantaperkiönkatu 1A,
33900 Tampere,
info@scandiarent.fi,
tel. 0600 55 00 99

CONTACT PERSON IN CHARGE OF THE REGISTER AND DATA PROTECTION OFFICER

Timo Raimovaara, CEO
info@scandiarent.fi

NAME OF THE REGISTER

Scandia Rent car rental customer database.

LEGAL BASIS AND PURPOSE OF PERSONAL DATA PROCESSING

The legal basis for the processing of personal data under the EU General Data Protection Regulation is the legitimate interest of the data controller (the customer’s order and the necessary information that enables the provision of services to the customer).

The purpose of processing personal data is to ensure the efficient and flexible management of the car rental service and customer relationship. The data is not used for automated decision-making or profiling.

CONTENT OF THE REGISTER

The information stored in the register includes: the person’s name, any company/organization associated, contact details (phone number, email address, address), addresses of websites, IP address of the internet connection, details of ordered services and their changes, billing information, and other information related to the customer relationship and ordered services.We retain the information we collect as long as our legal obligations or the performance of the service you requested requires.

REGULAR SOURCES OF INFORMATION

The information stored in the register is obtained from the customer, for example, during the ordering process, via messages sent through web forms, emails, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their information.

REGULAR DISCLOSURES OF DATA AND TRANSFER OF DATA OUTSIDE THE EU OR EEA

Data is not regularly disclosed to third parties. Data may be published to the extent agreed upon with the customer. Data is not transferred or disclosed outside the European Union.

PRINCIPLES OF REGISTER SECURITY

Care is taken in the processing of the register, and the data handled with information systems is properly secured. When register data is stored on Internet servers, the physical and digital security of the hardware is properly maintained. The data controller ensures that stored data, as well as access rights to servers and other information critical to the security of personal data, are handled confidentially and only by those employees for whom it is part of their job description.

RIGHT OF INSPECTION AND RIGHT TO REQUEST CORRECTION OF INFORMATION

Every person registered has the right to check the information stored about them in the register and to request the correction of any inaccurate information or the completion of any incomplete information. If a person wants to check the information stored about them or request corrections to it, the request must be sent in writing to the data controller. The data controller shall respond to the customer within the time frame set by the EU General Data Protection Regulation (generally within one month).

OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA

 person registered in the system has the right to request the deletion of their personal data from the register (“right to be forgotten”). Registered individuals also have other rights under the EU General Data Protection Regulation, such as the restriction of personal data processing in certain situations. Requests should be sent in writing to the data controller. The data controller may ask the requester to prove their identity if necessary. The data controller will respond to the client within the time frame established by the EU data protection regulation (generally within one month).

USE OF COOKIES

We use cookies on our site to enhance the user experience. They are also used to measure our website traffic and our advertising. The use of cookies allows us to improve our services and offer more tailored content to our customers.You can modify your cookie settings at any time. Please note that cookie settings are browser-specific.