Privacy Policy

We are aware some of the data we collect are personal, so we vow to protect it.

Here we present to you GIRO privacy policy - a document in which we wish to inform you how we collect, keep and use your personal data which we collect when you use our services and what security measures do we implement to keep them safe.

We use your personal data for many reasons, primarily to enable you safe and smooth rental experience and to understand how our users engage with our services so we can keep improving them.

Please take a few minutes to familiarise yourself with our privacy practices and if there are any questions remaining send us your inquiries to support@girocarshare.com. We will do our best to respond to you promptly.

GIRO - what services do we offer?

GIRO services refer to all functionalities offered by this website, GIRO applications and other use of software provided by GIRO, enabling users to meet online and arrange car rental agreements.

This services are provided by company GIRO Car Share d.o.o., located at Verovškova 55, 1000 Ljubljana and registered at District court in Ljubljana, Slovenia (“GIRO”, “us”, “we”, “our”). These Services are accessible via our internet website at URL www.girocarshare.com (“Website”) and/or by using a mobile application called “GIRO” (“App”).

GIRO services are more precisely described in Terms and Conditions.

What personal data do we collect?

You may be asked to provide your personal information anytime when you are using our services or when you are in contact with GIRO company and other Users of GIRO services.

Personal data refers to any information that can be used to directly or indirectly identify a specific natural person.

You are not required to provide all the personal information that we have and/or will request, but, if you chose not to do so, in many cases you will not be able to access our services or we may not be able to respond to any inquiries you may send to us.

Personal data about you may and will be collected when:

you are using our services via our internet website at URL www.girocarshare.com (“Website”);
you are using our mobile application called “GIRO” (“App”);
you are contacting us using our contact form or by any official GIRO email or phone number;
you are contacting the owner of the vehicle you wish to rent;
you are contacting any GIRO affiliated company.

GIRO collects, keeps and uses different categories of personal data that we want you to be aware of when using our services: Website data, App data, Registration data, Owner data, Renter data, Payment data and Public data.

We collect, store and use information (personal or non-personal) in the log files of our servers and in a Data Warehouse.

Website data:

A unique identifier stored in your cookies;
Your email address if you subscribe to newsletter;

App data:

Location (if enabled to simplify search);
Logs of your in app actions;
Your IP address;

UserID

Android device ID or iOS IDFA;
country code;
language
device name;
name of the operating system and version;

Signup data

First Name;
Last name;
E-mail;

Renter data

First Name;
Last name;
Date of birth;
Country of Residence;
Address;
E-mail;
Phone number;
Government ID photos (Front and back);
Driving licence photos (Front and back)

Owner data

First Name;
Last name;
Date of birth;
Country of Residence;
Address;
E-mail;
Phone number;
Government ID photos (Front and back);
Driving licence photos (Front and back);
Car details;
Car registration;
Car photos;

GIRO access to user communication

GIRO has access to and keeps record of all communication exchanged between Owner and Renter through the Website and/or App for following purposes:

to ensure fraud prevention;
for efficient user support service
to improve the user experience when using our services;
for any legal reasons.

Communication between members of our community will never be used for promotional or advertising targeting and will never be exposed to any third party, unless we are instructed to do so by a court order.

How long do we keep personal data?

We are aware your personal data is a delicate matter, so we will only keep it for the period necessary for the purposes it is being used for.

We will keep your personal data for the time necessary for the purpose it is being processed for. We only keep your personal data for the period necessary for the performance of our Services and the duration of your membership. We archive personal information from closed accounts in accordance with rules applicable to the protection of your data only in order to comply with legal obligations, prevent fraud, collect any remaining fees that are due, resolve disputes, troubleshoot problems, assist with any investigations, enforce our terms and conditions, and take other actions otherwise permitted by law.

Why we keep Exclusion list?

GIRO keeps a list of members that were removed from GIRO community and banned from further use of our services according to our Terms and Conditions. We do so to keep our services smoothly running and to keep your personal data safe and secure. Users listed on exclusion list are listed in the case of proven and verified violation of our Terms. This list collects the following personal data from the blocked user: name, first name of the User concerned, birth date, number and date of expiry of the credit card used for the fraudulent transaction, drivers licence information, Passport or government ID information, car documentation (VIN, registration plate number). Giro keeps the personal data of the Users concerned by this fraudulent activity for probationary purposes. The exclusion list includes the reasons for registration and is regularly updated. User profiles are deleted from the list of regularisation of the incident that gave rise to the registration.

Does Giro share your data with third parties?

We do not sell personal data to third parties. We may transfer personal data to our contractual service providers. Before doing so, we take steps to ensure that your personal data is treated with adequate protection as required by data protection laws and GIro's internal policies. We share Personal Data to carry out services and actions by order and for Giro, for example, to let the software run on the platform of remote servers, carry out and settle up payment processes for offered products or services, carry out technical checks to validate the condition of vehicles on the Website, confirm that the Renter Data is accurate or outsource certain Customer Relation and Claim Management actions. In addition, Giro is seeking guarantees from its service providers acting as data processors under the GDPR on their compliance with the rules set out in the GDPR. Giro shall be entitled to process and use the User’s log data that is automatically collected (Server Logfiles) for the purpose of identifying, delimiting and removing malfunctions and errors in the telecommunication systems. If the requirements are met, Giro may use log data that is necessary to uncover any unlawful use of the telecommunication systems and services. In accordance with prevailing legal provisions, Giro may be required to provide information to criminal prosecution authorities and courts for prosecution purposes. In such situation, Giro may not inform you about the disclosure of your Personal Data to authorised third parties.

YOUR RIGHTS

We want you to be aware that you are in control of how your personal data is used by us. So we are informing you about your rights related to how your personal data is processed. If you would like to discuss or exercise any of these rights, contact us at any time through the details provided at the end of this document.

You have the right to be informed - to be provided with transparent and easily understandable information about how your personal data is being used and what are your rights regarding personal data. In respect to this right, we are providing you with such information in this document.
You have the right to access your personal data. You have the ability to get access to your personal data that is being processed by us. This gives you the right to see or view you own personal data, as well as to request copy of the personal data kept by us.
You have the right to rectification - to ask for modifications, corrections or updates to your own personal data in case you believe that any of his personal data is not up to date or accurate.
You have the right to withdraw your consent. This will restrict data processing right that you have previously given to us for processing your personal data. This request require us to stop using that personal data that was collected based on your given consent.
You have the right to erasure. Under certain circumstances and in accordance with legal requirements you have the ability to ask us to delete your personal data kept by us. We can do so if the personal data we collect is no longer needed for any purposes and if is not required by law to keep it.
You have the right to object. This gives you the ability to object to certain types of data processing, including using data for direct marketing.
You have the right to data portability. The personal data we collect is portable and transferable in a machine-readable electronic format. This gives you the ability to ask for your data to be provided to you or transferred to another controller.
You have the right not to be subject to a decision based solely on automated processing, including profiling. This right provides you with the ability to object to a decision making based on automated processing. Using this right you may ask for your request to be reviewed manually.

HOW we protect your personal data?

We take security of your personal data very seriously. That is why take every effort to employ reasonable technical and organisational procedures to prevent unauthorised access to, and the misuse of our Services any systems.

We employ efficient technical and organisational measures in order to safeguard the Service and other systems against loss, destruction, access, changes or the distribution of your data by unauthorised persons according to current the state of art. The data transfer between the Service and the Server is [SSL] encrypted. The access to your Giro account is only possible after entering your personal password directly or through autologin processes or through Facebook Connect. You should always treat your access information confidentially and close the browser window, once you have ended your communication with us, particularly if you share the use of the computer and/or device with others. Giro will store your data on servers, which are located in Frankfurt, Germany and managed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, (Google Cloud Platform>) which participates in the EUUS Privacy Shield framework regarding the collection, use, and retention of personal information from European Union member countries.

Updates or changes to GIRO Privacy Policy

There may be times when we need to update or make some changes to this statements. If and when we do so, we will notify you about the updates or changes the next time you use our services.

We will however not reduce your rights under this Privacy Policy without your prior consent. You will have the right to object to the changes made and execute any of the rights stated above regarding your personal data.

Questions? Complaints? Want to claim your rights? - Contact us.

For any of your questions regarding this Privacy Policy and to exercise any of your rights or if you have a complaint, please contact us by:

support@girocarshare.com