Privacy Policy

1. ABOUT THIS POLICY

Your privacy is important to us and we want you to feel comfortable with how we use, share and process your personal information.

This Privacy Policy sets out how this website is managed and handles personal information of the users of the website and is provided pursuant to the EU General Data Protection Regulation No.2016/679 and UK Data Protection Act 2018.

This policy sets out how we handle your personal information, including when and why it is collected, used, processed and disclosed and how it is secured.

Our contact details are at the end of this policy which you can use if you have any questions, including how to update or access your personal information or to make a complaint.

This policy may change, so please check this page from time to time to ensure that you’re happy with any changes.

 

2. WHO WE ARE

Where this policy refers to “we”, “our” or “us” below, unless it mentions otherwise, it’s referring to Leasys S.p.A, registered office in Turin - Corso G. Agnelli 200 (Italy).

Leasys S.p.A. is part of the FCA Bank Group. Our corporate structure is  here.

For the purpose of this website, we are the data controller of your personal information.

For the purpose of the hire, your selected dealer will be the data controller. For further details, please refer to the privacy policy of the selected dealer.

A ‘controller’ is a company that decides why and how your personal information is processed. 

 

3. HOW AND WHAT PERSONAL INFORMATION WE COLLECT

We may collect and process the following personal information about you:

 

4. HOW WE USE YOUR PERSONAL INFORMATION

4.1. Where required to perform a CONTRACT with you

We may use and process your personal information where it is necessary for the performance of a contract with you or in order to take steps, at your request, before entering into a contract with you, including for the following purposes:

4.2. Where there is a LEGITIMATE INTEREST

We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:

It may be necessary from time to time share your personal data with our regulators including, the Financial Conduct Authority and the Information Commissioner’s Office.

4.3. Where required to comply with our LEGAL OBLIGATIONS

We will use your personal information to comply with our legal obligations including:

(i) to assist HMRC, the Police, the Driver and Vehicle Licensing Agency (DVLA), any other public authority or criminal investigation body

(ii) to identify you when you contact us, and

(iii) to verify the accuracy of data that we hold about you.  

4.4. Where it is in your VITAL INTEREST

We may use your personal information to contact you if there are any urgent safety or product recall notices to communicate to you or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you. It is in your vital interests for us to use your personal information in this way.  

 

5. OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL INFORMATION

5.1. FCA companies

We may share your information with other companies within the FCA Bank Group, Leasys Group, FCA Group and Credit Agricole Group. This would usually be for reporting or statistical purposes, as part of our investigation of a complaint, for marketing, telemarketing, commercial information, advertising material or for market surveys.

5.2. Our suppliers and service providers

We may disclose your information to our third party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include IT services providers and administrative services or other third parties who provide services to us.

When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their services and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

5.3. Authorised dealers in our network

Our dealers may use your personal information in connection with the products and services you take out with us. 

5.4. Third parties who provide products and services

We work closely with various third parties to bring you a range of products and services which are complimentary to ours, e.g. insurance.

When you enquire about or purchase one or more of these products or services through us or our dealers or directly with us, the relevant third party may use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them.

These third party product providers may share your information with us which we will use in accordance with this policy. In some cases, they will be acting as a controller of your information and therefore we advise you to read their privacy policy.

5.5. Other ways we may share your personal information

We may transfer your personal information to a third party as part of a sale (or a preparation for sale) of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation.

We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation (e.g. by sharing your personal information with the DVLA or our regulators), to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers.

However, we will always take steps with the aim of ensuring that your privacy rights continue to be protected. 

Consequences of Processing

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services you have requested, or to employ you, or we may stop providing existing services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.

Your Rights

Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data. For more information or to exercise your data protection rights please, please contact us using the contact details below.

You also have a right to complain to the Information Commissioner's Office which regulates the processing of personal data.  

 

6. WHERE WE STORE YOUR PERSONAL INFORMATION OUTSIDE THE EEA

All information you provide to us may be transferred to countries outside the UK and the European Economic Area (EEA). We are working with some third party service providers who are located in a country outside of the UK and the EEA (for example some of our IT providers have service centres in Australia, Canada and India). These countries may not have similar data protection laws to the UK. In such cases, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on these providers, including the appropriate model contractual clauses that aim to ensure adequate protection. Please contact us using the details at the end of this policy if you would like more information about the protections that we put in place.

If you use our services whilst you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.  

 

7. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION

If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws in accordance with our Data Retention Policy.

We do not retain personal information in an identifiable format for longer than is necessary.

We may need your personal information to establish, bring or defend legal claims, in which case we will usually retain your personal information for 6 years after the last occasion on which we have used your personal information in one of the ways specified in How we use your personal information Section 4.

The only exceptions to this are where:

 

8. YOUR RIGHTS

8.1. Your ‘data subject’ rights

You have a number of rights in relation to your personal information under data protection laws. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we have received your request.

We will aim to deliver the data you request, however it may not always be possible. If your request is excessive or unfounded or would require a disproportionate effort to meet, we may charge a reasonable fee. Unfortunately in some cases we may not be able to provide with all of the data you request. If that happens, we will explain why.

8.2. Accessing your personal information

You have the right to ask for a copy of the information that we hold about you by emailing us at dataprotectionoffice@fcagroup.com. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

8.3. Correcting and updating your personal information

The accuracy of your information is important to us. If you change any of your personal details or if you want to correct any inaccuracy in your personal data, please email us at dataprotectionoffice@fcagroup.com and we will be happy to assist.

8.4. Objecting to our use of your personal information

Where we rely on our legitimate business interests as the legal basis for processing your personal information for any purpose(s), as out under How we use your personal information in Section 4, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy.

Except for the purposes for which we are sure we can continue to process your personal information, we will usually temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.

8.5. Erasing your personal information or restricting its processing

In certain circumstances, you may ask for your personal information to be removed from our systems by emailing us at dataprotectionoffice@fcagroup.com. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.

You may also ask us to restrict processing your personal information in the following situations:

In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so; for example, for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.

8.6. Transferring your personal information in a structured data file (data portability)

Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under Section 4 How we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly-used and machine-readable form, such as a CSV file.

You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

8.7. Complaining to the UK data protection regulator

You have the right to complain to the Information Commissioner’s Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.

 

9. SECURITY

9.1. Security measures we put in place to protect your personal information

We use technical and organisational security measures to protect the personal information supplied by you and managed by us against manipulation, loss, destruction, and access by third parties. Our security measures are continually improved in line with technological developments. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information whilst in transit to our website and any transmission is at your own risk. Where we have given (or where you have chosen) a password which enables you to access an account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

9.2. Use of 'cookies'

'Cookies' are small pieces of information sent to your device and stored on its hard drive to allow our websites to recognise you when you visit.

Information on the cookies that we use and their features can be found in the Cookies Policy.

9.3. Links to other websites

Our website may contain links to other websites run by other organisations which we do not control. This policy does not apply to those other websites and application‚ so we encourage you to read their privacy notices. We are not responsible for the privacy policies and practices of other websites and application (even if you access them using links that we provide) and we provide links to those websites solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.

In addition, if you are linked to our website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.

9.4. Social plugins

From time-to-time, we or our marketing agents such as dealers, may use social plugins (buttons) of social networks such as Facebook, LinkedIn, Google and Twitter.  Please see our Cookies Policy. If you are a member of a social network and do not wish it to combine data retrieved from your visit to our websites with your membership data, you must log out from the social network concerned before activating the buttons.

We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.

We or our marketing agents may contact you with targeted advertising delivered online through social media and platforms (operated by other companies) by using your personal information, or use your personal information to tailor marketing to improve its relevance to you, unless you object. 

 

10. CHANGES TO THIS POLICY

We may review this policy from time to time and any changes will be published on our website. We may also contact you by email. We recommend that you regularly check for changes and review this policy when you visit our website. If you have any queries about any aspect of our policies, please do not hesitate to contact us.  

 

11. CONTACT OUR DATA PROTECTION OFFICER

If you want to contact us about anything in this policy or for any further query, please contact our Data Protection Officer (DPO) at dataprotectionoffice@fcagroup.com