Rentsyst Ltd Privacy Policy

1. Who we are

Rentsyst Ltd (hereinafter "Rentsyst", "we", "us") provides cloud-based fleet and car rental CRM services. Our registered office is at 4 Ionias Street, 6036 Larnaca, Cyprus. We are committed to protecting your privacy and data security in full compliance with EU regulation implemented on 25th of May 2018 - "General Data Protection Regulation" or often referred to as "GDPR".

2. Personal data we collect

We strive to provide you with excellent customer service and a pleasant experience in relation to our vehicles and/or services provided.

Your personal data includes information such as:

• Identity & contact Information: name, date of birth, email, phone number, address
• Emergency contact information
• Driving license number and passport information
• Photographs that you submit (i.e. of you or your driving license)
• Vehicle rental information: booking history, rental contracts, transaction records
• User account details and information that you provide on your marketing preferences
• Information about relevant health conditions that you may have

3. How we use your personal data and for what purpose

We may use the information that we collect from you to:

• Process any enquiry that you make and be able to provide sufficient customer service
• Be able to enter into contract with you and assist you throughout the contract regarding the services that we supply (i.e. reserving and renting vehicles)
• Communicate important information with you such as alerts about your rental
• Be able to assist emergency services in the event of a road accident by sharing information with them about your vehicle
• Comply with the legal obligation to share your information with government and regulatory authorities when necessary
• Disclose your information to third parties when necessary to protect our business rights such as in the event of outstanding bills, to allow us to limit any damage that we may sustain and to enforce the terms of any contract made
• Send you any relevant marketing communications in the event that you consent to this or it is permitted by law
• Be able to see to any special requirements as a result of any disclosed health conditions
• For marketing purposes and for future offers and deals that Rentsyst Ltd may have
• With your consent to enable us to use your information to compile statistics that could be used to improve customer service and products for future reference

4. Retention of your personal information

We retain your personal information for as long as we need to fulfil our business purposes, as seen below:

• Marketing purposes: we keep your personal information relating to cookies and/or any other online identifiers, email subscriptions and/or any other subscriptions that can be related directly or indirectly to marketing purposes, for up to 3 years after your last interaction with us and/or from the day you provide us with your personal information.
• Rental transactions: any information relating directly and/or indirectly with your rental agreement (signed documentation, signed declaration(s), payment records etc) will be kept by us for up to 3 years after the day you return the leased vehicle to us.
• Customer service related queries: general queries will be kept for 3 years and any complaints will be kept for 3 years.
• Disputes & law enforcement: if we are involved, either directly or indirectly, in any sort of litigation or governmental or regulatory investigation, then all and any information we have in our possession will be kept until the end of the litigation or investigation procedures and for 3 years after that. If we are obliged to provide any sort of personal and/or sensitive information of yours that we have in our possession to law enforcement bodies, after the issuance of any Court Order and or according to the rules and regulations of any Law of the Republic of Cyprus then we will keep all of your personal information relating to the matter in question for 3 years.

5. Your rights

According to the new GDPR Regulation your rights include:

• Having access to your personal information
• The right of rectification
• Erasure of your personal information without undue delay
• The right to object to the processing of personal information
• Withdrawal of your consent at any time
• The restriction of certain data processing
• Receive a confirmation as to whether your data is processed
• Receiving your personal data in a structured, machine readable format

You also have the right to opt out of marketing communications by following the instructions in the communication that you receive from us.

6. Cookies

When using the Rentsyst website cookies are automatically placed on your computer's hard drive. Cookies are a way of storing your personal information making it easier to tailor to your preferences, and having easier access to the website by remembering your log-in details.

There are different types of cookies used for different purposes. These include necessary cookies which are required for the function of this website, analytics cookies which enable us to monitor use of the website for an improved user experience, and advertising cookies which are used by advertising companies to tailor ads to your interests.

You have the right to object to certain cookies being used when browsing this website. If you wish to review the cookie options click "Change Settings".

7. Purpose & legal basis of processing

We process data to:

• Provide core services (booking, reservation, fleet management)
• Facilitate communication (alerts, confirmations, service updates)
• Comply with legal obligations (emergency services, regulatory requests)
• Improve user experience (with your consent)
• Protect our legitimate business interests (e.g. debt collection)
• Support marketing and analytics (with opt-in consent)

Legal basis: contractual need, legitimate interests, user consent, or legal obligations.

8. Data transfer & security safeguards

• Encryption: data is encrypted in transit using TLS/SSL
• Data transfers: any transfer of personal data outside the EEA is protected by Standard contractual clauses (SCCs)
• Access control: multi-factor authentication (MFA) is available; secure password policies enforced
• Monitoring: continuous logging, intrusion detection, and incident alerting mechanisms are in place
• Audit logs: we do conduct internal security reviews and use automated vulnerability scanning tools to ensure our platform remains secure

9. Continuous improvement

Security and compliance are embedded into our processes – from feature development to operations. We undergo regular internal reviews and consider external audits to enhance our protection measures.

We apply security patches and updates on a regular basis, following industry best practices. Critical patches are applied immediately once released, while standard updates are implemented as part of our scheduled maintenance cycle to ensure systems remain secure and up to date.

10. Contact

If you wish to request the about Rentsyst Privacy Policy, please contact:

Rentsyst Ltd

4 Ionias Street,

6036 Larnaca, Cyprus

Email: gdpr [@] rentsyst.com

Tel: +357 70002300