Definitions and Interpretation
In this Policy the following terms shall have the following meanings: “Application” means this application known as “Vroom Services Limited” that you are currently using. “Data” means collectively all information that you submit to us via the application. “Data Controller” means a person or persons recruited by us for the purpose of controlling and processing data collected from the users. “Personal data” means collectively all information we collect from you, from which you may be personally identified. Typically, this may include your name, address, telephone number(including mobile number), private car details, credit card information, email address, age, sex and family status, but may also include other information such as lifestyle, hobbies and interests. Please be assured that we will not collect any personal data from your visits to our site unless you provide this information voluntarily or obtained from the users of the application by the application itself or through other third party. “Users/customer” means any third party that accesses the application and is not employed by us and acting in the course of their employment
Services used in collecting personal data
Apart from the application itself, Personal Data is collected using the following services:
- Registration and authentication
- Location-based interactions
- Access to third party services' accounts
Personal Data: Geographic position
Personal Data: Cookie and Usage data
Access to the Facebook account
Permissions: About Me and Email
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. We take reasonable precautions to keep your personal data secure, and require third party Data Processors to do likewise. All personally identifiable information is subject to restricted access to prevent modification, unauthorized access or misuse. Please note, however, that we may release your personal data if required to do so by law, or by search warrant, subpoena or court order.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information.
Scope – What does this policy cover?
Types of Data/information collected
Mode and place of processing the Data
Methods of processing
Data of users are processed in a proper manner and appropriate security measures shall be taken to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Data Controller at any time.
Place of Processing and Storing Data
The Data is processed at the Data Controller's operating offices and in any other places where the parties involved with the processing are located. For further information regarding location of storage of data, you are advised to contact the Data Controller.
- The Data is kept for the time necessary to provide the service requested by the Users, or stated by the purposes outlined in this document, and the users can always request that the Data Controller suspend or remove the data.
- We only keep your data for as long as we need to in order to use it as described here in and/or for as long as we have your permission to keep it.
- Data security is of great importance to us, and to protect your data we have taken suitable measures to safeguard and secure any data we hold about you.
- Steps we take to secure and protect your data include:
- Using our owned server to store the data
- Data is encrypted
- Only authorized person has access to use the data
The use of the collected Data
The Data concerning the Users is collected to allow us to provide our services, as well as for the following purposes:
- Access to third party services' accounts, Analytics, Location-based interactions and Registration and authentication.
- When you supply personal information about yourself for a specific purpose, we use the information for only that purpose such as, to provide the service or information you have requested.
- We use your information to send you marketing communications and to communicate with you about our Services and let you know about our policies and terms.
- We may use personal data you submit to us when ordering goods or services from us for the purpose of fulfilling that order, and it may be necessary for us to share such data with third parties such as the card payment services provider or carrier of goods.
- Your contact information may also be used to contact you when necessary in order to respond to your inquiries regarding the service. Every communication with us is held in strictest confidence and handled with integrity. None of your personal information will be disclosed without you taking affirmative action to disclose this information except to facilitate the service as may be required
- We will never sell, share, rent, or trade any personal information about any of our users to any third parties for their promotional or other purposes. We will never sell, share, rent, or trade your email address or any other contact information to any third parties for promotional purposes or any other purposes.
- We will not share any information relating to your situation with any third parties, except when required by law. Furthermore, we will not share any information from our services with any third parties, except when required by law. Any such information which you provide to us or is transmitted over our servers will remain completely confidential.
- The User's Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this Application or the related services.
- We may disclose personal information when required by law or in the good-faith belief that such action is necessary in order to conform to the edicts of the law or comply with legal process served on us.
- Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet.
- The User declares to be aware that the Data Controller may be required to reveal personal data in such cases or upon request of public authorities.
Additional information about User's Personal Data
System Logs and Maintenance
For operation and maintenance purposes, this Application and any third party services may collect files that record interaction with this Application (System Logs) or use for this purpose other Personal Data (such as IP Address).
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time.
The rights of Users
Users have the right, at any time, to know whether their Personal Data has been stored and can consult the Data Controller to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, canceled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Besides, users have the right to withdraw his consent to the processing of his personal data to which he has previously consented, to obtain a copy of the personal data which we hold about users subject to any reasonable fee, to object to the processing of your personal data for the purpose of direct marketing and to have incorrect personal data we hold about users corrected. Requests should be sent to the Data Controller at the contact information set out herein: @gmail.com It is to be noted that this Application does not support “Do Not Track” requests. To determine whether any of the third party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Erasure of Personal Data
Users may request that we erase the personal data we hold about them in the following circumstances:
- It is no longer necessary for us to hold that personal data with respect to the purpose for which it was originally collected or processed;
- The user wishes to withdraw his consent to holding and processing their personal data;
- The user objects to us holding and processing their personal data;
- The personal data has been processed unlawfully;
- The personal data needs to be erased in order for the Company to comply with a particular legal obligation;
Unless we have legitimate grounds to refuse to erase personal data, all requests for erasure shall be complied with, and the users shall be informed of the erasure, within one month of receipt of the data subject’s request (this can be extended by up to two months in the case of complex requests, and in such cases the users shall be informed of the need for the extension).
Objections to Personal Data Processing
- Users have the right to object to us processing their personal data based on legitimate interests (including profiling), direct marketing (including profiling), [and processing for scientific and/or historical research and statistics purposes].
- Where users object to us processing their personal data for the above mentioned purposes, we shall cease such processing forthwith unless it can be demonstrated that our legitimate grounds for such processing override the users’ interests.
Data Breach Notification
All personal data breaches must be reported immediately to us along with details of the measures taken, or proposed to be taken, by us to address the breach including, where appropriate, measures to mitigate its possible adverse effects so we can initiate necessary action for protection of such data.