Northgate Privacy Policy

The security and privacy of your personal information is very important to us and we are committed to protecting it.

This Privacy Policy explains how we collect and use your personal information and gives you information on how to contact us to request further information or exercise your rights under data protection law.

Last revised: March 2023

 

INTRODUCTION

In this Privacy Policy “we, us or our” means Northgate Vehicle Hire Limited.  We are  the “controller” of your personal data (this means we are  responsible for deciding why we hold and use personal information about you).

In this Privacy Policy, references to “you” means the individual whose personal information (as defined below) we collect, use and process, whether this information is collected on the Site (as defined below), in person, by telephone or otherwise and will apply whether you provide us with the personal data yourself or it is provided by a third party.  By providing us with information about another person you are confirming you have the legal right to provide their information to us and that they understand how their information will be used.

In this Privacy Policy, references to the "Site" means northgatevehiclehire.co.uk

This Privacy Policy may change from time to time and therefore you should review it regularly.  This policy was last updated in March 2023.

If you have any queries about this Privacy Policy including any requests to exercise your legal rights, you can contact us by email at DataSecurity@redde.com or by writing to Data Protection, Northgate Vehicle Hire, Northgate Centre, Lingfield Way, Darlington, DL1 4PZ.   We are registered with the Information Commissioner’s Office, with registration number Z6536698.

 

THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

Under data protection law, we can only use your personal data if we have a lawful basis to do so. 
We use your information in the following circumstances:
1) Where we process personal information about you in order to fulfil any order you place with us or otherwise to perform our contract with you;
2) For any purpose that you have consented to, where we have asked for your consent in the box that pops up when you first visit our Site and/or as part of the ordering process;
3) Where we are required to do so to comply with our legal and regulatory obligations; and
4) Where we have a legitimate interest in processing your personal information, provided your interests and fundamental rights do not override our legitimate interest. This includes where we may wish to contact you about products or services, market to you, or collaborate with others to improve our services.

 

THE PERSONAL INFORMATION WE COLLECT AND HOW IT IS USED

Personal data or personal information means any information relating to an identified or identifiable living individual.  It does not include where the identity has been removed (anonymous data) and it would not be possible to identify an individual from this anonymous data.  It is important that the personal information we hold about you is up to date and accurate, please contact us if your personal data changes this includes, but is not limited to any change of name, address or contact details.

The personal information we collect and hold about you includes:

  • name, address, telephone number (including mobile phone) and email;
  • the information included in any documents you send to us (such as your driving licence and passport), or when using our Site (including via your customer portal, if you use one), including to search for hire vehicles, place orders or report problems with the Site or an order;
  • information you complete in relation to customer satisfaction surveys;
  • your occupation or the nature of your business (if applicable);
  • details about the vehicle to be hired;
  • Bank details;
  • information obtained by credit reference agencies (further information is set out below);
  • information provided to us by third parties with whom we are working (such as business partners and brokers, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers). We will notify you when we receive information about you from them and the purposes for which we intend to use that information, if different from the purposes set out in this Privacy Policy; details about your marketing preferences and interests; debit or credit card details or the bank account details from which direct debits under your vehicle hire will be collected;
  • information which we collect about you when you visit our Site:
    • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
    • information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our customer service number;

We may use any personal information provided by you or collected by us in connection with the relevant vehicle hire agreement made via the Site, or otherwise as a result of our dealings with you, including for the purposes of:

  • allowing you to register to use our Site, fulfilling our contractual obligations to you (or enforcing our contract terms against you) and providing you with the services you require;
  • to customise the Site according to your interests;
  • to respond to any requests for advice or information and otherwise provide customer support to you;
  • assessing and evaluating the quality of the vehicle hire or other services we have supplied (including the use of mystery shoppers and satisfaction surveys);
  • complying with legal and regulatory obligations and best practice standards (including carrying out credit reference checks and taking steps to comply with our obligations under anti money laundering regulations and the UK financial sanctions regime by screening details against and checking appropriate sanctions lists);
  • fulfilling the requirements of our insurance policies (including the requirements of our insurance providers);
  • to send you information relevant to our Site, such as informing you about changes to this Privacy Policy or maintenance to our Site;
  • to send you a password reset link if you tell us that you have forgotten your password;
  • as part of our efforts to keep our Site safe and secure;
  • in case we have any queries concerning any aspect of your use of our Site;
  • to ensure that content from our Site is presented in the most effective manner for your device;
  • to allow you to participate in interactive features of our Site when you choose to do so;
  • to administer our Site and for internal operations, including troubleshooting, data analysis, testing and research; and
  • to measure or understand the effectiveness of advertising we serve to you and others.

You have the right to ask us to restrict processing of your personal data and a right to object to our processing of your personal data. If you exercise either of these rights you may not be able to make full use of our Site and/or we may not be able to provide you with information that you have requested we provide to you.

We will take a copy of your driving licence if you are the person hiring a vehicle from us (either in your own right or on behalf of an organisation) when the vehicle hire commences.  We will also need a copy of the driving licence of all other named drivers.  We retain a copy of the driving licence for the purposes set out above.

Depending on your marketing preferences, we and other companies within our group may also use your personal information to contact you by e-mail, telephone, post, SMS and other electronic means (including social media), with information about services (including improvements we have made to our services), industry news, industry relevant legislation changes, promotions and offers that may be of interest to you.  We may use your personal information in order to establish the services, promotions and offers that are likely to be of interest to you.  Where we need your consent for marketing activity, we will ask for this separately and clearly and we will market in accordance with the preferences you have indicated to us.  We use a third party provider to deliver our marketing communications by email and we gather statistics around email opening and clicks using industry standard technologies including pixel trackers to help us monitor and improve email communications.

Please see the "Rights in Relation to Personal Information section" for information as to how to change your marketing preferences. You can also choose to stop receiving marketing e-mails or SMS messages from us by clicking on the-opt out link in the SMS or e-mail and following the relevant instructions. Any changes you make to your communication preferences will be processed by us within two working days of our receipt of your instruction; however, you may still receive non-essential communications in the intervening time between the submission of your change and when we process that change.

We may anonymise data about our Site users generally and use it for a range of purposes, including ascertaining the general location of users. This anonymised data is incapable of being used to identify anyone personally. 

We may also aggregate user information so that it is impossible from the aggregated set of data to identify anyone individually, which enables us to analyse market trends. 

 

DATA SECURITY

We have put in place appropriate technical and security measures to prevent unauthorised or unlawful access to or use of, or accidental loss of or destruction or damage to your information.   Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. You are responsible for preventing unauthorised access to your password and to your computer and we ask you not to share a password with anyone. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know (see “sharing with third parties” below). They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data including by taking the security measures in accordance with applicable data protection law, we cannot guarantee the security of your data transmitted to our Site. Once we have received your information, we will use strict procedures and security features to protect it.

TRANSFERRING YOUR PERSONAL INFORMATION OUTSIDE THE UK AND EEA

To deliver services to you, it is sometimes necessary for us to transfer or store your personal information at, a destination outside the UK or the European Economic Area.  Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where: 

  • the UK government (or where the EU GDPR applies, the European Commission) has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an “adequacy decision”);
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for individual data subjects.  The safeguards will usually include using legally approved standard data protection contractual clauses which give personal data the same protection as in the UK/EEA;   
  • a specific exemption applies under data protection law.

If you would like further information about data transferred outside the UK/EEA, please contact us via the details provided above. 

 

SHARING WITH THIRD PARTIES

We share personal information with third party service providers we use to help deliver our services and other third parties we use to help us run our business, for example, we may use third parties to assist us with providing the administration for running our Site, to analyse data and to provide us with marketing or customer service assistance.  We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect it.  We also impose contractual obligations on service providers to ensure they can only use your personal information to provide their services to us and ensure their staff have made appropriate commitments of confidentiality.

Where necessary, we may also share your personal information with:-

  • Our group companies (all of whom use your personal information in accordance with this policy and their statutory obligations) including Redde Northgate Plc, a group company which provides a range of group operational support services to us, including HR, IT, legal, finance and taxation, risk and compliance advice and assistance.
  • If anyone buys us or any of our group companies that hold your personal information then personal information about you will be transferred to the buyer. This will also be the case if instead of buying the relevant group company the buyer simply buys all or most of the business assets,   however, the recipient of the information will be bound by confidentiality obligations;
  • law enforcement agencies, regulatory bodies and other third parties (including but not limited to the Driver and Vehicle Licensing Agency) if: we are under a duty to disclose or share your personal information in order to comply with any legal obligation (including but not limited to receipt of a valid request for disclosure of personal information from an official organisation, including a law enforcement agency or police force, in the interests of preventing or detecting crime or in connection with a court order); in order to enforce our website terms of use or our terms and conditions of hiring vehicles, or any other agreement we have with you; or to protect the rights, property or safety of us, our customers or others;
  • If you choose to enquire about fuel cards, the vehicle inspection app or SafeDriver fleet solutions products, we will share your personal data with the provider of these products. The provider will also be a controller of your personal data, please read their privacy notice for information about how these organisations use your personal data, as this may differ from this Privacy Policy.
  • We work with trusted third parties to deliver our telematics and FleetUser products.
  • our insurers or representatives of the insurer (for example claims handlers, loss adjusters or solicitors) to comply with our insurance obligations;
  • legal, financial and other professional advisors, debt collection agencies or other third party organisations to assist with the recovery of amounts owed to us by you or the organisation you represent under any agreement between you and us and other organisations that have a specific role in law such as statutory and regulatory bodies;
  • Other third parties or individuals if you have given us permission to do so or they are acting on your behalf;
  • credit reference agencies (for further information see the "Credit Reference Check Policy" below).

 

VEHICLE TRACKING INFORMATION

We may install devices in your vehicles which track the whereabouts of the vehicle and provide other information about the vehicle (including for example the way it is driven).  These devices are either supplied directly by us (“Northgate Telematics Devices”) or by a third party where requested by an account customer (“Third Party Tracking Devices”).  If you are unclear as to the basis on which tracking devices are supplied please contact us using the details above.

We may disclose tracking information collected by these devices to our group companies, the relevant hire or fleet management customer and to law enforcement agencies, regulatory bodies and other third parties. We may retain and use aggregated and anonymised telematics data for the purposes of demonstrating and improving our services, for data analysis and other business and commercial purposes.

Northgate Telematics Devices
Where we provide the telematics devices, we use the devices to track the location and mileage of the vehicles and to analyse the way the vehicle is driven. We use this data to help us improve our business and where applicable to help us manage our customers' vehicle fleets. For example, we use:

  • location information to enable us to identify availability of vehicles across our depots;
  • mileage information to ascertain when routine maintenance is required on vehicles;
  • information about the way a vehicle is driven in order to manage our fleet, improve efficiency and improve the service we provide to customers;
  • information about the way the vehicle is driven if an incident occurs in relation to that vehicle (for example if an accident occurs) to assist with our internal investigations and to assist our insurers in relation to the incident (if applicable).

Our fleet management customers and hire customers may have direct access to any telematics information from devices in vehicles leased to those customers and use it for their own purposes which may include identifying training requirements for drivers and improving the efficiency of their fleet of vehicles.  Please ask the business on whose behalf you are driving our vehicle directly for further information about the purposes for which they use the information.

Third Party Tracking Devices supplied on behalf of account customers

Third Party Tracking Devices are installed on request from the relevant account customer.  Our use of the information collected by the Third Party Tracking Devices is on behalf of the relevant account customer who will dictate what information is collected.  This may include, for example, mileage and location information and other information about the vehicle (including the way it is driven).  The provider of the Third Party Tracking Devices will disclose tracking information collected by these devices directly to the relevant account customer.  We do not use this tracking information for our own purposes and the data controller in relation to this information is the relevant account customer. To the extent that we access and use any of this information we do so on behalf of the account customer as a data processor.  The relevant account customer is responsible for making you aware that a device is included in any vehicle that you drive which is hired from us and the purposes for which the account customer will use the information from the Third Party Tracking Devices.  For further detail about how this information will be used please contact the relevant account customer directly.  You should familiarise yourself with their privacy notice and data sharing arrangements as this may differ from this Privacy Policy.

 

Third party websites

Our site may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites and such websites are not governed by this Privacy Policy. We do not accept any responsibility or liability for the contents of any linked websites.

You should exercise caution and look at the privacy policy applicable to the website in question. Communication, engagement and actions taken through external social media platforms on which we may participate on are subject to the terms, conditions and privacy policies held with each social media platform respectively.  We will never ask for personal information through social media platforms and we encourage users wishing to discuss sensitive details to contact us through primary communication channels such as by telephone or email.  Our site may use social sharing buttons which help share web content directly from web pages to the social media platform in question. You are advised before using such social sharing buttons that you do so at your own discretion and note that the social media platform may track and/or save your request to share a web page through your social media platform account.

 

RIGHTS IN RELATION TO PERSONAL INFORMATION

You have a number of rights under data protection law in respect of your personal information.  The rights available to you depend on our reason for processing your information:
i) a right to request from us access to your personal data.  You have the right to ask us for copies of your personal information.  This is known as a “subject access request” (SAR).  You can always rely on this right, but there are some exemptions, which mean you might not always receive all the information we process;
ii) a right to request rectification of your personal data if it is inaccurate or incomplete;
iii) a right to request erasure of your personal data in certain circumstances;
iv) a right to ask us to restrict processing of your personal data and a right to object to our processing of your personal data (but if you do either of these, it may impact on your use of our Site and/or we may not be able to provide you with information that you have requested us to provide to you);
v) a right to move or port personal data.  This only applies to information you have given us. You can ask us to transfer this personal data directly to another controller, where technically feasible;
vi) a right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly affects you, and;    
vii) a right to lodge a complaint about how we handle your personal data with the Information Commissioner’s Office.

For further information in your rights, including the circumstances in which they apply, please contact us, or you will find guidance from the Information Commissioner’s Office on the website www.ico.org.uk

If you want to exercise any of the above rights you should contact us using the contact details in the Introduction section above.  We may need to request specific information from you to help us to confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.  We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

 

HOW LONG WE KEEP PERSONAL INFORMATION

If you agree to be added to our mailing list, we will keep your personal information for that purpose unless and until you tell us that you want to unsubscribe or be removed from the list.  If you advise that you do not want to be added to our mailing list or you ask to be removed, we will delete your personal data (aside from keeping a record that you have asked us not to send you marketing information).
Other personal information will be stored only for so long as we continue to need it, which will vary depending on the nature of the information and the purposes for which we are processing it. We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. Any information we hold will be protected by the terms of this Privacy Policy and, once no longer required and we have no further legitimate reason to retain it, it will be securely destroyed.  In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

 

COOKIES

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular website. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our site in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our site.
Further information identifying the name of, uses of information collected by, and expiry dates of the cookies used by our Site can be found on our cookie policy page.

 

CREDIT REFERENCE AGENCIES

In order to process your application we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations.
The identities of the CRAs we use, and the ways in which they use and share personal information, are explained in more detail at http://www.experian.co.uk/crain/index.html and https://www.creditsafe.com/gb/en/legal/privacy-policy.html.

 

QUERIES

If you have any queries about the way we handle personal information please contact us using the contact details in the Introduction section above.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Get in touch

Call us: 0330 012 5813

Business Sales and Enquiries - weekdays 8.00am - 5.30pm