GDPR

1. Definition of Personal Data

Personal data encompasses any information that relates to a specific or identifiable individual (referred to as the "data subject"). An identifiable person can be determined through direct or indirect means, particularly through identifiers such as names, identification numbers, geographic location information, online identifiers, or characteristics relating to physical, physiological, genetic, mental, economic, cultural, or social attributes.

Common examples include: full names, residential addresses, electronic mail addresses, telephone numbers, and similar identifying information.

2. Understanding Data Processing

Data processing refers to any action or series of actions performed on personal information, whether automated or manual, including but not limited to: acquisition, documentation, systematic organization, structural arrangement, preservation, modification, access, review, utilization, sharing through transmission, distribution or other disclosure methods, correlation, limitation, deletion, or permanent destruction.

3. Information Collection Practices

We gather exclusively the information essential for our operational purposes, and only with your explicit authorization. For details regarding cookie usage, please review our Cookie Policy.

3.1. Personal identification information: given names, family names, birth dates, driver's license details, tax identification numbers, government-issued identification.

3.2. Contact and delivery information: mailing addresses, electronic mail addresses, telephone contact numbers.

3.3. Financial transaction data: credit and debit card information, PayPal account details, banking information.

3.4. Digital identification data: user account names, internet protocol addresses.

4. How Do We Use Your Data?

Your data is processed by authorized personnel of the Company or third parties, which provide services to the Company, for the following purposes:

4.1. Submission offer: car leases.

4.2. Car Hire: contractual relationship, maintenance, legal obligations.

4.3. Car Purchase: used car agreements.

4.4. Compliance with Applicable Laws: Tax, Insurance.

4.5. Creating a User Account.

4.6. Send a newsletter: promotional activities, offers.

4.7. Website Information Services.

4.8. Privilege programs for Customers: benefits, discounts.

4.9. Communication: responding to queries.

4.10. Finding a Job: evaluating qualifications.

4.11. Online Promotions/Contests.

4.12. Participating in Online Market Surveys/Questionnaires.

5. For what purpose do we process your Data?

We process your data for products and/or services provided, including but not limited to:

• a. Evaluating bids and concluding leases.
• b. Managing rental cars (e.g., communication, updating availability, contract performance, maintenance, refurbishing, repair, replacement, vehicle pick-up), sending necessary documents for purchased products/services, managing debts, and making repayments.
• c. Compliance with legal obligations (e.g., labor tax, insurance legislation).
• d. Checking, improving, and adapting to user preferences and choices regarding products/services.
• e. Sending email information about the Company's products/services.
• f. Customer satisfaction research, promotion of products/services, and sending newsletters.
• g. Evaluating applications and resumes for recruitment.
• h. Communication during competitions.

6. What is the legal basis for your data processing by the Company?

• The terms of the contractual relationship.
• User consent, where appropriate.
• The Company's obligations arising from the law (e.g., tax, labor, insurance laws).
• The legitimate interest of the Company.

7. Who are your Data Recipients?

The Company guarantees that it will not transmit, notify, or concede data to third parties (other than those mentioned) unless required by applicable law or public/judicial bodies/authorities. Access is strictly limited to the Company's staff and affiliates who process data as Joint Managers or as Executors of Processing on the Company's behalf and according to its instructions.

Indicative data recipients include:

• The company that issues employee payroll.
• Insurance companies working with the company.
• Affiliates and users of the company's brands and systems.
• Cooperating tourist agencies regarding car hire.
• Companies providing repair, refurbishing, and maintenance of leased vehicles to customers.
• Chartered Accountants Companies that audit the financial statements.
• Partner companies providing road assistance to drivers using company vehicles.
• Companies managing the global car booking system (located in or outside Europe), with whom information related to car rental activities (including personal booking information) will be shared. This data will not be used for any other purpose without prior information and consent.

8. How do we ensure that Executors & Executors of Processing process your Data?

Executors are contractually bound by the Company to:

• Keep confidentiality.
• Not send data to third parties without the Company's permission.
• Take appropriate security measures.
• Comply with the legal framework for personal data protection, specifically Regulation 679/2016/EU (GDPR).

Executives may employ other persons called Executors, and the controller must authorize all or partial processing. The Subordinate (Executor) has the same obligations and rights as the Executor, as set forth in this Policy, and is fully responsible within the scope of assigned responsibilities.

9. When do we delete your Data?

• Data is retained only as long as necessary to fulfill the purpose for which it was disclosed and in accordance with applicable laws.
• Consent for newsletters is kept as long as newsletters are sent, unless the user chooses to terminate.
• CVs submitted by email are kept for two (2) years, unless a shorter period (minimum six months from submission) or deletion is requested.
• Personal data for Customer Benefit Programs is deleted when the program expires, or the user is excluded, or expresses a desire to stop participating.
• Data processed during participation in competitions and/or market surveys is maintained as long as necessary for the completion of the competition or survey and is subsequently deleted.
• Note: The policy for data collected by Cookies is also followed.

10. Is Your Data Safe?

The Company has taken all appropriate organizational and technical measures, continually improved based on technological advancements, to secure and protect data from any accidental or unintentional processing.

11. What are your rights?

Access to Personal Data: Right to inquire if data is processed, the purpose, type of data held, recipients, storage duration, whether automated decisions are made, and other rights (correction, deletion, limitation of processing, reporting to the Data Protection Authority).

Right to delete/forget about: Right to request data deletion if it's no longer necessary for processing purposes or if consent (the sole legal basis) is revoked.

Right to portability of your Data: Right to receive provided data or request its forwarding to another controller.

Right to limit editing: Right to request limitation of data processing while objections are pending.

Right to object and withdraw consent: Right to object to data processing (unless compelling and legitimate reasons prevail) and to withdraw consent at any time with future effect if consent was given for collection, processing, and use of personal data.

12. How can you exercise your rights?

You can exercise your rights by sending a letter to our postal address: Lassi Argostoli Kefalonia, Greece P.C. 28100, or an email to info@neonracketpro.com, with the title "Exercise of Right."

Newsletter consent withdrawal can be done via a link at the bottom of each newsletter.

13. When Do We Answer Your Requests?

We will answer your inquiries free of charge within one month, with a possible two-month extension for complex requests. A reasonable fee may be charged for unfounded or excessive claims.

14. Where can you turn for the development of your Requests?

For inquiries about request progress, you can contact us by telephone +30 26710 26001 or email info@neonracketpro.com.

15. What is the law applicable to the processing of your Data by us?

Greek law, in accordance with GDPR and other national/European laws, is applicable. Disputes are to be handled by locally competent Greek Courts.

16. Where can you appeal if we violate applicable law to protect your Personal Data?

You can file a complaint with the Privacy Authority at Kifissias Post Office 1-3, 115 23, Athens, with telephone 210 6475600 and email contact@dpa.gr.

17. How will you be informed of any amendments to this Policy?

Policy updates will be posted on the site and users will be notified of significant changes. We encourage you to regularly review this policy.