1. The data controller
imove is the data controller for the personal data described in this privacy statement. imove is a Norwegian technology company headquartered in Bergen.
2. What personal information do we collect?
When you become a Customer at imove, we collect the following personal information about you:
Name, telephone number, email address and postal address.
Date of birth and social security number
Copy of driver's license when handing in / handing out a car
Payment information, such as card number and what payments you have made.
Usage pattern: ie information about which car you are interested in, which cars you have rented, how often you use imove services, how often you change cars etc.
Technical data: for example IP address, browser, operating system and information about type of PC / mobile device.
Vehicle data: If you become an imove customer, we collect data from the car you subscribe to through the car's telematics systems. This is not directly related to you as a customer, but to the actual use of the car (ie regardless of whether it is the customer who drives the car) e.g. data related to driving, such as the car's geographical location, usage data (kilometers, driving profile (speed, etc.)) and the like. imove will also have access to data from any charging chip, fuel card, toll chip and any other additional services provided by imove.
Most of the information we have about you, we receive directly from you. Information on usage patterns, vehicle data and technical data is generated in our systems.
3. What do we use personal information for?
We use personal information about you for the following purposes:
We use contact information, birth number, payment information, copy of driver's license, credit information and usage pattern and vehicle data in connection with entering into and fulfilling customer agreement with you and administration of customer relationship. The legal basis for this use is that it is necessary to enter into and administer our customer agreement with you. We have a factual need to obtain credit information in order to reduce our financial risk when entering into a subscription agreement.
We use payment information and vehicle data to collect payment from you for the services you use with us. The legal basis for this use is that it is necessary to enter into and fulfill our customer agreement with you.
We use contact information to send you information and marketing about imove. If you are an existing Customer of imove, we are allowed to send you marketing about products that are similar to the ones the customer relationship is based on. In that case, the legal basis is our legitimate interest in keeping you updated on imove. If you do not have an existing customer relationship with imove, we will only send you marketing if you have agreed to this.
We use usage patterns and vehicle data to further develop and improve our services, including finding out which cars are most popular. The legal basis for this use is our legitimate interest in further developing the imove service.
We use payment information for accounting purposes. The legal basis for this use is our legal obligations in the Accounting Act.
We use vehicle data for service and maintenance purposes, vehicle and service analysis, safety and pick-up / drop-off of a car. The legal basis for this use is that it is necessary to fulfill our agreement with you and our legitimate interest in ensuring security in our services and in preparing analyzes and statistics in order to further develop our products.
We will also be able to use personal information for other purposes that are not incompatible with those mentioned above, such as. in connection with claims or legal disputes, or in connection with acquisitions or sales of the business.
4. How long do we store your personal information?
Personal information will not be stored longer than is necessary to fulfill the purpose of the processing or statutory obligations we have. If you have a customer relationship with imove, we will store personal information about you as long as the customer relationship is active and for a period of 3 years after, in accordance with the applicable limitation periods. We store payment information for 5 years in accordance with the Accounting Act.
We will delete personal information about you if you ask us to do so, unless we need it to store the information for the purposes described above or we are legally obliged to store the information.
5. To whom do we provide personal information?
We will share personal information about you with service providers, e.g. to the service workshop or other service partners, to the extent necessary to deliver products and services to you.
We may use IT / software vendors that process personal information on our behalf as our data processors. In that case, we will enter into data processor agreements with such suppliers which ensure that they do not process the personal data for purposes other than those described in this privacy statement.
We currently do not transfer personal data outside the EEA. If in the future we want to transfer personal data outside the EEA area, e.g. because we use suppliers established there, we will ensure that information about you is secured in a sound manner, either by EU-approved data transfer agreements with the recipients, or by ensuring that the recipients have submitted to EU-approved certification schemes. In that case, we will inform you of such transfer by updating this privacy statement.
You have the right to access and correct or delete personal data, as well as limit the processing of your personal data. You also have the right to protest against the treatment. You have the right to request that your information be transferred to you or to another company in a structured, commonly used and machine-readable format (data portability). Furthermore, you have the right to withdraw any consent you have given us.
You also have the right not to be the subject of a decision that is based solely on automated processing that has legal effect for, or in a similar way to a significant degree, affects you.
Please note that these rights are subject to legal restrictions. We will respond to your inquiry as soon as possible, and typically within one month at the latest. Questions or requests for access to information registered about you can be directed to: firstname.lastname@example.org or possibly by post to imove AS, Vestre Strømkaien 7, 5008 BERGEN. If you believe that we process personal data in violation of the law, you can file a complaint to the Norwegian Data Protection Authority: email@example.com.
7. Updating the privacy statement
imove will sometimes need to update this privacy statement. If we make changes of great importance, we will notify you of these changes by e-mail, or by informing about this on our website imove.no. We recommend that you check the privacy statement from time to time, so that you always have up-to-date information about what personal data we process, the purpose of the processing, and with whom we share the information. We will always report when the privacy statement was last updated at the top of the privacy statement.
8. Information security
We take information security seriously and have established appropriate security measures to protect the confidentiality, availability and integrity of your personal information. Access to your personal information is limited to employees who have a service need for such access. We will provide training to employees and third parties where relevant, to promote awareness of imove AS's guidelines and routines for privacy.