ALD SA understands your concerns regarding the confidentiality of your personal information. Below we describe how we acquire and use that information and outline your rights. Please read this carefully, so that the process is as fair, transparent and secure as possible.

The following principles are central to how we process your personal information:

• •
  Transparency and fairness: When we collect and process your personal information, we inform you as to who collects and receives these data, and the reasons for this. When required by law, we always seek your prior consent (e.g. before collecting any sensitive information or sending any direct marketing material). We never use your personal information for purposes that are incompatible with the purposes outlined here.
• •
  Legitimacy: ALD Automotive does not collect or process personal information without a lawful reason. We use your personal information only for appropriate business purposes (e.g. to provide services, manage relationships with customers, manage customer vehicle fleets, and perform accurate invoicing, or for marketing activities, profiling to better serve customers, to conduct satisfaction surveys or draft reports and comply with our legal obligations).
• •
  Minimization: We only collect the personal information strictly necessary for data processing, as set out in this document. We collect sensitive information only where relevant. We take all reasonable measures to ensure that your personal data on record is accurate, complete and up to date.
• •
  Privacy: We endeavor to ensure privacy when implementing personal data processing. To this end we also carry out privacy impact assessments to ensure that our safeguards are appropriate and that your information is protected.

ALD SA is organized and existing under the laws of France, whose registered offices are: 1-3 Rue Eugène et Armand PEUGEOT 92500 Rueil Malmaison, France, with registered number 417689395 (R.C.S Nanterre).

This Privacy Policy only relates to processing undertaken by or on behalf of ALD. Whilst our websites may contain links to other third party websites, we do not accept any responsibility or liability for those third parties' policies in relation to any personal data or their collection or processing of any personal data.

ALD SA and each of its customers carry out, as data controllers or even joint data controllers, a few processing operations involving personal data that are necessary for the performance of the lease contracts and the proper conduct of their respective activities. In this respect, ALD has listed below the purposes for which it carries out processing in the context of its business relationship with its customers:

Processing Management of the third parties.

Rental contract - international customer relationship mangement:

• •
  In the context of car leasing activities by our subsidiaries, with clients being managed by ALD S.A. at a global level, to perform satisfaction and quality measurement, to consolidate quality information worldwide to create a global assessment of company quality, to provide management satisfaction surveys on products, services or contents, and to follow-up customer relation claims and after-sale service.
• •
  With you and your company, respond to estimate requests, open customer accounts, fulfill your orders for services and for related activities, manage events, send you communications related to your contract, respond to your inquiries and requests for verifications, provide customer service, account management, support and related training of our personnel involved in such activities, and to provide other services related to your account.
• •
  Fleet management tool/monitoring applications.

To provide managers with fleet management tools.

Legal base of the processing Execution of the contract.

Type of use

• •
  Identification and contact information: such as your name, last name.
• •
  Professional information: such as your job title or professional address (e.g. postal address and e-mail address, phone number).
• •
  Customer's employees: name/surname/e-mail address.

Processing Management of the third parties.

Suppliers

Legal base of the processing Execution of the contract.

Type of use

• •
  Identification and content information: such as your name, last name.
• •
  Professional information: such as your job title or professional address (e.g. postal address and e-mail address, phone number).

Processing The fight against money laundering, anti-fraud / anti-corruption, anti-terrorism and conflict of interest:

ALD must comply with an obligation of vigilance on its customers and prospects by applying appropriate control procedures and measures.

Legal base of the processing Legal obligation.

Type of use

• •
  Directors, counterparty legal representatives, UBO Identification and Contact information: such as your name, last name, gender, date of birth, screening results.

Processing White-Label partners:

We may share information with our white-label partners in order to enable fleet management services with reports and widgets, for key accounts and follow-up of international key account fleets.

Legal base of the processing Execution of the contract.

Type of use

• •
  Identification and Contact information: such as your name, last name.
• •
  Professional information: such as your job title or professional address (e.g. postal address and e-mail address, phone number).

Processing Customer satisfaction/Survey:

We may send you qualitative surveys for our product and services only related to the performance of the service.

Legal base of the processing Legitimate interest.

Type of use

• •
  Identification and Contact information: such as your name, last name, city, telephone/mobile number or email address.
• •
  Data relating to the vehicle leasing contract (e.g. client identification number, contract number, vehicle identification number).

Processing Marketing purposes:

We may use your information to contact you, subject to your consent when applicable, about new offers or services and special offers we think you will find valuable, or to send you marketing communications or newsletters; we may analyze your client profile and preferences, and perform multichannel marketing campaigns via automated tools, contact you via SMS, email, or send you brochures;

Marketing / CRM campaign performed on behalf of the entities/ or for international customers.

Legal base of the processing Consent.

Type of use

• •
  Identification and Contact information: such as your name, last name, city, telephone/mobile number or email address.
• •
  Data relating to the vehicle leasing contract (e.g. client identification number, contract number, vehicle identification number).

Processing Cookie / audience measurement:

Use of cookies that may include profile and preference analysis to improve our understanding of your interests and concerns: we may use your personal information to improve our website and services, to customize your experience with us and to tailor our marketing activities to fit your needs and interests.

Legal base of the processing Consent

Type of use

• •
  Connection data: ID, IP address, Cookies and internet/website usage data, Customer preferences.

Personal data is kept by ALD SA, in an active base, for the time necessary to achieve the objective pursued at the time of their collection.

The retention period is therefore initially set by ALD SA according to the operational needs necessary for the execution of each individual rental contract and taking into consideration any recommendations of the local Data protection authority.

However, certain longer retention periods may result from legislative and regulatory texts. Some laws also require that documents/information containing personal data be retained for a specific period of time for evidentiary purposes or in anticipation of possible litigation until the action in question is time-barred. For example, in commercial matters for accountability documents, obligations are in principle prescribed by five years if they are not subject to special prescriptions. ALD is therefore obliged to keep certain personal data beyond the execution of the lease contracts, even though it no longer has any use for them, in the form of so-called intermediate archives.

At the end of these periods, the personal data is:

→ Anonymized;

and/or

→ Purged.

ALD understand that you do not want us to provide your personal information directly to third parties for their own marketing purposes without your consent. However, ALD occasionally need to use partners or processors to provide you with the requested services and a better experience, for the purposes described above. We therefore limit our sharing of your personal information on a need-to-know basis as follows:

• •
  with internal business departments such as sales, customer care/quality department, marketing, IT services, support and maintenance. Inside the ALD Automotive Group/ SG Group, we may share your personal data with other ALD Automotive entities, who may only use your personal information in compliance with this Policy.
• •
  with our service providers, such as data hosting service providers, data administrators, located in France or within the European Economic Area and instructed to only use your personal information in accordance with our instructions.
• •
  with unaffiliated partners, such as Banks, insurers, vehicle constructors, marketing partners, actors of mobility etc…
• •
  where needed to affect the sale or transfer of business assets, in connection with a bankruptcy proceeding, to enforce our rights, protect our property, or protect the rights, property or safety of others, or as needed support external auditing, compliance and corporate governance functions.
• •
  when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the countries where we operate.

In general, all of the ALD databases are located inside the European Union. However, ALD may transfer your personal data from the Europe to countries within or outside the European Economic Area. The countries outside of the EEA may not provide the same level of protection as is available in the EEA. If we transfer your personal data outside the EEA, we will ensure that adequate levels of protection are in place in relation to the processing of your personal data. Hence, ALD will before transferring your personal data outside Europe make sure to implement a Binding Corporate Rules (BCR) or a Standard Contractual Clauses (SCC).

However, certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal data to these jurisdictions. These countries are listed online at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.

In order to protect data subjects concerned by the processing of personel data, the GDPR has implemented rights. The rights in question are as follows:

Data subject right Right of acces.

Description of the right You can obtain information realting to the processing of your personal data, and a copy of such personal data.

GDPR Article Article 15

Data subject right Right to rectification.

Description of the right When you consider that your personal data are inaccurate or incomplete, you can require that such personal data be modified accordingly.

GDPR Article Article 16

Data subject right Right to erasure (right to be forgotten).

Description of the right You can require the deletion of your personal data, to the extent permitted by the law.

GDPR Article Article 17

Data subject right Right to restriction of processing.

Description of the right You can request a restriction on the use of your personal information.

GDPR Article Article 18

Data subject right Right to data portability.

Description of the right Where legally applicable, you have the right to have the personal data you have provided to us be returned to you in an intelligible format.

GDPR Article Article 20

Data subject right Right to object.

Description of the right You can object to the processing of your personal data, on grounds relating to your particular situation.

GDPR Article Article 21

Please note that at any time you have the right to lodge a complaint to the competent local supervisory authority, the CNIL in France.

If you wish to exercise the rights listed above, you will find the privacy policy of each ALD entities in their resopective corporate websites:

Country + URL

• •
  Algeria - www.aldautomotive.dz
• •
  Austria - www.aldautomotive.at
• •
  Belarus - www.aldautomotive.by
• •
  Belgium - www.aldautomotive.be
• •
  Brazil - www.aldautomotive.com.br
• •
  Bulgaria - www.aldautomotive.bg
• •
  Chile - www.aldautomotive.cl
• •
  Colombia - www.aldautomotive.co
• •
  Croatia - www.aldautomotive.hr
• •
  Czech Republic - www.aldautomotive.cz
• •
  Denmark - www.aldautomotive.dk
• •
  Estonia - www.aldautomotive.ee
• •
  Finland - www.aldautomotive.fi
• •
  France - www.aldautomotive.fr
• •
  Germany - www.aldautomotive.de
• •
  Greece - www.aldautomotive.gr
• •
  Holding - www.aldautomotive.com
• •
  Hungary - www.aldautomotive.hu
• •
  India - www.aldautomotive.in
• •
  Italy - www.aldautomotive.it
• •
  Kazakhstan - www.aldautomotive.kz
• •
  Latvia - www.aldautomotive.lv
• •
  Lithuania - www.aldautomotive.lt
• •
  Luxembourg - www.aldautomotive.lu
• •
  Mexico - www.aldautomotive.com.mx
• •
  Morocco - www.aldautomotive.ma
• •
  Netherlands - www.aldautomotive.nl
• •
  Peru - www.aldautomotive.pe
• •
  Poland - www.aldautomotive.pl
• •
  Romania - www.aldautomotive.ro
• •
  Russia - www.aldautomotive.ru
• •
  Serbia - www.aldautomotive.rs
• •
  Slovakia - www.aldautomotive.sk
• •
  Slovenia - www.aldautomotive.si
• •
  Spain - www.aldautomotive.es
• •
  Sweden - www.aldautomotive.se
• •
  Switzerland - www.aldautomotive.ch
• •
  Turkey - www.aldautomotive.com.tr
• •
  Ukraine - www.aldautomotive.ua
• •
  United Kingdom - www.aldautomotive.co.uk

ALD SA protects your data through technical and organizational security measures (including education and training of relevant personnel) against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.

Only those teams and employees who need to know your information within our company can access it. ALD SA make sure to implement administration rights and policies within our company, and we take all measures to ensure that employees, advisers and service providers keep your files confidential.

ALD SA may collect data via cookies to improve the user's browsing experience. Cookies are used, among other tracers, to store preferences and settings in order to save time, enable login, combat fraud, analyze the performance of the website and the services provided by the renter, and compile visit statistics.

For more details you can consult our Cookie policy by following this link: Cookie policy (aldautomotive.com)

We may modify this Privacy Policy periodically to be compliant with any new regulations, so please review it regularly. If we change this Privacy Policy, we shall notify you by means of providing a notice on our website homepage. This Notice was last amended on 10 May 2022.

To exercise the rights set out in the article 10 at any time, please send us a letter or an email to the following address ALD SA, 1-3 rue Eugène et Armand Peugeot, 92500 Rueil Malmaison, France or contact ALD Automotive’s Data Protection Officer through dpo.ald@aldautomotive.com, and we will handle your request.