DISCOVER TUSCANY WITH US !!



according to the GDPR – General Data Protection UE 2016/679

(European regulation on the protection of personal data)

  1. Introduction

MS RENT CAR (below as owner) takes the user’s privacy seriously and undertakes to respect it.

This “Privacy Policy” describes the processing of personal data carried out by the owner through the www.msrent.it site and the related commitments undertaken in this regard by the Company.

The owner may process the personal data of the user when he visits the Site and uses the services and features on the Site. The sections of the website where the user’s personal data are collected is published in accordance with art. . 13/15 of the EU Reg. 2016/679.

If required by the EU Reg. 2016/679 the user’s consent will be required before proceeding to the processing of his / her personal data. If the user provides personal data of third parties, he must ensure that the communication of data to the data controller and subsequent processing for the purposes specified in the applicable privacy information is in compliance with EU Reg. 2016/679 and applicable legislation.

  1. identification data of the holder


Registered Office : C.so Italia, 5

56125 PISA

mail: msrentautonoleggio@gmail.com

VAT Number 02209950506


  1. Type of data processed
The visit and consultation of the Site do not generally involve the collection and processing of personal data of the user except for navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the user may be processed when the latter interacts with the functionality of the Website or requests to use the services offered on the Website. In compliance with the Privacy Code, the owner could also collect the personal data of the user from third parties in the performance of his activity.
  1.  Data collection
We may collect Personal Data in various ways, including, but not limited to, telephone calls, customer service contacts, mobile apps, websites, our social network pages, rental vehicles, and other sources, including service providers. third-party and business partners, on applications and offline (Offline data collection) in connection with any requests, reservations, rentals or purchases made in connection with our services, through sponsors of discounts, licensees and booking channel providers. For more details, see below
We collect information from customers during the booking process and rental transactions such as, for example, name, age, date and place of birth, gender, address, e-mail address, telephone number, passport number, driving license or other photo identification, credit score and history of creditworthiness, criminal records, address and payment card information and bank details.
Technology information such as IP address, device ID, browser type, operating system, mobile device identifiers, geolocation data, status or country from which you accessed our websites, specific web pages visited, date and time of visit, websites visited immediately before and after visiting our websites / web pages, number of specific links and links on which you click on our websites, features used on our websites, all bookings, updates, purchases or other transactions made through our websites, data displayed or downloaded from our websites, number of views of any specific advertising.
Rental information such as credit card information, video of your interaction with us, number of the member card of the organization, flight number of arrival and departure, details of the loyalty program, organizational affiliations, name of employer and contact information, booking agency, rental agency, return agency, preferences and usage information, costs incurred, purchase prices and details, itinerary information, data related to claims for compensation.
Information derived from the vehicle (telematics) such as: we can use data systems in the vehicle to collect data on the condition and performance of the vehicle (including mileage, fuel data and other operational data) and the use of the vehicle by the driver during the rental for reasons of safety, protection and management of claims, including the renter’s contact if the data suggest that there is a security or operational problem that we must bring to your attention, and we can keep this data as necessary for these purposes. Use can also be used for the following reasons:
for our legitimate interests to ensure accurate debit for vehicle uses, including fuel and damage, during rental.
for our legitimate interests to enable us to defend ourselves and to handle claims for compensation arising from accidents involving the rented vehicle; to guarantee the fulfillment of our security obligations in relation to the vehicle and to each rental.
to detect the position of the vehicle for the duration of the rental in order to access this information only in the event that the driver violates the rental agreement (not returning the vehicle in time or driving in unauthorized territories) or to provide assistance in the defense and in handling claims for compensation following an accident involving the vehicle.
to track the vehicle to enable us to provide you with information while you drive on areas of historical or recreational interest, restaurants, gas stations or fuel or other places or services of interest;
based on your consent to share information about your driving performance (eg speed) during rental with you, your employer or other people;
with your consent for each specific use requested.
Sensitive data sensitive data such as certain personal data that are sensitive data in some countries, such as data on health conditions (for example, in the case of a request for support of a disability, or providing manual commands or if an accident occurs we must cooperate with insurance companies or management of claims for compensation for any injuries sustained) or affiliation to a union (or similar organization) if a CDP discount code is used that can only be used by members of that union or organization. Depending on the applicable local law, we may not be able to process such sensitive data without your consent.
Protective and legal uses: we may use, share and disclose personal data for legal reasons, as we deem necessary or appropriate, including:
We use “cookies” and other electronic tools on our websites, subject to consent, to collect and store information on your computer or mobile device. Cookies are small text files that allow you to browse web pages effectively, remember your preferences, help us understand the performance of this website and, in general, improve navigation. Cookies can also guarantee that advertisements viewed online are more relevant to your interests.
  1. Cookies policy
    This site uses cookies. To learn more and to read the detailed information, the User can consult the Cookie Policy by clicking here
  2. Conservazione dei dati personali

    Personal data are stored and processed through computer systems owned by the owner and managed by the owner or by third party technical service providers; for more details, please refer to the “Scope of accessibility of personal data” section below. The data is processed exclusively by specifically authorized personnel, including personnel assigned to carry out extraordinary maintenance operations.
    Purpose of the treatment
The owner can process the common and sensitive personal data of the user for the following purposes:
1.a) use by users of services and features on the site for consultation of the site
2.b) management of requests and reports from users, and in general all requests received via contact forms.
3.c) with the further and specific consent of the user, the owner may process personal data for marketing purposes, ie to send the user promotional material and / or commercial communications relating to the services of the Company / company, at the contact details indicated, either through traditional methods and / or means of contact (such as, paper mail, telephone calls with operator, etc.) or automated (such as, internet communications, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablet -cd.APPS-, social network accounts – f.e. via Facebook or Twitter-, phone calls with auto attendant, etc.).
This consent is indicated as optional or compulsory based on the type of request, specifically it is necessary that the user requests the subscription to the promotional newsletter service.
  1. d) with the additional and specific optional consent of the user, the holder may process personal data for the detection of the degree of customer consent and market surveys pertaining to the services of the Company / company, at the addresses indicated, either through methods and / or traditional means of contact (such as paper mail, phone calls with operator, etc.) that are automated (such as, internet communications, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablets -cd. -, social network accounts – f.e. via Facebook or Twitter -, calls with automatic operator, etc.).
  2. e) The information you share with us will only be used to provide the services requested. We will use the contact information provided to communicate with you for the provision of these services. We may use contact information to send you information about our products and services, if permitted by you. We use Personal Data for analytical purposes and to be able to help our customers by improving our services and websites / web pages.
We may process your Personal Data as follows:
Aggregated or anonymous data: We may share aggregated or anonymous data with other third parties about users of our website or other websites and the services provided on that website or other websites, as well as all rental, purchase or use data.
If you choose to provide access credentials to designated parties, we inform you that all information provided to us may be visible to these individuals.
Links to third parties may provide links to third-party websites or we may be connected to third-party websites. Since we do not control third-party sites, and we are not responsible for any information you may provide while on these sites, we recommend that you read the Company’s Privacy Policy on those websites before providing information to third parties applicable parts. We are not responsible for the information that you or others decide to disclose publicly and such information is not subject to this Policy.
We may share Personal Data with third parties in the following cases:
To provide you with the services: we will share your Personal Data between us, our agents, our licensees and other companies to provide you with services, including:
make rental reservations. process and / or confirm your transactions. provide you with optimized rental services, such as the services provided in connection with the MS RENT CAR affiliate programs, provide you with customer support, bill and collect amounts due
Protective and legal uses: we may use, share and disclose personal data for legal reasons, as we deem necessary or appropriate, including:
the provider of your credit card and other companies that process your costs, any intermediary used, such as a travel agent or other operator, in relation to any aspect of the rental.
any operator of an affiliate program for which you are rewarded for making a rental with us, any sponsorship organization that pays all or part of the rental costs
comply with applicable law, including laws outside your country of residence, process, manage or otherwise respond to claims for damages, including bodily injury or damage to property, comply with legal procedures, respond to requests from public authorities and governmental measures, including those outside your country of residence, apply our terms and conditions, recover our vehicles or any amounts owed, such as debt collection agencies, protect our operations or those of our subsidiaries, protect our rights, confidentiality, security or property, and / or those of our subsidiaries, yours or other persons, allow us to implement the remedies available or limit the damage that we may suffer.
Disclosure to our service providers and agents: we may use other companies as suppliers of our services or agents who act on our behalf and assist us in conducting our business activities, performing services on our behalf, based on our instructions. These services may include the hosting of certain websites or databases, the management of “apps” on our behalf on the social network pages of our social media, the management of contests, lotteries and other promotions on our behalf, sending communications marketing, performing data analysis and conducting customer satisfaction surveys or other research. We will seek to require our service providers and agents to maintain the appropriate security standards to protect your Personal Data and to use such data provided by us solely for the purposes specified by us.
Disclosure for business transactions: we may disclose your Personal Data to a third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other planned or actual disposal of part or all of our assets, resources or shares (including in relation to any bankruptcies or similar proceedings).
  1. Processing and storage of personal data
Personal data are processed both in paper and electronic form and entered into the company information system in full compliance with EU Reg. 2016/679, including security and confidentiality profiles and based on principles of correctness and lawfulness of processing. In accordance with EU Reg. 2016/679, the data are kept and stored for a variable time depending on the purpose, specifically with reference to point 6:

letter a) : period necessary for the execution of services and functionality of the site with any minimum storage times if required by law.

letter b): 24 months.

letter c): until the user’s consent is revoked.

letter d): until the user’s consent is revoked.

lettera e): until the user’s consent is revoked. .

  1. Security and quality of personal data
The owner undertakes to protect the security of the user’s personal data and complies with the security provisions of the applicable law in order to avoid data loss, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Disciplinary concerning minimum security measures. Furthermore, the information systems and computer programs used by the owner are configured in such a way as to minimize the use of personal and identifying data; these data are processed only for the achievement of the specific purposes pursued from time to time.
The holder uses multiple advanced security technologies and procedures to promote the protection of personal data of users; for example, personal data is stored on secure servers located in places with secure and controlled access. The user can help the owner to update and keep correct their personal data communicating any changes related to their address, their qualification, contact information, etc.
  1. Scope of communication and data access
  • • Your personal data may be communicated to:
    • all the subjects to whom the right of access to such data is recognized by virtue of regulatory provisions;
    • to our collaborators, employees, as part of their duties;
    • to all those natural and / or legal persons, public and / or private, when the communication is necessary or functional to the performance of our activity and in the manner and for the purposes illustrated above;
    • We may provide Personal Data to third-party service providers.
    • We do not sell Personal Data to non-related third parties but we may, with your consent, share your data with third party partners for marketing purposes.
    • Your data may be transferred outside your country or region of residence in countries such as the United States, for processing and storage in accordance with applicable law.
    • Your data may be transferred outside your country or region of residence to provide the services requested.
  1. Nature of provision of personal data
The provision of some personal data by the user is mandatory to allow the Company / company to manage communications, requests received by the user or to contact the user himself to respond to his request. This type of data is marked with the asterisk symbol [*] and in this case, the conferment is mandatory to allow the Company / company to respond to the request which, in default, can not be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide data will not entail any consequences for the user.
The provision of personal data by the user by degree of consent and market investigation, as specified in section 6. “Purpose of processing” is optional and the refusal to provide it will have no consequence. The conferment for marketing purposes is optional or mandatory based on the type of request. The consent given for these purposes is intended to be extended to the sending of communications carried out through automated and traditional methods and / or contact means, as exemplified above.
  1. Rights of the interested party

12.1 Article 15 (right of access), 16 (right of rectification) of EU Reg. 2016/679

The interested party has the right to obtain from the data controller confirmation that it is or is not undergoing treatment of personal data concerning him and in this case, to obtain access to personal data and the following information:
1.a) the purposes of the processing;
2.b) the categories of personal data in question;
3.c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
4.d) the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
5. e) the existence of the right of the data subject to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
6.f) the right to lodge a complaint with a supervisory authority;
7.h) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.

12.2 Right pursuant to art. 17 of EU Reg. 2016/679 – right to cancellation (“right to be forgotten”)
The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay if one of the following reasons exists:
1.a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
2.b) the interested party revokes the consent on which the treatment is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and if there is no other legal basis for the treatment;
3.c) the data subject opposes the processing pursuant to Article 21 (1), and there is no legitimate overriding reason to proceed with the processing, or opposes the processing pursuant to Article 21 (2);
4.d) personal data have been processed unlawfully;
5.e) personal data must be deleted to fulfill a legal obligation under Union law or the law of the Member State to which the data controller is subject;
6.f) the personal data have been collected in relation to the service offer of the company / information company referred to in Article 8, paragraph 1 of EU Reg. 2016/679
12.3 Right referred to in art. 18 Right of limitation of treatment
The interested party has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:
1.a) the interested party disputes the accuracy of personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
2.b) the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
3.c) although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
4.d) the interested party has opposed the treatment pursuant to article 21, paragraph 1, Reg EU 2016/679 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party
12.4 Right pursuant to Article 20 Right to data portability
The data subject has the right to receive, in a structured, commonly used and automatically readable form, the personal data concerning him / her provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller
  1. Revocation of consent to treatment
The interested party may revoke the consent to the processing of your personal data by sending a communication to the holder, accompanied by a photocopy of his identification document or other identification document, with the following text: << revocation of consent to the processing of all my personal data >>. At the end of this operation your personal data will be removed from the archives as soon as possible.
  1. Requests for information regarding the treatment
If you want more information on the processing of your personal data, or exercise the rights referred to in paragraph 10 above, you can send a communication to the holder. Before we can provide you, or change any information, you may need to verify your identity and answer some questions.
  1. Changes
We reserve the right to change this Policy at any time for any reason by publishing the modified versions on this web page or any applicable app or on other websites / pages. These changes will be valid from the time of publication, but will not be applicable retroactively. Whenever we make a material change, we will note the date of that update on the introductory page above and post a note on the home page of our websites affected by that change.
  1. How to send requests

The above requests can be requested through the following methods:

– mail: msrentautonoleggio@gmail.com, massimiliano.soriani@pec.it

letter with registered mail A / R at the address: MS RENT CAR – Registered office: C.so Italia, 5 PISA

Requests will be processed as soon as possible depending on the type of request.

Updated at 05/11/2018