Global Privacy Statement

LeasePlan is committed to protecting the privacy of the personal information collected and processed by us. Compliant privacy and data security practices have therefore become integral components of LeasePlan’s Services, corporate governance, accountability and risk management. We therefore process only such personal information as is necessary for the provision of the relevant LeasePlan Services (‘Services’).

LeasePlan Privacy Pledges

Regardless of when and how we process your personal data:

  • Transparent: We help you understand how your data is collected and used
  • Privacy as starting point: We ensure that our services are privacy friendly
  • Control: We provide you with an easy manner to access, correct or delete your data
  • Safe with LeasePlan: We secure your data as best as we can and personal data is only shared with third parties when necessary and under appropriate conditions.
  • Innovating and responsive: We keep thinking of ways how to improve our services and your privacy and are open for all suggestions and complaints

This privacy statement informs you of our privacy practices which we apply globally.

Please read this Privacy Statement carefully so that you understand how we collect and use your personal data.

1. Scope of this Privacy Statement

I. Website visitors/users (“Website Visitors”);
II. Business Clients (“Clients”);
III. Clients’ employees/drivers (“Drivers”).
IV. Private lease clients (including one man businesses) (“Private Lease Clients”)
V. Private buyers of used vehicles (“Buyers”)
VI. Professional buyers of used vehicles (“Traders”).

(Individually and collectively also referred to as “you”)

We collect and use your personal information through our various vehicle and fleet leasing, management, and driver mobility services, as further described in Section 1 (“Services”).

Please note that this Statement does not apply to the following affiliates and/or services:

Please also note that any processing of your personal information via our telematics services will take place in accordance with the applicable Telematics Privacy Statement.

Responsibilities of Business Clients
Insofar as Clients (employers) have access to personal information, the Client (employer) is the data controller responsible for the processing and use thereof. This Statement does not apply to the processing and use of personal data by Clients (employers).

2. Who we are

LeasePlan UK Limited is the company responsible for the processing of your personal information (data controller):

165 Bath Road, Slough SL1 4AA

Sometimes LeasePlan Corporation N.V. and LeasePlan Global B.V. are joint controller:

Address: Gustav Mahlerlaan 360, 1082 ME Amsterdam, the Netherlands,

The relevant local LeasePlan entity and LeasePlan Corporation N.V. and LeasePlan Global B.V. are jointly referred to as “LeasePlan” and “we”.

3. How we collect your data

  • Through the Services
    Most of the data we process are in relation to the vehicle management services we provide to you as the driver and to your employer if you have a company car. This usually starts with the registration of your leased vehicle, (in some circumstances we may do some preliminary credit checks before this) and continues when we communicate with you about our services, e.g. to arrange for periodic maintenance and repairs. We may also process your data when your vehicle inadvertently is involved in an accident, to ensure that we restore mobility and handle any damage, or where we are the recipient of traffic fines in relation to your leased vehicle. Next to our core-leasing activities, we also provide a number of other related services, such as e-mobility services, fuel card services, car rental services, and roadside assistance. Another service we provide relates to car remarketing, CarNext, sales of used LeasePlan vehicles.
  • Offline
    We collect personal information from you offline, e.g., when you visit our CarNext experience stores, place an order over the phone, or contact customer service.

From Other Sources
We receive your personal information from other sources, for example:

  • Drivers’ employers,if you have a company car
  • The relevant authority (e.g. police) where we are the recipient of traffic fines in relation to your leased vehicle
  • From our independent Service Partners who assist us in providing our leasing and other services to you, including car dealerships, car maintenance providers, body repair shops
  • publicly available databases, credit reference agencies and other sources
  • joint marketing partners, when they share the information with us;

If you connect your social media account to your Services account, or where you share information from our websites to your social media platforms, you will share certain personal information from your social media account with us, for example, your name, email address, photo, list of social media contacts, and any other information that may be or you make accessible to us when you connect your social media account to your Services account.

We need to collect personal information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. If you disclose any personal information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Statement.

Monitoring of communications

Subject to applicable laws, we will monitor and record calls, email, text messages and other communications we have with you. We will do this for compliance with regulatory rules, self-regulatory practices or procedures relevant to our business, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures, and for quality control and staff training purposes.

For example, where we are required by a regulator to record certain telephone lines (as relevant) we will do so. In addition, where appropriate and having regard to applicable data protection law our monitoring will be to check for inappropriate content in communications. In very limited and controlled circumstances we may conduct short term carefully controlled monitoring of your activities where this is necessary for our legitimate interests or to comply with a legal obligation. We may do this for instance where we have reason to believe that fraud or other crime is being committed, where offences are suspected and where the monitoring is proportionate to the type of the disciplinary offence, or where we suspect non-compliance with anti-money laundering regulations to which we are subject. In particular, telephone calls may be recorded for these purposes.

4. For which purposes we use your data

4.1 Data pertaining to website visitors.

4.2 Data pertaining to clients and prospective clients.

4.3 DATA PERTAINING TO DRIVERS (Employees of our Clients).

4.4 DATA PERTAINING TO PRIVATE LEASE CLIENTS (INCLUDING SOLE TRADERS AND PARTNERSHIPS) AND PROSPECTIVE CLIENTS.

4.5 Data pertaining to private buyers of used vehicles.

4.6 Data pertaining to professional buyers of used vehicles (Traders).

5. Sharing data with third parties

In addition to what is indicated for each purpose above regarding sharing of personal information, we may also share personal information:

  • Within the LeasePlan group for the purposes described in this Statement.
    -You can consult the list and location of our Leaseplan entities here.
  • To our third-party service partners and providers, to facilitate services they provide to us.
    In order to provide you with our services, we often work closely with Service Partners and Service Providers. Our independent Service Partners assist us in providing our leasing and other services to you, and include car dealerships, car maintenance providers, body repair shops, and roadside assistance providers, but also rental service companies, and the administrators of our driver safety programs.
    Service Providers are companies we retain that support us in running our business, for example to help us maintain our IT network and related infrastructure, and security and access controls to our premises.

    We also use and disclose your personal information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:

  • To comply with applicable law and regulations.-
    -This may include sharing information with Credit Reference Agencies and Fraud Prevention Agencies. Please see the relevant sections above for further information and contact details for these agencies.

  • To cooperate with public and government authorities.
    -These may include regulatory or governmental bodies to which LeasePlan is subject to
    -To respond to a request or to provide information we believe is important
    -These can include authorities outside your country of residence.

  • To cooperate with law enforcement.
    -For example, when we respond to law enforcement requests and orders or provide information we believe is important.

  • For other legal reasons.
    -To enforce our terms and conditions; and
    -To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.

  • In connection with a sale or business transaction.
    -We have a legitimate interest in disclosing or transferring your personal information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) Such third parties may include, for example, an acquiring entity and its advisors.

6. International transfer of personal data

Due to the global nature of our organization and Services, your personal information may be stored and/or processed in a country other than the one you reside in.

Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as, such as through LeasePlan’s own Binding Corporate Rules or through contractual arrangements put in place with third parties. You may obtain a copy of these measures by contacting us via the contact form.

7. Security and retention

  • How we secure personal data
    We seek to use organisational, technical and administrative measures to protect personal information within our organization.

    Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the Contact details provided in this Statement.

  • How long we retain personal data
    We will retain your personal information for as long as necessary or permitted in light of the purposes outlined in this Statement and consistent with applicable law.
    The criteria used to determine our retention periods include:
    -Retention for our business relationship. The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you use a LeasePlan vehicle);
    -Retention in case of legal obligation. Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
    -Retention to protect our legal position. Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
    -Retention in case of claims. We will retain your personal information for the period in which you might legally bring claims against us (as relevant).
    -Retention in accordance with regulatory requirements. We will retain your personal information where we are required to do so by regulatory regimes and regulations applicable to us (in the UK this includes the FCA regulatory regime).
    -Prospects. We will retain your contact details for our marketing purposes (as above) for a maximum of two years unless you tell us within that period that you wish to unsubscribe or withdraw your consent.
    -Retention of CCTV images. We apply a separate criteria to retention of these records, as follows. We retain CCTV images for three months and after that they will be erased because we will not need to retain them for the purposes listed (above).

8. Children’s privacy

Our Services are not directed at individuals under the age of 18.

9. Your rights and contacting us

Your rights

If you would like to request to review, correct, update, suppress, restrict or delete your personal information processed by us, object to the processing of personal information, to object to automated decision making or if or if you would like to request to receive an electronic copy of your personal information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us via the contact form. We will respond to your request consistent n accordance with applicable law.

In your request, please make as clear as possible what personal information your request relates to. For your protection, we will only implement requests with respect to the personal information associated with the particular email address as you indicated in the contact form, and we may request you to provide verification of your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event within any applicable legally required timeframes.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that began prior to requesting such change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.

Questions?
If you have any questions or complaints about this Statement, please contact us via the contact form.

Because email communications are not always secure, please do not include sensitive information in your emails to us.

Additional information regarding the EEA
You may also:

  • Contact our Data Protection Officer (“DPO”) via the contact form or via: LeasePlan Corporation N.V., attn. Data Protection Officer, Gustav Mahlerlaan 360, 1082 ME Amsterdam, the Netherlands
  • Lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available here.

10. Changes to this Privacy Statement

We may change this Statement at any time. Please take a look at the “Last Updated” legend at the top of this page to see when this Statement was last revised. Any changes to this Statement will become effective when we post the revised Statement on the Services. Your use of the Services following these changes means that you accept the revised Statement.