We are committed to protecting the Personal Information we collect and complying with our obligations under the Australian Privacy Principles. This policy provides you with information on how we collect, use, store and disclose Personal Information.
www.carly.co is provided by DriveMyCar Rentals Pty Ltd ACN 075 505 494 and our Related Entities (we, our, us). We need to collect and retain Personal Information to enable us to provide our Services. Without this Personal Information, we may not be able to provide our Services, or the Services may be compromised.
In this policy:
Complementary Service means a service that is provided by a third party in conjunction with, or as a complement to, our Services – for example membership of a motoring organisation.
Driver means the person or persons seeking to or renting a vehicle.
Owner means an owner of a vehicle.
Personal Information has the meaning given under the Privacy Act.
Privacy Act means the Privacy Act 1988 (Cth).
Related Entities has the same meaning as under the Corporations Act 2001 (Cth) and includes our franchisees.
Sensitive Information has the meaning given under the Privacy Act.
Services means the vehicle subscription services and the ancillary services we provide to Owners and Subscribers.
Website means www.carly.co and other websites and forms of social media where you post comments or we interact with you.
The meaning of any general language is not restricted by any accompanying example and the words ‘includes’, ‘including’, ‘such as’, ‘for example’ or similar words are not words of limitation.
3. What Personal Information do we collect?
The type of Personal Information we collect may differ depending upon the circumstances of our relationship with you and the nature of the Services we provide to you. Depending on the nature of the Services we provide to you, Personal Information we collect may include:
- for Owners: name, address, email address, telephone numbers and any other contact details, gender, vehicle details, including type of vehicle, registration number, year of manufacture and mileage and bank account details;
- for Subscribers, name, email address, telephone numbers, address and any other contact details, gender, debit or credit card information, Sensitive Information, for example, if you advise us of any disability or medical issue, drivers licence information;
- if you apply for a job with us, name, email address, telephone numbers, address and any other contact details, qualifications, employment history, information provided in response to an application.
4. How do we collect the Personal Information?
We collect Personal Information:
- directly from you;
- through our website and by other electronic communication channels (e.g. when you send us an email);
- when you enter a competition or promotion, participate in a survey or register to receive information from us;
- from your employer, company or other organisation if you use our Services under a corporate account or other arrangement;
- from our contracted service providers (including security providers, CRBs and debt collection agencies if you default in a payment to us);
- from third parties;
- from publicly available sources of information;
- when we are required to do so by law;
- when you log onto or connect to our Website. Our server automatically records information your browser sends (e.g. your IP address, how and when you travel through our Website, the pages and documents accessed information about your usage (e.g. by way of cookies) and other information provided by downloading information from our website). However, unless you provide your name or it is part of your email address, our server does not automatically collect this information.
If at any time you supply Personal Information to us about any other person, you represent and we accept that information on the basis that you are authorised to do so and that the relevant person has consented to the disclosure to us.
5. Vehicle tracking
GPS tracking or other electronic tools may be fitted to a vehicle to enable the vehicle to be tracked or located.
6. How do we use Personal Information?
We use the Personal Information we collect for operational purposes, including:
- to provide our Services;
- to identify you and to verify the information you have provided us is correct;
- for security purposes;
- to comply with our contractual and other legal obligations;
- to provide information to companies and other entities which provide Complementary Services or ancillary services, including insurance, security, repairs and maintenance and charging facilities;
- to respond to medical emergencies;
- to process your inquiries and improve our Services;
- for marketing purposes (as discussed below); and
- to develop our Services.
7. Credit Reporting Bodies
To the extent allowed by law, we may and you authorise us to collect, use and disclose information in respect to any credit we provide to you (for example, in respect to a long-term rental), including to a Credit Reporting Body (CRB). This includes Personal Information required to enable the CRB to provide us with a consumer credit report to assist us in assessing you credit worthiness, payment or default information, information about fraud or any other serious credit infringement, information about adverse court judgments or insolvency.
If you default in the payment of any monies owed to us, you authorise us to provide that information to a CRB and to obtain an up to date consumer credit report on you.
The information given to the CRB may include:
- personal particulars (e.g. your name, sex, address, previous addresses, date of birth, name of employer and drivers licence number);
- details concerning your application for credit or commercial credit and the amount requested;
- advice that we are a current credit provider to you;
- advice of any overdue accounts, loan repayments and / or any outstanding monies are no longer overdue in respect of any default that has been listed;
- that your overdue accounts loan repayments or any outstanding monies are no longer overdue in respect of any default that has been listed;
- information that, in our opinion you have committed serious credit infringement (that is fraud or you have shown an intention not to comply with your credit obligations);
- advice that cheques drawn by your for one hundred dollars ($100.00) or more, have been dishonoured more than once; or
- that credit provided to you by us has been paid or otherwise discharged.
- Information about the CRBs we use may be obtained from our Privacy Officer, whose details are set out below.
8. Other Credit Providers
You agree and authorise us to exchange information about you with credit providers named in a consumer credit report issued by a CRB for the following purposes:
- to assess an application by you;
- to assess your creditworthiness;
- to notify those other credit providers of any default by you or the rectification of any default; or
- to ascertain the status of a credit account where you are in default.
You understand and agree that the information exchanged includes anything about your credit worthiness, credit standing, credit history or credit capacity, subject to the restrictions imposed on credit providers under the Privacy Act 1988.
You agree that personal credit information provided may be used and retained by us for the following purposes (and for other purposes as shall be agreed between us or as required or authorised by law from time to time):
- the provisions of goods and services;
- the marketing of goods and services by us, our agents or distributors;
- analysing, verifying or checking your credit, payment or status in relation to the provisions of goods or services;
- processing of any payment instructions, direct debit facilities or credit facilities requested by you; or
- enabling the daily operation of your account or the collection of amounts outstanding to us for the provision of goods or services.
We may use and disclose your Personal Information to provide you with information on offers, products and services offered by us, our Retailers, our Related Entities and our business associates. If at any time you no longer wish to receive any additional marketing material from us or do not want your information disclosed for direct marketing purposes, contact our Privacy Officer and we will remove your details from our marketing database.
We do not use Sensitive Information for marketing purposes.
10. Disclosing Personal Information
In addition to the situations above (including the purposes specified in section 6), we may disclose your Personal Information to our Related Entities and third parties in certain circumstances including:
- for the purpose of providing a Complementary Service;
- if you agree to the disclosure;
- to assist in the provision of the Services;
- where disclosure is required or permitted by law, e.g. by court order, following a request from the Police, government authority or regulator, or to investigate suspected fraud or other unlawful activity;
- in circumstances where you would reasonably be expected to consent to information of that kind being passed to a third party;
- where it is required to be disclosed for audit purposes;
- if disclosure will prevent or lessen a serious or imminent threat to someone’s life or health; or
- where it is reasonably necessary for the enforcement of the criminal law, a law imposing a pecuniary penalty or for the protection of public revenue.
11. Security considerations
While we do all we reasonably can to protect your Personal Information from misuse, loss, unauthorised access, modification or disclosure, including investing in security software, the Internet is not a secure environment. The open nature of the Internet is such that information exchanged via the Internet may be accessed and used by people other than those for whom the data is intended. If you send us any information, including (without limitation) Personal Information, it is sent at your own risk.
You are responsible for all actions taken using your username, email or password. If at any time you believe your username or password has been compromised, you should immediately contact us and also change your password.
If you access a third party website from our website, you do so and provide Personal Information in accordance with the terms and conditions under which the provider of that website operates.
12. How your information is stored
We endeavour to keep our information systems and files secured from unauthorised access. Those who work with us are aware of the importance we place on protecting your privacy and their role in helping us to do so.
Our procedures to securely store Personal Information include electronic and physical security measures, staff training and use of password protection software.
When the Personal Information that we collect is no longer required, we will remove or de-identify the Personal Information as soon as reasonably possible. We may, however, retain Personal Information for as long as is necessary to comply with any applicable law, for the prevention of fraud, for insurance and governance purposes, in our IT back-up, for the collection of any monies owed and to resolve disputes.
13. How you can update, correct, or delete your Personal Information
You may request access to your Personal Information or correct any inaccurate or out of date information contacting our Privacy Officer. For security purposes, we may ask you to provide evidence of your identity.
You may request the source of any information we collect from a third party. We will provide this at no cost, unless under the Privacy Act or other law there is a reason for this information being withheld. If there is a reason under the Privacy Act or other law for us not to provide you with information, we will give you a written notice of refusal setting out the reasons for the refusal except to the extent it would be unreasonable to do so and the mechanisms available to you to complain about the refusal.
15. Contacting us
You should contact us immediately if you believe:
- someone has gained access to your Personal Information;
- we have breached our privacy obligations or your privacy rights in any way; or
Our contact details are:
Attention: The Privacy Officer
Mail: Level 7, 189 Kent street, Sydney NSW 2000
More information about your rights and our obligations in respect to privacy and information on making a privacy complaint are available from the Office of the Australian Information Commissioner at:
Post: GPO Box 5218 Sydney NSW 2001