Open Nav

Privacy Policy

In this section we will explain everything that, as our User, you need to know about our Privacy Policy and how your data is managed and used. We would also like to inform you that we are completely GDPR-compliant, so your data is as safe with us as it can be.

Please take a moment to read the following paragraphs. They are important as they concern you.

1.- Definitions

In the process of getting you acquainted with our Privacy Policy we will use the following definitions. Whenever you read “we,” “us,” “our,” and “Onlicar” we are referring to O C Capital Ltd. We provide companies with software tools that, through GPS tracking among other technologies, allow them to monitor the performance of their fleet and the driving behaviour of their drivers (“the Service” or “our Service”). When we say “customer”, we are referring to the person or entity that is registered with us to use the Service. When we say “driver” or “drivers” we are referring to the persons that provide their services as drivers for our customer.  When we say “you” we are referring either to our customer, the drivers, or the employees of Onlicar. “Third parties” are entities that are not part of the Service, but are linked to it.

We offer our Services on a platform to which the customer has access after signing up to our Service. The “Website” includes the Website itself, and any web pages, interactive features, applications, widgets, blogs, social networks, or other online, mobile, or wireless offerings that post a link to this Privacy Policy, whether accessed via computer, mobile device, or other technology, manner or means.


2.- What is the GDPR and what does it say?

GDPR stands for General Data Protection Regulation. It’s a new European rule that ensures a high level of protection of personal data when any operation is performed on it (processed) by the companies and businesses.

The GDPR requires us to inform you about which data do we collect, how we manage it, handle and process it, and what your rights are in this regard.


2.1.- Which personal data do we collect?

We only ask you for the data that we deem necessary in order to appropriately provide our service. In particular, we collect the following data.

If your are our Customer:

  1. Full name
  2. Phone number
  3. E-mail
  4. Business name
  5. Business address

If you are a driver:

  1. Full name
  2. Driver number
  3. GPS location of your vehicle

If you are an employee:

  1. Full name
  2. Address
  3. E-mail address
  4. Mobile phone number
  5. Home telephone number
  6. Gender
  7. Date of birth
  8. National insurance number
  9. Emergency contact provided by our employee:
    1. Full name
    2. Phone number
    3. Address
    4. E-mail
    5. Relationship of that person with you

We do not hold the full credit card number nor any other financial data.

We rely on your express consent to process all the above mentioned data.


2.2.- How do we manage your data?

Once you provide us with your personal data, we encrypt it and include it in a secure database. Then we use it for the following purposes:

  1. Identify the customer that is signing up to our service
  2. Customer log in service
  3. Communication with our customer
  4. Display relevant information in the customer’s web app
  5. Billing operations
  6. Keep a history of journeys
  7. Analyse the history of journeys
  8. Communication with our employees
  9. Communication with the emergency contact of our employees

In addition, we would like to make you aware of the fact that upon certain events, such as sign up or the e-mail exchange when you contact us we collect that data as well.

2.3.- What are your rights as our User?

The GDPR grants you the following rights.

You have the right to:

  1. ask us whether your personal data is being used or processed by us and which type (e-mail, full name, address, etc.), for which purpose, and if we’re disclosing it or we will in the future it and to whom.
  2. have the inaccurate data that concerns you rectified.
  3. “be forgotten”: this means that we will erase your personal data, and you can request us to do so if:
    1. we don’t need it anymore,
    2. you withdraw your consent,
    3. it has been unlawfully processed,
    4. there is such a legal obligation upon us, which arises from a national or EU norm.
  4. restrict the processing of your personal data if:
    1. you think that the data that we hold or process is inaccurate (only during the time that would take us to verify and fix the issue),
    2. the processing of your personal data is unlawful, and you prefer to restrict the use instead of erasing it,
    3. we no longer need your personal data, but you need us to have it for the establishment, exercise or defence of legal claims.
  5. object to the processing your personal data: we will no longer be able to use your personal data for the purposes for which we collected them. You can also object to the use of your personal data for direct marketing purposes.
  6. to not be subject to a decision based solely on automated processing: if a decision that has binding effects and concerns you is made, you have the right of this not to happen.
  7. be informed, in case of personal data breach (security breach in our systems), of what happened and which measures we have implemented to fix or alleviate the problem.
  8. lodge a complaint with a supervisory authority. Each Member State of the European Union appoints an institution as the supervisory authority, and you can address them concerning a complaint.

Furthermore, if you make use of the above mentioned rights, we have to provide you with a response within one month.

We would like you to know that your personal data will be automatically erased from our databases after x years in case of inactivity of if you cancel your subscription with us.


2.4.- Third parties

In order to provide you with a better service, we work with the following parties, out of which, some collect data for us. All of them hold a GDPR compliant certification:

  1. Gsuite
  2. Citrus HR
  3. Slack
  4. Xero
  5. Gocardless
  6. Pipiedrive CRM
  7. Amazon Web Services’ cloud system
  8. Auth0
  9. Sentry
  10. Google Analytics
  11. SmartLook
  12. Tookan

We do not disclose your personal data with any third party without your express consent.

3.- Further questions?

Do you have any further questions about how your data is handled, or you would like to know more about your rights and how you can exercise them? Contact us via our official web form and we will get back to you shortly.