logo

How can we help?

Privacy policy

Privacy Policy – IGMA RENTAL AS

Last updated: 26.02.2026

IGMA RENTAL AS (“IGMA Rental”, “we”, “us”, “our”) is committed to protecting your privacy and processing personal data in accordance with the EU General Data Protection Regulation (GDPR) and Norwegian data protection legislation.

This Privacy Policy explains how we collect, use, store, and protect your personal data.

1. Data Controller

The data controller responsible for processing your personal data is:

IGMA RENTAL AS
Ytre Skårhaug 22
6770 Nordfjordeid
Norway
Email: [Insert contact email]

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Information You Provide

  • Full name

  • Address

  • Telephone number

  • Email address

  • Date of birth

  • Driving license details

  • Booking details (rental period, vehicle type)

2.2 Payment Information

Payment card information is processed and securely stored by our payment provider (e.g., DIBS/Nets).
IGMA Rental does not store full card details.

We retain transaction records related to bookings, payments, refunds, and additional charges.

2.3 Rental and Operational Data

  • Rental history

  • Toll and ferry charges

  • Damage reports

  • Communication records

  • Additional charges

2.4 GPS and Location Data

All vehicles are equipped with GPS tracking devices.

Location data may be collected for:

  • Theft prevention and recovery

  • Protection of company property

  • Investigation of contract breaches

  • Recovery of vehicles not returned

  • Compliance with legal obligations

GPS tracking is not used for continuous monitoring of customers under normal circumstances.

3. Legal Basis for Processing

We process your personal data based on:

  • Contractual necessity (Article 6(1)(b) GDPR) – to provide rental services

  • Legal obligation (Article 6(1)(c)) – accounting, tax and regulatory requirements

  • Legitimate interest (Article 6(1)(f)) – fraud prevention, GPS tracking, chargeback handling, recovery of unpaid amounts

  • Consent, where applicable (e.g., marketing)

4. How We Use Your Personal Data

We use your personal data to:

  • Process and manage bookings

  • Verify eligibility and driver requirements

  • Process payments and additional charges

  • Handle tolls, fines, and insurance claims

  • Prevent fraud and misuse

  • Provide customer support

  • Comply with legal obligations

  • Improve our services

We do not sell your personal data.

5. Sharing of Personal Data

We may share your data with:

Service Providers (Data Processors)

  • Sharefox (booking system provider)

  • DIBS / Nets (payment processing provider)

  • Accounting providers

  • IT hosting providers

These parties process data on our behalf under data processing agreements.

Authorities

We may disclose personal data if required by law or upon request by:

  • Police

  • Courts

  • Public authorities

  • Toll authorities

6. Data Retention

We retain personal data only as long as necessary.

  • Accounting and transaction data: minimum 5 years (Norwegian Accounting Act)

  • Rental agreements and related documentation: up to 5 years

  • GPS data: retained only as long as necessary for operational and legal purposes

  • Customer account data: retained while account is active

Data may be retained longer if required to establish, exercise, or defend legal claims.

7. International Data Transfers

If personal data is transferred outside the EU/EEA (for example through service providers), appropriate safeguards are implemented in accordance with GDPR.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion (“right to be forgotten”)

  • Request restriction of processing

  • Object to processing based on legitimate interests

  • Request data portability

  • Withdraw consent at any time (where applicable)

Requests can be sent to: [Insert contact email]

You also have the right to lodge a complaint with:

The Norwegian Data Protection Authority (Datatilsynet)
www.datatilsynet.no

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against:

  • Unauthorized access

  • Alteration

  • Disclosure

  • Destruction

Payment card data is handled exclusively by PCI-certified payment providers.

10. Cookies and Technical Data

Our website uses cookies and similar technologies to:

  • Enable booking functionality

  • Store session information

  • Improve user experience

  • Analyze website traffic

We may collect:

  • IP address

  • Browser type

  • Device information

  • Operating system

  • Usage patterns

This data may be linked to your account where necessary for service functionality.

You may disable cookies in your browser settings, but this may affect functionality.

11. Changes to This Privacy Policy

IGMA Rental reserves the right to update this Privacy Policy.

The latest version will always be available on our website.