FAQ
General Data Protection Regulation (GDPR)
Here is a professionally rewritten version of your GDPR content, tailored for PRESKO EXECUTIVE CHAUFFEUR CARS LTD, Trading as “PEC CARS”, with unnecessary mentions of other companies removed and language simplified while keeping it accurate and compliant:
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a key piece of European legislation that strengthens data protection for individuals within the European Union. It replaces the 1995 EU Data Protection Directive and establishes a unified framework for how organizations handle personal data.
The GDPR enhances individuals’ rights and places greater responsibilities on organizations. It allows for substantial penalties—up to €20 million or 4% of annual global turnover—for businesses that fail to adequately protect personal data.
The regulation came into effect on May 25, 2018, and applies to any organization that stores or processes the personal data of EU citizens.
How GDPR Affects You as a PEC CARS Customer
When you use services provided by PRESKO EXECUTIVE CHAUFFEUR CARS LTD, trading as PEC CARS, we collect and store your personal data. This allows us to manage your bookings, issue travel documentation, and provide reliable transportation services.
In this context, PEC CARS is both a data controller and data processor, and you—as a customer—are a data subject. If you’re booking on behalf of another person, you may also be acting as a data controller, which may bring its own GDPR responsibilities.
Your Responsibilities as a Data Controller (if booking for others)
If you’re handling personal data on behalf of others, you should ensure your actions comply with GDPR. We recommend seeking professional legal advice. The Information Commissioner’s Office (ICO) suggests 12 key steps to help organizations prepare:
Awareness: Ensure decision-makers understand the impact of GDPR.
Data Mapping: Know what data you hold, where it came from, and who you share it with.
Privacy Notices: Update privacy policies to reflect GDPR standards.
Individuals’ Rights: Prepare to accommodate rights like data deletion and data portability.
Access Requests: Be ready to handle data access requests within one month.
Lawful Processing: Identify and document the lawful basis for data use.
Consent: Review how you obtain and manage consent to ensure it meets GDPR standards.
Children’s Data: Implement age verification and obtain guardian consent where applicable.
Data Breaches: Have procedures to detect and report data breaches promptly.
Privacy by Design: Include data protection in systems and process design.
Data Protection Officers: Appoint a responsible person or DPO if required.
International Considerations: Identify your lead data authority if operating across the EU.
What PEC CARS Is Doing to Be GDPR-Compliant
At PEC CARS, we are committed to protecting your personal data. Our approach includes:
Enforcing secure (HTTPS) website connections.
Conducting regular security and antivirus scans.
Maintaining up-to-date records of all personal data stored and processed.
Only collecting data necessary for delivering our services.
Keeping a detailed data flow map, including third-party processors.
Regularly reviewing and updating our Data Protection Policies.
Providing ongoing staff training, including breach response procedures.
We also provide key documents to help you understand how we handle your data:
Acceptable Use Policy
Cookie Policy
You have the right to request access to or deletion of your personal data. However, some legal requirements limit what we can remove. For example, we are required by licensing authorities to retain full journey records for at least one year and by company law to retain transaction records for six years.
PEC CARS is dedicated to full compliance with the GDPR.
For any GDPR-related questions, please visit our Contact Us page. You can also download a full copy of the General Data Protection Regulation here.