Vroom Group Holdings Pty Ltd (ABN 39 162 955 320) and our related companies including Vroom Vroom Vroom Pty Ltd (ABN 19 050 417 037) and V2B Travel Pte Ltd (UEN 201710991D) (“Vroom”, “we”, “our” or “us”) are committed to the protection of personal privacy within the scope of applicable law.
We collect and use personal information in compliance with the Australian Privacy Act 1988 (Cth) (“Australian Privacy Act”) to provide services to our customers and other visitors to our Sites, to facilitate our customer relationships, to comply with our financial, regulatory and other legal obligations, and to pursue Vroom’s legitimate business interests.
We do not sell or rent personal information to marketers or unaffiliated third parties.
The vehicle rental providers and suppliers of other products or services available via our Sites have their own policies governing their use of your personal information. Please refer to the privacy policies published by those third parties for more information.
The types of personal information that we collect and hold will vary depending on your dealings with us. This information may include any or all of the following:
We will not collect sensitive information from you or any third party.
You do not have to provide us with any personal information, however if you do not do so we will not be able to provide you with the products, services or benefits you have requested.
We also collect the following information from you when you use our website:
We collect personal information directly from you, such as:
We also collect personal information through:
We will collect personal information for the following purposes:
We will disclose personal information as required to the providers of the products and services you have booked or purchased (such as car rental and insurance companies). You accept that not all recipients of your information may have privacy policies or be subject to privacy laws equivalent to us and you consent to the disclosure of your personal information for that purpose.
We may also disclose your personal information to third parties who work with us in our business to provide, promote or improve the products or services you have requested or are interested in, such as:
We do not rent or sell your personal information to unaffiliated third parties.
We will use and disclose your personal information to send direct marketing to you from
The direct marketing may relate to:
You may opt-out of receiving this direct marketing through the unsubscribe function that will be made available to you with each direct marketing communication.
We store personal information in a combination of computer storage facilities, paper-based files and other records. We take numerous steps to protect your personal information from misuse, interference and loss, and unauthorised access, modification or disclosure.
Additionally, we take reasonable steps to destroy or permanently de-identify personal information when we no longer need it.
The internet is not a secure method of transmitting information. Although we take reasonable steps to ensure information is securely transmitted and processed, we cannot and do not accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information.
Vroom is a multi-national business operating in the global travel services industry. We will disclose some of your personal information, for the purposes described above, to organisations located overseas, including our overseas related companies, travel service providers and third party service providers as detailed in paragraphs (a), (b) and (c) below.
(a) Our overseas related entities
We have operations in Australia, Singapore and the United States. Your personal information may be disclosed to our overseas related entities in connection with the provision of the goods or services you have requested and to enable the performance of administrative, advisory and technical services, including the storage and processing of such information.
(b) Travel service providers
In providing our services to you, if you have confirmed a booking to be picked up overseas we will also disclose your personal information to the travel service provider located in that overseas pick up location.
(c) Our third party service providers located overseas
We will also disclose your personal information to third parties located overseas for the purpose of performing services for us, including for customer service, travel service aggregation, payment, marketing, fraud detection and prevention services, and the storage and processing of such information. We only disclose your personal information to these overseas recipients in connection with facilitation of your travel booking and/or to enable the performance of customer services, administrative and technical services by them on our behalf.
We use key service providers located in the Philippines, the United States and the European Union, among other countries. We also deal with many different service providers all over the world, so it is not possible for us to set out in this Policy all of the different countries to which we may send your personal information.
We will take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up to date. If your personal details change, such as your address or phone number, please contact our Privacy Officer by email or at the address detailed below.
At your request, we will provide you with a copy of any personal information which we hold about you, unless an exception under the Australian Privacy Act applies. We may charge a fee for retrieving this information, in which case we will inform you of the fee and obtain your agreement to that fee before providing the information.
We will promptly acknowledge and investigate any complaint about the way we manage personal information.
Information is also generated whenever a page is accessed on our website that records information such as the time, date and specific page. We collect such information for statistical and maintenance purposes that enables us to continually evaluate our website performance.
We do not tie the information gathered using third-party analytics to your personal information.
We take data breaches seriously and will act in compliance with the Notifiable Data Breaches scheme established by the Privacy Amendment (Notifiable Data Breaches) Act 2017.
We will use our best endeavours to contain, assess and remedy actual and suspected data breaches as soon as possible and no later than 30 calendar days after the date we become aware of the actual or suspected data breach in accordance with our company data breach response policies and procedures.
Where your personal information held by us is lost or subjected to unauthorised access, modification, use or disclosure or other misuse, and this is likely to result in serious harm to you or other individuals, we will take steps to remedy the risk of serious harm as quickly as possible. If we have not been able to prevent the likely risk of serious harm with remedial action, we will notify you, other affected individuals, and the Office of the Australian Information Commissioner.
The Privacy Officer
Level 1A, 10 Finchley Street, Milton, Queensland, 4064
We will take reasonable steps to remedy any issues resulting from our failure to comply with our privacy obligations.
If you are not satisfied with the outcome of your complaint you may refer the matter to the Office of the Australian Information Commissioner (OAIC).
Telephone: 1300 363 992
OAIC complaints page: http://www.oaic.gov.au/privacy/privacy-complaints
Last updated on 7 January 2020