Privacy Policy

Personal Information (as defined by POPIA)

When you book a scooter rental with Ocean View Scooters, we collect and process the following personal information:

• Identity Information: Full name, date of birth, identity/passport number
• Contact Information: Email address, phone number, physical address
• License Information: Driver's license number, license validity, and endorsements
• Financial Information: Payment method details (securely processed by third-party providers)
• Booking Information: Rental dates, times, vehicle preferences, special requests
• Emergency Contact: Next of kin information for safety purposes
• Medical Information: Any disclosed medical conditions that may affect safe operation

Technical Information

We automatically collect certain technical information when you use our website:

• IP address, browser type, and operating system
• Device information and unique device identifiers
• Website usage data, pages visited, and session duration
• Cookies and similar tracking technologies (see Cookie Policy)
• Location data (with your consent) for safety and service optimization

Special Personal Information

We may collect special personal information only where necessary and with your explicit consent:

• Medical conditions that may affect your ability to safely operate a scooter
• Insurance information for claims processing
• Biometric data (if using biometric payment or identification systems)

We process your personal information based on the following lawful bases under POPIA:

Contractual Necessity

• Processing and confirming scooter rental bookings
• Providing customer support and managing your account
• Processing payments and managing billing
• Communicating about your booking and service updates

Legal Obligation

• Verifying driver's license validity and endorsements
• Maintaining records for tax and accounting purposes
• Reporting incidents to relevant authorities when required
• Complying with insurance and safety regulations

Legitimate Interest

• Improving our services and website functionality
• Preventing fraud and ensuring payment security
• Analyzing usage patterns for business optimization
• Protecting our business interests and assets

Consent

• Marketing communications and promotional offers
• Location tracking for enhanced services
• Processing special personal information
• Using cookies and similar technologies

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

Service Providers

• Payment Processors: Secure payment processing (PCI DSS compliant)
• Insurance Providers: For coverage verification and claims processing
• IT Service Providers: Cloud hosting, email services, and technical support
• Marketing Partners: Only with your explicit consent

Legal Requirements

• Compliance with court orders, subpoenas, or legal processes
• Reporting to law enforcement when required by law
• Regulatory compliance (transport authorities, tax authorities)
• Protection against fraud, illegal activities, or safety threats

Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal information may be transferred. You will be notified of any such change in ownership or control of your personal information.

Cross-Border Transfers

Some of our service providers may be located outside South Africa. We ensure adequate protection through appropriate safeguards such as standard contractual clauses or adequacy decisions.

We implement comprehensive security measures to protect your personal information in accordance with POPIA requirements:

Technical Safeguards

• SSL/TLS encryption for data transmission
• AES-256 encryption for data storage
• Regular security audits and penetration testing
• Secure cloud infrastructure with ISO 27001 certified providers
• Multi-factor authentication for staff access

Organizational Measures

• Staff training on data protection and privacy
• Access controls and need-to-know basis principles
• Regular backup and disaster recovery procedures
• Incident response and breach notification procedures

Data Breach Response

In the unlikely event of a data breach affecting your personal information, we will:

• Notify the Information Regulator within 72 hours where required
• Inform affected individuals without undue delay
• Take immediate steps to contain and remedy the breach
• Provide support and guidance to affected individuals

As a data subject under the Protection of Personal Information Act, you have the following rights:

Right of Access

• Request confirmation of whether we process your personal information
• Access your personal information and details of processing activities
• Receive a copy of your personal information in a structured format

Right to Correction

• Request correction of inaccurate or incomplete personal information
• Update your contact details and preferences
• Complete incomplete personal information

Right to Erasure

• Request deletion of personal information (subject to legal retention requirements)
• Withdraw consent for processing based on consent
• Object to processing based on legitimate interests

Right to Restriction

• Request restriction of processing in certain circumstances
• Limit how we use your personal information
• Temporarily halt processing pending resolution of disputes

Right to Data Portability

• Receive your personal information in a structured, machine-readable format
• Transfer your information to another service provider

Right to Object

• Object to processing based on legitimate interests
• Opt-out of direct marketing communications
• Object to automated decision-making and profiling

Right to Complain

• Lodge complaints with the Information Regulator of South Africa
• Seek judicial remedies through the courts
• Contact us directly to resolve concerns

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests:

• Booking Records: 7 years (tax and insurance requirements)
• Payment Information: As required by payment card industry standards
• Marketing Data: Until consent is withdrawn or account is closed
• Website Analytics: 26 months maximum
• Customer Support Records: 3 years from last interaction
• Legal Claims: Until statute of limitations expires

When personal information is no longer required, we will securely delete or anonymize it in accordance with our data retention and disposal policy.

For any questions about this Privacy Policy, to exercise your rights, or to report privacy concerns, please contact:

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

• We will post the updated Privacy Policy on this page
• We will update the "Last updated" date at the top of this policy
• For material changes, we will notify you by email or prominent notice on our website
• We may require renewed consent for certain processing activities

We encourage you to review this Privacy Policy periodically to stay informed about our data practices and your rights.

Our website uses cookies and similar technologies to enhance your experience and provide personalized services. We use:

• Essential Cookies: Required for website functionality and security
• Performance Cookies: Help us understand how visitors use our website
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used for targeted advertising (with your consent)

You can control cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality.