Privacy Policy

Privacy Policy

This Privacy Policy is applicable to this Site and not necessarily to other Marshalls Self Drive sites on the World wide Web pages.   When leaving this Site, please read the Privacy Policy applicable to the Site you are visiting.   If you do not agree with this Privacy Policy, please do not use this Site.

By accessing and using this Site, you hereby agree to the terms of this Privacy Policy.

Non-Personal Information Collected Automatically.

Marshalls Self Drive is committed to the protection of the privacy of its website visitors.   Please note that we may provide aggregate statistics about our customers, sales, traffic patterns, and related site information to reputable third-parties, but these statistics will include no personally identifying information.

Under GDPR, all data communicated is lawfully collected for specified, explicit and legitimate purposes, accurately and in a transparent manner.   The Company does not pass on any data or personal information for marketing or sales to outside entities.

Personal Information

In order to respond to your questions, fulfil your requests or manage interactive customer programs, it may be necessary to ask for personal information such as your name, address, e-mail address and telephone number. We may use this information to respond to your requests, or to contact you via mail, e-mail or phone to inform you of new products, services or promotions we may offer.

If you place an order for a product, request a service or submit content to this Site, we may need to contact you for additional information required to process or fulfil your order and/or request.   However, unless compelled by applicable legislation, we will not provide this information to a third party without your permission, except as necessary to process your order, fulfil your requests or manage interactive customer programs.   You also hereby grant to Marshalls Self Drive the right to exchange any information provided by you between Marshalls Self Drive affiliates for the purposes mentioned before.

In addition to the personal information that you may provide us, this Site may use technology that lets us collect certain technical information like your Internet protocol address, your computer’s operating system, your browser type, traffic patterns and the address of any referring Websites.


Please note that while there are always risks associated with providing personal data, whether in person, by phone or over the Internet, and no system of technology is completely safe, “tamper” or “hacker-proof”, Marshalls Self Drive has endeavoured to take appropriate measures to prevent and minimise risks of unauthorized access to, improper use and the inaccuracy of your personal information.   For example, we use encryption technology when collecting or transferring sensitive data such as credit card information.

Accuracy of collected data

Marshalls Self Drive will on its own initiative, or at your request, replenish, rectify or erase any incomplete, inaccurate or outdated personal data retained by Marshalls Self Drive in connection with the operation of this Site.

Visitor identification

From time to time, information may be placed on your computer to allow us to identify you.   This information is commonly known as “cookies” . By showing how and when our visitors use this Site, this information can help us to continue to improve our Site.   We will only use cookies to view information on your hard drive that was put there by a cookie from this Site.   The use of cookies is an industry standard and many websites use them.   Cookies are stored on our computer and not on this Site.   If you so not wish to receive cookies, or want to be notified of when they are placed, you may set your web browser to do so, if your browser so permits.


No information may be submitted to Marshalls Self Drive by persons under the age of 18 without the consent of a parent or legal guardian, nor may persons under the age of 18 make purchases or other legal acts on this Site without such content, unless permitted by applicable legislation.


We may change this Privacy Policy, or change, modify or withdraw access to this Site, or the content of these pages at any time with or without notice.

Company Specific GDPR Policy

General Data Protection Regulation (GDPR) 25 May 2018

Marshalls Self Drive Ltd

The company processes personal data, which is held in some circumstances manually and in others on computer for the purpose of vehicle rental, staff administration, accounts, third party claims and records.

Additionally it processes personal data with the use of CCTV.

All data collected is :

  • Lawfully collected for specified, explicit and legitimate purposes accurately and in a transparent manner

Customer data is collected and stored to ensure their identity as well as to ascertain their driving entitlements for the purpose of hiring vehicles.

All employee data is collected to ensure they are legitimately employed and the company complies with legislation

All employees are contractually obliged to inform Head Office of any personal changes.

  • Processed for limited purposes to what is necessary

See timescales below

  • Adequate, relevant and not excessive

This is in place

  • Not kept longer than necessary

A maximum of three years plus the current year to meet insurance third party claims timescales for any CCTV footage, Incident & Accident Reports.

All third party personal data collected is for the legitimate process of claims, accidents, injury and legislative notifications, such as RIDDOR and Insurance Companies

No data is transferred outside the European Economic Area (EEA)

Only directors and appointed personnel processors are authorised to pass on any personal data for legitimate purposes

The Company does not pass on any customer or employee data for marketing or sales purposes within or outside entities

The Company does not hold any information on Minors

The Company is registered with the ICO and our registration number is 5362701

  • Any request of information will normally be free of charge and handled quickly for most requests but all within one month.

Any considered requests that are unfounded or excessive will be charged or refused

Personal Data Breach

‘Personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Any apparent breaches of security in access to data by persons other than those appointed must be immediately reported to a Director.

Should any individual or company contact you requesting details of information about themselves held by the Company, the request must be in writing and immediately forwarded to Head Office.

Right to be Forgotten

Also known as Data Erasure, the right to be forgotten entities the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data, such as references.

The conditions for erasure include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent.   It should also be noted that this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.

Any request will be put forward by personnel and determined by a Director.




UK organizations handling personal data still need to comply with the GDPR, regardless of Brexit.


The Government has confirmed that it will follow the GDPR principles for data protection.


Remedies, Liability and Penalties

The Supervisory Authority can impose a fine of up to : 4% of annual global turnover ; or €20 million whichever is the greater.   The administrative fines will in each case be designed to be effective, proportionate, and dissuasive.