ACRISS – Privacy Policy

This site is owned and operated by ACRISS 

This policy (together with our Terms and Conditions of Use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

ACRISS is keen to ensure that it complies with its obligations under the Data Protection Act and that the privacy of visitors to its web site is respected. This Privacy Policy describes the ACRISS' current practice with regards to personal data collected by ACRISS  from you directly and/or through the website (“our Site”)

For the purpose of the Data Protection Act 1998 (“the Act”), the data controller is ACRISS UKEIG, a UK Economic Interest Grouping registered in Wales with company number GE29 whose registered office is c/o Kreston Reeves LLP Third Floor, 24 Chiswell Street, London EC1Y 4YX.  

  1. 'ACRISS', 'we' or 'us' means ACRISS UKEIG -  formerly known as the Association of Car Rental Industry System Standards.


  1. When you visit our Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

  1. If you have registered or used the contact feedback form  on our website we will collect personal data including: email address, telephone number, name and company name. As part of the registration process we will add you to the ACRISS web site database.
  2. We will keep this information until you advise us that you no long wish to be registered on our website.
  3. You have a right to ask for a copy of your information and to correct any inaccuracies. Please email if you would like to know what if any personal information we hold about you.
  4. This information is processed on the basis that it is in your legitimate interest as you have requested registration on the website.
  5. We will retain your personal data until we are advised that you no longer wish to be registered on our website.


There are three different types of cookies, based on their function and purpose:

1. Strictly Necessary cookies
Cookies that are essential, also known as 'strictly necessary' cookies, enable features without which you would not be able to use the website as intended.

2. Performance cookies
These cookies collect information about how visitors for instance which pages visitors go to most often. These cookies don't collect information that identifies a visitor. It is only used to improve how our website works.

Cookie Provider Cookie Name Duration Purpose
Google Analytics
Privacy policy
2 years
1 day
1 day
Google Analytics helps us understand how our visitors get to our website, the number of people that visit our site, and how they navigate their way around the site once they're there. We can use this information to improve our visitors' user experience.
Google Optimise
Privacy policy
1 year
1 year
Google Optimise uses cookies to understand, improve, develop and research products, features and services, to collect usage, viewing, logs, and technical information about your visit, and to create logs and record when users access our site.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. These cookies are collected and aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

3. Functional Cookies
These cookies enable a website to save information which has already been entered (such as user names), so that it can offer you improved and more personalised functions. Functional cookies are also used to enable features you request such as member only content and files. These cookies collect anonymous information and cannot track your movements on other websites.


  1. We share your Personal Information with third parties as described in point 2 above.  We use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: .  You can also opt-out of Google Analytics here: .


  1. We will send members and their employees industry news, information on meetings and events by email. These emails can be unsubscribed from at any time by contacting
  2. The data is processed on the basis that the processing is necessary due to the legitimate interests of the ACRISS member and its employees for us to provide industry information, advice, events, projects and training.
  3. The data will be stored until we are advised that the employee has left the company or the member/the employee advises us that they no long wish to receive information from us.  Complaint data will be stored for a maximum of one year from the date of complaint.


  1. An Internet Protocol (IP) Address is a set of numbers that is automatically assigned to your computer whenever you log onto your internet service provider or through your organisation’s local area network (LAN) or wide area network (WAN). Web servers automatically identify your computer by the IP address assigned to it during your session. We may collect IP addresses for the purposes of systems administration and to audit the use of our site. We do not ordinarily link a user’s IP address to personally identifiable information of that user. Each user’s session will be logged, but the user remains anonymous. However, we may use IP addresses to identify users of our site when we feel it is necessary to enforce compliance with the site’s terms of use, or to protect our service, site or other users.


  1. Unfortunately, the transmission of data via the internet is not completely secure. Although we will do our best to protect your personal data we cannot guarantee the security of your data transmitted to our site, and transmission is at your own risk. Once we have received your information we will use strict procedures and security features to prevent unauthorised access.
  1. ACRISS may disclose your Personal Data if it believes such action is necessary: to conform with a legal requirement or comply with the legal process including civil and criminal proceedings, protect and defend the rights or property of ACRISS, enforce this Online Agreement, or to protect the interests of its users.


  1. You have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.


  1. We will comply with requests regarding access and/or correction or deletion of the information we store in accordance with applicable law.
  2. If you wish to delete your account or personal information on our site you may do so by emailing us at

To exercise any of the rights outlined above in respect of your Personal Information please contact us at


  1. We may update this privacy policy from time to time to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.


  1. The ICO is the government body responsible for enforcing the Data Protection Act 1998 in the UK. Their website is located at


For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at