MoviQ
Torna alla homePrivacy PolicyPursuant to Articles 13 and 14 of EU Regulation 2016/679 (GDPR) and Italian Legislative Decree 196/2003 as amended. Version 1.0 — in force from 1 May 2026. The official, legally binding version is the Italian one.
1. Data controllerThe controller of personal data is MoviQ S.r.l., a company being incorporated, with registered office in Italy. The contact details of the controller and of the data protection officer (DPO), once appointed, will be published at the public launch of the service.For any matter relating to the processing of your personal data you can write to privacy@moviq.it.2. Categories of data processedMoviQ processes only the data strictly necessary to provide the service.
  • Identification data — first name, last name, email address, mobile phone number. Provided directly by the user during registration or profile completion.
  • Booking data — rental dates and city, selected vehicle, amount, any text notes, identifier of the counterpart rental company, request status.
  • Service usage data — IP address (anonymised on the last two octets after 30 days), browser user-agent, interface language, essential navigation events (login, booking, error) collected via Plausible Analytics in aggregate form without unique identifiers.
  • Technical cookies — session cookies strictly necessary for authentication and for keeping user preferences. See our Cookie Policy for details.
MoviQ NEVER processes: driving licence data, credit or payment card data, biometric data, data on health, political opinions, religion, trade union membership or sexual life. This data stays entirely between the user and the rental company at the time of vehicle pickup.3. Purposes and legal basis of processing
Service provision (account, bookings)
Performance of a contract — Art. 6(1)(b) GDPR
Tax, accounting, anti-money-laundering obligations
Legal obligation — Art. 6(1)(c) GDPR
Platform security and anti-fraud
Legitimate interest — Art. 6(1)(f) GDPR
Aggregate analytics (Plausible)
Legitimate interest — Art. 6(1)(f) GDPR
Promotional communications (newsletter)
Explicit, revocable consent — Art. 6(1)(a) GDPR
4. Processing methodsData is processed with IT and electronic tools, with security measures adequate to ensure confidentiality, integrity and availability. The platform uses encrypted connections (HTTPS / TLS 1.2+), protected access via magic link (no password), and logical data separation at database level through Row Level Security.Data is not transferred outside the European Economic Area. All technical providers are based in the EU or adopt safeguards equivalent to the GDPR (Standard Contractual Clauses, adequacy decisions).5. Data recipientsPersonal data may be communicated solely to the following categories of recipients, to the extent strictly necessary:
  • Counterpart rental company — upon confirmation of a booking, it receives name, email, phone and rental details. It is an autonomous controller for the data it receives.
  • Technical providers — Supabase (database and authentication, EU), Hetzner Online GmbH (hosting, Germany), transactional email provider (EU). All contracted as data processors under Art. 28 GDPR.
  • Competent authorities — in case of a legitimate request from law enforcement or judicial authorities, within the limits of the law.
MoviQ does NOT sell, rent or transfer personal data to third parties for commercial, advertising or profiling purposes.6. Retention period
User account
For the duration of registration, plus 24 months from last access (closure for inactivity)
Bookings and accounting logs
10 years from the booking date (Italian D.P.R. 600/1973, Art. 22)
Technical and security logs
12 months (Italian Legislative Decree 196/2003, Art. 132)
Technical cookies
From session expiry to 30 days
Newsletter (if subscribed)
Until consent is withdrawn
7. Rights of the data subjectPursuant to Articles 15-22 GDPR, the user has the right at any time to:
  • access their personal data and obtain a copy (right of access, Art. 15);
  • request rectification if inaccurate or incomplete (Art. 16);
  • request erasure, subject to legal obligations (right to be forgotten, Art. 17);
  • request restriction of processing (Art. 18);
  • obtain the data in a structured, readable format (portability, Art. 20);
  • object to processing based on legitimate interest (Art. 21);
  • withdraw at any time the consents given, without affecting the lawfulness of prior processing (Art. 7.3).
Rights can be exercised free of charge by writing to privacy@moviq.it or from the "Settings → Privacy" section of your profile. MoviQ responds within 30 days of the request.The user also has the right to lodge a complaint with the Italian Data Protection Authority (Piazza Venezia 11, 00187 Rome — garanteprivacy.it).8. Nature of the provision of dataProviding identification data (email, name, phone) is optional, but necessary to create the account and use the service. Failure to provide it prevents registration and vehicle booking.9. Automated decision-makingMoviQ does NOT use fully automated decision-making that produces significant legal effects on the user under Art. 22 GDPR. Any anti-fraud scoring systems are used as a mere decision-making aid and every final decision (e.g. account suspension) is validated by a human operator.10. Changes to this policyMoviQ reserves the right to update this policy to reflect regulatory changes or service developments. Substantial changes will be notified to registered users by email with at least 30 days' notice. The current version is always available at moviq.it/privacy with the date of last update.
Ultimo aggiornamento: 24 giugno 2026
Privacy and diagnosticsWe use technical cookies for the login session. To improve the product we collect anonymous crash and aggregate usage data — you can choose what to enable. Privacy · Cookie