Privacy Policy
This Privacy Policy describes how NorthStar Car Rentals collects, uses, discloses and protects personal information when you use our website, make a reservation, or interact with our services in Canada. It also explains your rights and choices regarding your information. If you have questions after reading this policy, contact our privacy team using the details below.
Information we collect
We collect information needed to provide and improve our services. Categories of data include identification details such as name and date of birth where required for rental eligibility, contact details like email and phone, booking and payment information including transaction records and billing address, driver licence details when required for rentals, and vehicle usage data related to roadside assistance or incident reports. We also collect technical information from website interactions such as IP address, device information, and cookies - see the Cookies section below for details. For corporate accounts we may collect company information, billing contacts, and authorized driver lists. We retain only the information necessary for service delivery, legal compliance, and reasonable business purposes such as fraud prevention and quality assurance.
How we use personal information
We use personal information to process reservations, manage rental agreements, provide roadside assistance, and handle payments securely. Information enables us to verify driver eligibility, prepare vehicles with requested add-ons, and contact you about reservation changes or safety notices. For corporate clients we use account data to manage billing and reporting. We may also use aggregated or anonymized data to analyse demand, improve our services, and perform operational planning. With your consent where required by law, we may use contact details for marketing communications; you can opt out at any time. We do not sell personal information to third parties. Where we engage service providers for payment processing, insurance handling, or vehicle maintenance, we limit their access to the data necessary to perform those services and require contractual safeguards to protect that information.
Cookies and tracking
Our website uses cookies and similar technologies to provide core functionality and to improve user experience. Essential cookies support login and booking workflows. Optional cookies may provide analytics and performance insights or support targeted content. The cookie consent control in the corner of the site allows you to accept or reject optional cookies. You can also adjust cookie preferences in your browser, but be aware that disabling essential cookies may affect booking functionality. We work with reputable analytics providers and require them to process data in a manner consistent with applicable privacy laws. For specific cookie descriptions and retention periods, contact our privacy team and we will provide a current breakdown of the cookies in use.
Data sharing and third parties
We share personal information only as necessary to provide services or when required by law. Typical recipients include payment processors, insurance partners, roadside assistance providers, and trusted maintenance vendors who require limited data to support a reservation or an incident. We also share information with law enforcement or regulatory authorities when required by legal process. When we share data with third parties we apply strict contractual protections to limit their use to the specified purpose and to enforce appropriate security measures. Personal information may be processed in Canada and, in some cases, by service providers operating in other jurisdictions; when this occurs we implement appropriate transfer safeguards according to applicable law.
Security and retention
We maintain administrative, technical and physical safeguards to protect personal information against unauthorized access, loss, or misuse. Access to personal data is limited to authorised staff and to service providers on a need-to-know basis. Payment data is handled following industry standards for secure payments. We retain personal information only as long as necessary to fulfill the purposes described in this policy, to comply with legal obligations, and to resolve disputes. When records are no longer required, we dispose of them securely. If you believe your information has been compromised, contact our privacy team immediately so we can investigate and take appropriate remedial steps.
Your rights and choices
You have the right to request access to personal information we hold about you, to request correction of inaccurate data, and to request deletion where permitted by applicable law. You can also object to or restrict certain processing activities and withdraw consent for direct marketing communications at any time. To exercise these rights, contact [email protected] or use the postal address listed in the contact block. We will respond to verification and requests in accordance with applicable law and may need to retain certain information for legal or operational reasons. If you are dissatisfied with our response you may have the right to lodge a complaint with your local privacy regulator.
Changes to this policy
We may update this Privacy Policy to reflect changes in our operations, legal requirements, or service offerings. When we make material changes we will provide notice via the website or direct communication where feasible. The policy effective date appears at the top of the page. Continued use of our services after a change constitutes acceptance of the revised policy where permitted by law.