0030 2810 259900 07:00 - 23:00 (GMT+2)
en en
Driver Age

PRIVACY POLICY & PERSONAL DATA PROTECTION (IN ACCORDANCE WITH GDPR)

1. Collection and Processing of Data

During the booking process, we collect personal data such as:

  • Full name, contact details (email, phone), 
  • Residential address and country of origin,
  • Date of birth, ID or passport number, driver’s license,
  • Information related to your booking and payment.

These data are collected for the following purposes:

  • To process your booking and provide the car rental service,
  • To comply with our legal obligations,
  • To communicate with you regarding your booking or customer service issues.

2. Legal Basis for Processing

  • The legal basis for processing your data is:
  • The performance of the rental agreement,
  • Compliance with legal obligations (tax, insurance, contractual),
  • The legitimate interests of our company,
  • Your consent for promotional purposes (if provided).

3. Data Retention

Personal data is retained only for as long as necessary to fulfill the above purposes, specifically:

  • For tax and accounting purposes, data is retained for at least 10 years from the date of each invoice or contract (in accordance with Article 13 of Law 4174/2013),
  • For insurance and legal coverage, up to 5 years after the end of the rental, unless a longer period is required due to pending disputes or legal obligations,
  • For promotional communications (newsletter), data is retained until the user withdraws their consent.

4. User Rights

  • Under the GDPR, you have the following rights:
  • Access to your personal data,
  • Rectification or deletion (“right to be forgotten”),
  • Restriction or objection to processing,
  • Data portability,
  • Filing a complaint with the Data Protection Authority.

To exercise your rights, please contact us at gdpr@rentcar.gr.

5. Data Security

We take all necessary technical and organizational measures to protect your data from loss, misuse or unauthorized access.

6. Data Disclosure to Third Parties

Your data is not shared with third parties unless it is strictly necessary for:

  • Completing the booking (e.g. insurance company),
  • Compliance with legal or tax obligations.

7. Communication for Updates & Promotional Material

With your consent, we may send you updates, offers and company news via email. You may revoke your consent at any time via the unsubscribe link included in every email or by contacting us at gdpr@rentcar.gr.

8. Card Payments and Data Storage

RentCar.gr accepts credit/debit card payments via the Greek payment service Cardlink. Your card details (such as card number, expiry date) are not stored or processed on our servers.

Payments are handled through the secure Cardlink environment, fully compliant with PCI-DSS security standards.

If the transaction includes a pre-authorization/deposit, the amount remains reserved for up to 30 days, depending on your bank’s policy.

RentCar.gr does not retain your card details beyond their necessary use for:

  • Ensuring prepayment or deposit,
  • Handling damage or other charges as specified in the rental terms,
  • Issuing refunds where applicable.

By signing the rental agreement and accepting the terms, the customer gives explicit consent for the use of their card information strictly for the above purposes.

By signing the rental agreement, the customer declares that they have read and understood this Privacy Policy and give their consent for the processing of their personal data as described above.