Working hours: Mon - Fri 08:00 - 18:00
This Privacy Notice explains how RentExpress.bg (the “Website”) processes personal data of visitors and customers in connection with our car hire and transfer services. We comply with Regulation (EU) 2016/679 (GDPR) and applicable Bulgarian law, and we apply appropriate technical and organisational measures to protect personal data.
The Data Controller is: TRIT TECH Ltd (operator of RentExpress).
Contact details for data protection enquiries: office@rentexpress.bg, phone +359 87 6696960, address ul. Mehomiya No. 18, Razlog, Bulgaria
Depending on how you use the Website and our services, we may process:
A) Data you provide voluntarily (enquiries/bookings/contact):
Name and surname
Email address
Phone number
Booking/enquiry details: rental dates, pick-up/return locations, vehicle/service preferences
Transfer request details: number of passengers, luggage, destination, and (optionally) flight number for coordination
Messages and correspondence you send to us
B) Data collected automatically:
IP address, device/browser information, technical logs (for security and diagnostics)
Cookie and similar technology data (see our Cookies Policy)
C) Payment data (where applicable):
Where online payments are available, payment processing is typically handled by a third-party payment provider (e.g. bank/payment operator). We may receive payment status information (successful/failed), amount, currency and a transaction reference, without storing full card details.
We process personal data for:
Responding to enquiries and communicating with you
Handling booking requests for car hire
Organising transfers and/or delivering/collecting a vehicle to/from your chosen address
Issuing documents, accounting and legal compliance
Improving the Website and services (analytics – only with consent where required)
Preventing abuse/fraud and maintaining website security (technical logs and safeguards)
We rely on one or more of the following legal bases:
Performance of a contract / steps prior to entering into a contract
Legal obligation (e.g. accounting and tax requirements)
Legitimate interests (e.g. security, fraud prevention, protection of rights)
Consent (e.g. analytics/marketing cookies, newsletter – where used)
We do not sell personal data. We may share data only where necessary and lawful, for example with:
Service providers (hosting, maintenance, email services, CRM)
Payment providers/banks (if online payments are used)
Subcontractors involved in service fulfilment (e.g. driver/transfer), strictly as needed
Public authorities and legally authorised parties where required by law
If we use providers outside the EU/EEA (e.g. certain analytics/marketing platforms), transfers will take place only with appropriate safeguards (e.g. Standard Contractual Clauses and/or other GDPR mechanisms).
We keep personal data only for as long as necessary for the purposes set out above and/or to meet legal obligations. For example:
Booking/enquiry data – for service delivery and subsequent administration
Accounting documents – for legally required periods
Technical logs – for a reasonable period for security and diagnostics
Under GDPR you have the right to:
access your data
rectify inaccurate data
erasure (where applicable)
restriction of processing
data portability (in certain cases)
object to processing based on legitimate interests
withdraw consent (where processing is based on consent)
lodge a complaint with the Bulgarian data protection authority (Commission for Personal Data Protection)
To exercise your rights, please contact us using the details above.
We apply appropriate technical and organisational measures such as access control, logging, secure communications and backups, proportionate to risk.
Our services are not intended for individuals under 18 without parental/guardian involvement. If you believe a child has provided personal data without a valid basis, please contact us.
For details on how we use cookies and how you can manage them, please see our Cookies Policy.
We may update this Privacy Notice to reflect changes to our services, the Website or legal requirements. The latest version will be published on the Website.