GDPR Compliance โ€” Solved Cleanly, Without Cookie Banner Stress

Data protection is especially relevant in the car rental business: driver license photos, ID data, payment information. We thought it through from the start.

See all features

How is AutoRentAI.com GDPR-compliant?

First: cookieless visitor tracking (SHA-256 hash instead of cookie, no cookie banner needed). Second: self-service deletion in customer portal (photo files deleted, entry pseudonymised). Third: full backup export for data portability. Fourth: data processing agreement (DPA) on request. Servers in Germany and Spain (EU).

Cookieless tracking

No cookie banner needed. We track visits via SHA-256 hash of IP+user-agent, without storing PII. Conversion tracking still possible.

Self-service deletion

In the customer portal the end customer can fully delete their account. Photo files (driver license, ID) are hard-deleted, bookings pseudonymised (for accounting law). No support ticket needed.

DPA + server location

Data processing agreement on request signed (free). Servers in EU (Germany and Spain). Stripe and SMTP2GO are the only sub-processors, both with their own DPA.

Frequently asked questions

Do I get a DPA? +
Yes, free on request via e-mail. Standard contract per Art. 28 GDPR, signature-ready.
Where is the data stored? +
Database in EU data centre (Strato/Plesk hosting Germany). Photo uploads in EU cloud storage. No data transmission to third countries.
How long is data kept? +
Bookings 10 years due to tax retention obligation (anonymised after account deletion). Photo documents max 6 months after rental end, then automatic deletion job. Login logs 30 days.
Can I offer data export to my customers? +
Yes. In the customer portal there is an "Export my data" button โ€” the customer gets their booking, contract and contact data as JSON. Fulfils Art. 20 GDPR (data portability).
How do you handle credit card data? +
We do not. Card data goes directly to Stripe (PCI-DSS Level 1), we only store the Stripe customer ID and token IDs. We never see the actual card number.

Compliance without friction

14 days trial, DPA on request immediately. We usually reply within 4 hours.

WhatsApp +34 600 400 800

Try it free for 14 days

Your test account will be set up within an hour. You will receive a confirmation by email. After expiry you have no obligations โ€” the account is cancelled free of charge.

or directly
WhatsApp +34 600 400 800

We use your details solely to reply to your request. No sharing with third parties.