Easy Rent Albania

Legal

Privacy Policy

Last updated 25 May 2026

1. Controller Identity and Contact

Easy Rent sh.p.k. is the controller of the personal data described in this Privacy Policy.

Address: Dritan Hoxha Street, Zogu Zi, Tiranë, Albania
Email: [email protected]
Phone: +355 67 204 1614

2. Scope

This Privacy Policy applies to personal data processed through our website, reservation and payment flows, customer support interactions, and rental operations.

3. Categories of Personal Data

  • Identity and eligibility data: name, date of birth, driving licence details, and related verification information needed for rental eligibility.
  • Contact data: email address, phone number, and communication history.
  • Reservation and contract data: pickup and return details, selected vehicle class, extras, booking status, and rental contract information.
  • Payment and transaction data: payment status, transaction references, payment authentication results, card brand and last four digits where available, refund details, and billing or payment information processed by our payment provider. We do not intentionally collect or store full card numbers or card security codes on our own servers.
  • Operational and support data: messages, claims, incidents, contact form submissions, and service history.
  • Technical and usage data: device, browser, IP-derived location, referral, page view, interaction, cookie, local storage, and fraud-prevention data generated when you use our website or payment flow.

4. Purposes and Legal Bases

  • Contract performance: to create, manage, and fulfill reservations and rental agreements, including payment, deposit, refund, and reservation-management steps.
  • Legal compliance: to meet accounting, tax, insurance, fraud-prevention, payment-card, anti-abuse, and regulatory obligations.
  • Legitimate interests: to maintain service reliability, protect the website and booking flow, prevent fraud and abuse, support claims or disputes, and understand overall service performance where those interests are not overridden by your rights.
  • Consent or notice-based acceptance: to operate analytics and similar technologies where applicable law allows or requires a user choice or clear notice.

Where processing is based on consent, you may withdraw consent at any time without affecting processing carried out before withdrawal.

5. Payments Processed by Stripe

We use Stripe to process card and electronic payments on our website. When you make a payment, Stripe may collect or receive payment details directly through Stripe-hosted or embedded payment components. Stripe may process card or payment method data, billing details, contact details, transaction data, authentication data, device and browser information, network identifiers, cookies, and fraud-prevention signals.

Easy Rent receives the information needed to complete and manage the reservation, such as payment status, payment references, refund status, and limited non-sensitive card information where available, for example card brand and last four digits. Full card numbers and card security codes are handled by Stripe and should not pass through Easy Rent servers.

Stripe may act as our service provider, processor, or independent controller depending on the Stripe service, the data involved, and Stripe's legal obligations. Stripe may use personal data to provide payment services, authenticate transactions, prevent fraud and financial loss, comply with financial and legal obligations, secure its services, and improve payment performance.

For Stripe legal and privacy references, see the Stripe Privacy Policy, Stripe Privacy Center, Stripe Legal page, Stripe Services Agreement, and Stripe Data Processing Agreement.

For security and payment-standard references, see Security at Stripe and Stripe's Integration Security Guide. Stripe describes PCI DSS as the global standard for cardholder-data security and states that Stripe is certified as a PCI Level 1 Service Provider. We use Stripe payment components to reduce Easy Rent's direct exposure to sensitive card data.

6. Analytics, Insights, and Website Monitoring

We use analytics and website performance tools to understand how our website is used, measure page performance, improve the reservation experience, and monitor technical reliability.

  • Google Analytics 4 (GA4): used to process page views, interactions, approximate location, browser/device information, and referral/source data. GA4 may use analytics cookies such as _ga and _ga_*.
  • Cloudflare Web Analytics / Cloudflare Insights: used to measure traffic, performance, and website reliability. Depending on configuration, Cloudflare analytics tools may operate without traditional analytics cookies and focus on aggregated measurement and performance diagnostics.

We do not intentionally send direct identifiers such as full name, email address, phone number, driving licence number, postal address, full card number, or card security code in analytics events.

7. Cookies, Local Storage, and Site-Use Acceptance

Our website uses a notice-based model covering Necessary, Payment and fraud-prevention, and Analytics technologies. Necessary and payment-security technologies remain active because they are required for website, reservation, payment, fraud-prevention, and security functionality.

The cookie notice explains that by continuing to use the site, interacting with the site outside the notice, scrolling, typing, or closing the notice, you accept the cookies and similar technologies described in this Privacy Policy and our Cookies Policy. We store the notice decision in browser local storage so the notice does not need to show again in the same browser unless storage is cleared or the notice version changes.

You can manage cookies and browser storage through your browser settings. Blocking necessary or payment-security technologies may affect reservation and payment functionality.

8. Recipients of Data

We may share personal data only where necessary with service providers and partners supporting our operations, including hosting and infrastructure providers, analytics and performance providers such as Google and Cloudflare, payment processors such as Stripe, customer support tools, insurers, professional advisers, card issuers, banks, payment method providers, fraud-prevention partners, and public authorities where required by law.

9. International Transfers

Where personal data is transferred outside the EEA, UK, or Switzerland, we use recognized safeguards such as adequacy decisions, Standard Contractual Clauses, data processing agreements, or other lawful transfer mechanisms, together with supplementary measures where required.

10. Retention

We retain personal data only for as long as necessary for the relevant purpose, contractual obligations, legal retention periods, dispute handling, fraud prevention, payment processing, accounting, tax, insurance, and legitimate business needs. Retention periods vary by data category and legal requirement. Stripe and other providers may retain payment and fraud-prevention data according to their own legal, regulatory, and security obligations.

11. Your Rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict processing, object to processing, request portability of your data, and withdraw consent for consent-based processing.

You may submit privacy requests at [email protected]. We may verify identity before responding. For data processed directly by Stripe under Stripe's role, you may also need to contact Stripe through the channels described in Stripe's privacy materials.

12. Complaints

You may lodge a complaint with a competent data protection supervisory authority, particularly in the country of your habitual residence, workplace, or the place of the alleged infringement.

13. Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, alteration, disclosure, and misuse. Payment card details are processed through Stripe payment infrastructure, and payment pages or components should be used over secure HTTPS connections.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business developments. The latest version is published on this page.

15. Contact

For privacy questions or rights requests, contact [email protected].