No deposit - No credit card - Free cancellation

Data Privacy Policy

How we collect, use, and protect your personal information at carbergen.com

1. Introduction and Scope

This Privacy Policy describes how carbergen.com ("we", "us", or "our") collects, processes, stores, and protects personal information submitted through our vehicle rental booking platform serving Bergen, Norway and surrounding regions including Hardangerfjord, Sognefjord, and the wider Vestland county area.

This policy applies to all visitors and customers who browse our website, request quotes, or complete a booking for car hire in Bergen, Norway - whether through our main site or any affiliated booking integrator. By using our services, you acknowledge you have read and understood the terms set out in this document.

We operate in accordance with applicable Norwegian data protection law, the European Union General Data Protection Regulation (GDPR) as incorporated into Norwegian law via the Personal Data Act (Personopplysningsloven), and relevant United States state privacy regulations where applicable to our customer base.

2. Information We Collect

When you interact with carbergen.com, we may collect the following categories of personal data:

2.1 Personal Identification Details

This includes your full name, email address, telephone number, date of birth, nationality, and driver license number and expiry date. This information is required to process a valid vehicle rental reservation and verify eligibility to drive in Bergen, Norway.

2.2 Booking and Reservation Data

We collect details related to your rental, including pickup and drop-off locations (such as Bergen Airport BGO, Bergen city centre, Bryggen district, or Bergenhus), rental dates and duration, vehicle category selected, additional extras requested (such as child seats, GPS, or additional drivers), and any special instructions you provide.

2.3 Payment Information

We do not store full payment card details on our servers. Payment processing is handled by certified third-party payment processors who comply with PCI DSS standards. Where no-deposit or debit-card-friendly booking options are selected, only the minimum necessary transactional reference data is retained on our end.

2.4 Browsing and Technical Data

We automatically collect certain technical data when you visit our site, including your IP address, browser type and version, operating system, referring URL, pages visited, session duration, and device identifiers. This data is collected via cookies and similar tracking technologies as described in our Cookie Policy.

2.5 Location Data

With your consent, we may collect approximate location data to help suggest nearby pickup points in Bergen, Norway - for example near Flesland Airport, central Bergen, or the Hansakvarteret Bryggen area. You can disable location sharing at any time in your browser or device settings.

3. How We Use Your Information

3.1 Processing Your Booking

The primary use of your personal data is to confirm and manage your vehicle rental reservation, communicate booking confirmations and updates, coordinate pickup logistics at Bergen locations, and handle modifications or cancellations including free cancellation requests.

3.2 Customer Support

We use your contact information to respond to support enquiries, resolve disputes, process refund requests, and provide assistance before, during, and after your rental period in Bergen, Norway.

3.3 Service Improvement

Aggregated and anonymised browsing data helps us understand how customers use our platform, which vehicle categories are most popular, and how to improve the booking experience - particularly for no-deposit and no-credit-card reservation flows that are central to our service offering.

3.4 Marketing Communications

We will only send promotional emails, newsletters, or special offers if you have explicitly opted in to receive marketing communications. You may withdraw consent at any time by clicking the unsubscribe link in any marketing email or by contacting us at [email protected].

3.5 Legal and Regulatory Compliance

We may process and retain data to comply with Norwegian tax law, EU GDPR obligations, anti-fraud requirements, and any lawful requests from competent authorities in Norway or other relevant jurisdictions.

4. Data Sharing with Third Parties

We do not sell your personal data. We share information only with trusted partners where necessary to deliver the vehicle rental service:

4.1 Payment Processors

Secure payment gateways receive the minimum necessary billing details to process your transaction. These processors operate under their own privacy policies and are bound by PCI DSS compliance requirements.

4.2 Vehicle Rental Partners and Fleet Operators

Your name, contact details, driver license information, and booking details are shared with the local fleet partner in Bergen, Norway responsible for fulfilling your reservation - including airport desk operators at Bergen Airport (BGO) and city centre pickup locations.

4.3 Insurance Providers

Where coverage is included or selected as part of your booking, relevant personal and booking data is passed to the insurance provider to validate and activate the policy for the duration of your rental.

4.4 Booking Technology Integrators

Our booking widget and search infrastructure is powered by third-party technology partners. These integrators process search queries, availability data, and reservation confirmations under contractual data processing agreements with us.

4.5 Analytics and Marketing Tools

We may share anonymised or pseudonymised data with analytics platforms to measure site performance and, where you have consented, with advertising tools to deliver relevant promotions about vehicle rental deals in Bergen, Norway.

5. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, subject to applicable legal retention obligations:

  • Booking and transaction records: up to 7 years (Norwegian accounting and tax law requirements)
  • Customer support correspondence: up to 3 years from the date of the last interaction
  • Marketing consent records: retained until you withdraw consent plus 1 year
  • Technical/browsing logs: up to 13 months in line with cookie consent guidelines
  • Driver license and identity verification data: up to 2 years from rental completion

After these retention periods, data is securely deleted or anonymised in a manner that prevents re-identification.

6. Your Rights as a Data Subject

Under GDPR and the Norwegian Personal Data Act, you have the following rights regarding your personal information:

6.1 Right of Access

You may request a copy of all personal data we hold about you, free of charge, within 30 days of your request.

6.2 Right to Rectification

If any information we hold is inaccurate or incomplete, you have the right to request correction. This is particularly important for driver license details and contact information used in your rental bookings.

6.3 Right to Erasure

You may request deletion of your personal data where it is no longer necessary for the purposes collected, provided no overriding legal obligation requires us to retain it.

6.4 Right to Data Portability

Where data is processed by automated means on the basis of consent or contract, you may request a machine-readable copy of your data to transfer to another service provider.

6.5 Right to Object and Restrict Processing

You may object to processing of your data for direct marketing purposes at any time. You may also request that we restrict processing while a dispute or correction request is being resolved.

6.6 Right to Lodge a Complaint

If you believe your data rights have been violated, you have the right to lodge a complaint with Datatilsynet, the Norwegian Data Protection Authority, at datatilsynet.no, or with the supervisory authority in your country of residence.

7. Data Security Measures

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • HTTPS encryption across all pages and booking flows on carbergen.com
  • Restricted staff access to personal data on a need-to-know basis
  • Contractual data processing agreements with all third-party partners
  • Regular security reviews and vulnerability assessments of our booking infrastructure
  • Pseudonymisation of analytics data wherever practically feasible

Despite these safeguards, no online system is completely immune to risk. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR Article 33.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate our website, remember your preferences, and measure the effectiveness of our booking flows. Full details of the cookies we use, their purpose, and how to manage them are set out in our Cookie Policy. You can withdraw or adjust your cookie consent at any time via the cookie settings panel.

9. International Data Transfers

Some of our third-party service providers operate servers outside the European Economic Area (EEA). Where personal data is transferred to countries that do not provide an equivalent level of data protection, we ensure appropriate safeguards are in place - such as Standard Contractual Clauses approved by the European Commission - to protect your information in accordance with GDPR requirements.

10. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data practices. When we make material changes, we will update the effective date at the top of this page and, where required, notify affected users by email. We encourage you to review this policy periodically. Continued use of carbergen.com after any update constitutes acceptance of the revised terms.

11. Contact Us About Privacy

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us using the details below. We aim to respond to all data-related enquiries within 5 business days.

Email: [email protected]

Phone: +1 (376) 882-4892

Postal Address: carbergen.com, Bergen, Norway

For matters specifically related to data subject rights requests, please include "Privacy Request" in the subject line of your email so we can prioritise your enquiry appropriately.

Effective date: January 1, 2025. This policy applies to all personal data collected via carbergen.com from that date forward.