ri_instagram-fill (1)

Privacy Policy

Privacy Policy for Amber Drive GmbH

Last updated: November 10, 2025

Amber Drive GmbH (“Amber Drive”, “we”, “our”, “us”) is committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services in accordance with the EU General Data Protection Regulation (GDPR).

By accessing our website or using our services, you agree to the practices described in this Privacy Policy.

1. Data Controller

The Data Controller responsible for processing your personal data is:

Amber Drive GmbH
HRB 797239
Kaiserin-Augusta-Allee 87
D-10589 Berlin, Germany
Phone: +43 664 188 9907
Email: info@amberdrive.eu

2. Personal Data We Collect

We collect the following categories of data:

A. Data you provide to us

  • Name, surname, date of birth
  • Email address and phone number
  • Address and country of residence
  • Driver’s licence, passport or ID card
  • Payment details and billing information
  • Rental preferences, delivery details, and booking information
  • Any correspondence you send to us

B. Data collected automatically

  • IP address
  • Browser type and operating system
  • Device identifiers
  • Pages viewed and usage behaviour
  • Cookies and analytics data

C. Security & verification data

Because we rent high-value vehicles, we may process:

  • Fraud prevention data
  • Insurance verification information
  • Security screening information

D. Vehicle telematics (only when applicable)

Some vehicles may have:

  • GPS location tracking
  • Mileage, battery, and diagnostic data
  • Geo-fence alerts

Tracking is only activated for theft prevention, recovery, mileage verification, or contractual breach.

3. How We Use Your Personal Data

We process your data for the following purposes:

  • To manage and confirm bookings
  • To verify driving eligibility and identity
  • To deliver or collect vehicles
  • To process payments and secure pre-payment links
  • To communicate regarding bookings, support, or billing
  • To prevent fraud and protect our vehicles
  • To comply with legal and insurance requirements
  • To optimise and secure our website
  • To provide personalised service and improve our offerings

We never sell your personal data.

4. Legal Basis for Processing (GDPR Article 6)

We process your data on one or more of the following lawful bases:

  • Contract performance — to manage bookings and rentals
  • Legal obligation — identity verification, tax rules, insurance requirements
  • Legitimate interests — fraud prevention, fleet security, customer service
  • Consent — marketing communications and optional services

5. International Data Transfers

Some of our trusted service providers (e.g., cloud services, communication tools, payment processors) may operate outside the EU/EEA.

In such cases, we ensure GDPR compliance using:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements
  • Adequacy Decisions

We only work with providers that guarantee strong data protection.

6. How We Protect Your Data

We use industry-standard security measures, including:

  • SSL encryption
  • Restricted access controls
  • Secure servers with GDPR-compliant hosting
  • Encrypted payment processing through certified providers
  • Regular security audits

While we take all reasonable steps to protect your data, no electronic method is completely secure.

7. Data Retention

We store your data only as long as necessary for:

  • Contract performance
  • Legal obligations (tax, insurance, commercial law)
  • Fraud prevention
  • Airwallex / Stripe financial record requirements
  • Dispute resolution

When no longer needed, data is securely deleted or anonymised.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Erase data when legally permitted
  • Restrict certain types of processing
  • Object to processing based on legitimate interests
  • Receive your data in portable format
  • Withdraw consent at any time
  • File a complaint with your local supervisory authority

To exercise your rights, email: info@amberdrive.eu

9. Cookies & Analytics

Our website may use cookies and analytics tools (e.g., Google Analytics, Meta Pixel) for:

  • Website performance
  • Security
  • Traffic measurement
  • Marketing optimisation

Users can manage cookie settings in their browser.

10. Marketing Communications

We only send marketing messages when you provide explicit consent.
You may unsubscribe at any time by email or by using the unsubscribe link provided in communications.

11. Minors

Our services are not intended for individuals under 18 years of age.
We do not knowingly collect data from minors.

12. Sharing Your Information

We may share your data with:

  • Insurance providers
  • Payment processors (e.g., Stripe, Airwallex)
  • IT and hosting providers
  • Vehicle delivery partners
  • Law enforcement or authorities when legally required
  • Fraud prevention partners

All third parties operate under GDPR-compliant agreements.

13. Liability & Rental Responsibilities

Amber Drive GmbH is not liable for:

  • Traffic violations
  • Tolls and fines
  • Damage caused by the renter
  • Misuse of vehicles
  • Insurance excess charges

These remain the responsibility of the renter as defined in the rental agreement.

14. Changes to This Privacy Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes.
The latest version will always be available on our website.

15. Contact Us

For any questions or concerns regarding this Privacy Policy, contact:

Amber Drive GmbH
HRB 797239
Kaiserin-Augusta-Allee 87
D-10589 Berlin, Germany
Email: info@amberdrive.eu
Phone: +43 664 188 9907