Privacy policy


The Privacy Policy describes the principles of collecting and using user data of services provided by CarFree Sp. z o.o., which are collected directly from them or through cookies and similar technologies.

Data Controller and Contact Information

The controller of your personal data and of the persons authorized to drive the vehicle is CarFree Sp. z o.o., headquartered in Warsaw, ul. Cybernetyki 5, entered in the Register of Entrepreneurs of the National Court Register under KRS no.: 0000556022, NIP no.: 5213695626, REGON no.: 36138861600000.

To contact the Data Protection Officer, please send correspondence to the e-mail address: iod@carfree.pl or in writing to the Administrator's registered office address, regarding any matter related to the processing of personal data.

Use of Cookies and Similar Technologies

The Service does not automatically collect any information, except for information contained in cookies.

Cookies are IT data, in particular text files, that are stored on the User’s device and intended for use on the Service’s websites.

Cookies usually contain the name of the website they come from, their storage time on the User’s device, and a unique number.

The entity placing cookies on the User’s device and accessing them is CarFree Sp. z o.o., ul. Cybernetyki 5, 02-677 Warsaw.

Cookies are used to:

  • adapt website content to the User’s preferences,

  • create statistics that help improve the Service,

  • maintain the User’s session after logging in.

Types of cookies used:

  • “session” – stored until logout or browser closure,

  • “persistent” – stored for the period specified in their parameters or until deleted.

Categories of cookies:

  • necessary – e.g., for authentication,

  • security – e.g., for detecting misuse,

  • performance – collecting data on how the Service is used,

  • functional – remembering settings, language, font,

  • advertising – tailoring ads to interests.

The User may change cookie settings in their browser at any time.

Limitations on cookies may affect Service functionality. Cookies may also be used by CarFree’s advertisers and partners.

Source of Data

  • If you contacted the Controller, the data comes directly from you.

  • If data was provided by another person (e.g., an attorney), the source of the data is that person. In such a case, the Controller receives identification, address, and case description data.

Purpose and Legal Basis for Processing Personal Data

Collecting and processing your personal data is necessary for:

  • preparing and executing a contract with you (Art. 6(1)(b)(c) GDPR),

  • performing the concluded contract (Art. 6(1)(b)(c) GDPR),

  • cooperation with our partners (Art. 6(1)(f) GDPR),

  • enabling payment card processing (Art. 6(1)(b) GDPR),

  • enabling communication between you and CarFree Sp. z o.o., in particular regarding inquiries, requests, and complaints (Art. 6(1)(f) GDPR).

Based on Art. 6(1)(f) GDPR, your data may also be processed for:

  • fulfilling legal obligations (e.g., storage of contracts, invoices, accounting books),

  • preventing crimes and misuse of services,

  • pursuing and defending claims (e.g., debt collection),

  • complying with court, police, and state authority orders,

  • business contacts,

  • conducting analyses, statistics, and archiving,

  • sending offers and commercial information (marketing).

Important:

  • Providing data is voluntary, but necessary to conclude a contract.

  • Failure to provide data may prevent service provision.

Right to Withdraw Consent

You may withdraw your consent to the processing of contact data at any time by contacting the Controller. Withdrawal does not affect the lawfulness of processing before withdrawal.

Obligation or Voluntary Provision of Data

  • Providing data in connection with a contract is voluntary, but required.

  • Providing data for analytical/statistical purposes (e.g., cookies) is voluntary – you may use incognito mode without affecting website functionality.

GDPR Rights

You have the right to:

  • access your data (Art. 15 GDPR),

  • rectify data (Art. 16 GDPR),

  • erase data (Art. 17 GDPR – “right to be forgotten”),

  • restrict processing (Art. 18 GDPR),

  • object to processing (Art. 21 GDPR),

  • lodge a complaint with the President of the Personal Data Protection Office (UODO).

Scope of Collected Data

When booking a car, we ask for:

  • full name,

  • phone number,

  • email address.

If card payment is chosen:

  • type of credit card,

  • card number,

  • card expiration date.

For reservation confirmation, we also require:

  • full name,

  • PESEL number,

  • registered address,

  • ID document number,

  • driver’s license number (field no. 5 on the document).

These data are stored in our customer database to facilitate future reservations.

Vehicle Location Data

We also collect:

  • location data of the rented vehicle,

  • travel route.

Recipients of Personal Data

Recipients of your data may include:

  • CarFree employees and associates,

  • partners, service providers, IT suppliers,

  • state authorities authorized by law (e.g., Police).

Data are shared only to the extent necessary to provide the service.

Consent to Data Processing

Signing a rental agreement with CarFree Sp. z o.o. means that the renter and the authorized driver consent to data processing for:

  • providing electronic services,

  • performing the car rental,

  • marketing purposes.

Data Retention Period

Personal data will be stored:

  • until withdrawal of consent or completion of the contract,

  • and thereafter for the limitation period of claims.

Cookie and traffic analysis data may be stored:

  • until the cookie expires,

  • some cookies may have no expiration date – such data will be stored as long as needed for security and historical traffic analysis.

Data Transfer to a Third Country or International Organization

The Controller may transfer user data to providers located in a third country (e.g., the USA) in connection with the use of tools for:

  • statistics,

  • reporting,

  • advertising.

Data may be stored on servers outside the European Economic Area (EEA).

Transfers are made only on the basis of:

  • standard contractual clauses (SCC) approved by the European Commission,

  • additional safeguards consistent with recommendations of the European Data Protection Board (EDPB).

Providers do not use data to identify users or combine them with other information.

Review Reminders – Cooperation with Rating Captain

To improve service quality and customer satisfaction research, we cooperate with Rating Captain.

Based on legitimate interest (Art. 6(1)(f) GDPR), we may send you:

  • a request to leave a review,

  • an invitation to complete a service evaluation survey.

Rating Captain may process data on:

  • your activity on the Service (e.g., clicks, visited subpages, visit time),

  • your device and browser (including IP location).

We have concluded a data processing agreement with Rating Captain. Data are not profiled.

You may object at any time by contacting us (see: “Data Controller and Contact Information”).

Logo
  • Instagram
  • Facebook
CarFree Sp. z o.o.

NIP: 521 369 56 26

REGON: 361388616

Hotline 24/7
Carfree
Offer
Booking handling
Marketing department
Customer service
Accountancy department
Mid-term rental (from 30 days)

CarFree 2025 © All rights reserved

European Union
Privacy settings

We respect your privacy and take care of protecting your personal data. We use cookies to ensure the proper functioning of the website. We may also use our own cookies and the cookies of our partners for analytical and marketing purposes, in particular to tailor advertising content to your preferences. The use of analytical, marketing and functional cookies requires your consent. By clicking 'Accept all of the above', you consent to their use. If you would like to customize your consents for us and our partners, click 'Change your preferences'. Remember that you have the right to withdraw your consent at any time by changing cookie settings in your web browser or website settings

The processing of your personal data related to the use of cookies for the above-mentioned purposes is carried out by CarFree sp. z o.o. based in Warsaw (02-677), ul. Cybernetyki 5, which is the data controller. In some cases, our partners may also be data controllers. Detailed information on the use of cookies by us and our partners and the processing of your personal data, including your rights, is included in our Privacy Policy.

Read the privacy policy.

EN


Cookie files settings

We respect your privacy and take care of protecting your personal data. We use cookies to ensure the proper functioning of the website. We may also use our own cookies and the cookies of our partners for analytical and marketing purposes, in particular to tailor advertising content to your preferences. The use of analytical, marketing and functional cookies requires your consent. By clicking 'Accept all', you agree to their use. If you do not consent to our use of non-essential cookies, please click 'Reject all'. If you would like to customize your consents for us and our partners, click 'Manage cookies'. Remember that you have the right to withdraw your consent at any time by changing cookie settings in your web browser or website settings

The processing of your personal data related to the use of cookies for the above-mentioned purposes is carried out by CarFree sp. z o.o. based in Warsaw (02-677), ul. Cybernetyki 5, which is the data controller. In some cases, our partners may also be data controllers. Detailed information on the use of cookies by us and our partners and the processing of your personal data, including your rights, is included in our Privacy Policy.


 
(+48) 794 500 550
begin chat