GDPR Compliance Policy



Fuerte d.o.o.("we," "us," or "our") is committed to ensuring the protection of personal data in accordance with the General Data Protection Regulation (GDPR) of the European Union. This policy outlines our commitment to GDPR compliance and how we handle personal data.

GDPR Compliance Policy for Fuerte d.o.o. (Avax rent a car)

Last Updated: 01.01.2024.

1. Data Protection Principles

We adhere to the following GDPR principles when processing personal data:

  • Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently.

  • Purpose Limitation: We collect and process personal data for specified, explicit, and legitimate purposes.

  • Data Minimization: We only collect and process data that is necessary for the intended purpose.

  • Accuracy: We take reasonable steps to ensure the accuracy of personal data.

  • Storage Limitation: We retain personal data for no longer than necessary for the intended purpose.

  • Integrity and Confidentiality: We implement appropriate measures to ensure the security and confidentiality of personal data.

2. Data Collection and Processing

We collect and process personal data for the following purposes:

  • Providing and managing car rental services.

  • Processing reservations and fulfilling contractual obligations.

  • Responding to customer inquiries and providing customer support.

  • Marketing communications (with the option to opt-out).

3. Data Subject Rights

We respect the rights of data subjects under the GDPR, including:

  • The right to access personal data.

  • The right to rectify inaccurate or incomplete data.

  • The right to erasure of personal data.

  • The right to restrict processing.

  • The right to data portability.

  • The right to object to processing.

4. Legal Basis for Processing

We process personal data based on one or more of the legal bases outlined in the GDPR, including the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, the performance of a task carried out in the public interest or in the exercise of official authority, and legitimate interests pursued by the data controller or a third party.

5. Data Security

We implement appropriate technical and organizational measures to ensure the security of personal data. This includes measures to protect against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

6. Data Breach Response

In the event of a data breach, we have procedures in place to identify, assess, and report the breach to the relevant supervisory authority and, where required, to the affected data subjects.

7. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee GDPR compliance. The DPO can be contacted at

8. Updates to this Policy

This GDPR Compliance Policy may be updated periodically to reflect changes in our data processing activities or changes in applicable data protection laws. Any updates will be published on our website.

9. Contact Information

For any inquiries or concerns related to data protection or GDPR compliance, please contact us at


We are using cookies to provide statistics that help us give you the best experience of our site. You can find out more or switch them off if you prefer. However, by continuing to use the site without changing settings, you are agreeing to our use of cookies. Read more »