We would like to inform you about the types of data processed by SIXT when providing the SIXT+ service and about the purposes of such data processing. We would also like to inform you about important legal aspects of data protection, such as your rights.
The party responsible for processing your data (controller) is TRANSPORENT SIA, Reg. No. 40003722171, Address: : Malduguņu street 2, Mārupe,., LV-2167(hereinafter also referred to as SIXT).
If you have any questions regarding data protection, please address your query to the following email address: gdpr@sixt.lv
Article 6(1)(a) first sentence of the General Data Protection Regulation (GDPR): The processing of your personal data is lawful under this provision if and to the extent that you have consented to such processing
Article 6(1)(b) first sentence of the General Data Protection Regulation (GDPR): The processing of your personal data is lawful under this provision if such processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering a contract (e.g. when booking a vehicle).
Article 6(1)(c) first sentence of the General Data Protection Regulation (GDPR): The processing of your personal data is lawful under this provision if such processing is necessary for compliance with a legal obligation to which SIXT is subject.
Article 6(1)(f) first sentence of the General Data Protection Regulation (GDPR): Processing is lawful only where the processing is necessary for the purposes of the legitimate interests pursued by the controller, i.e. SIXT, or by third parties, unless the fundamental rights and freedoms of the data subject override such interests.
Article 9(2)(f) of the GDPR: Certain special categories of personal data may be processed in accordance with this provision where the processing is necessary, for example, for the establishment, exercise or defense of legal claims. These special categories of personal data include data concerning the health of data subjects.
We process your master data, communication data, contract data, financial data and any data you have provided voluntarily to fulfill your reservations and to facilitate the conclusion and implementation of the SIXT+ service contract. We also use the master data, communication data and contract data for customer service purposes, e.g. to process any complaints or changes to the service provision that you have contacted us about.
We are legally obliged to compare your master and contact data with official lists of offenders held by us for the purpose of preventing and investigating criminal offences. Such comparison also helps to prevent threats and facilitate prosecution by public authorities. In addition, we use your data for your and our security, e.g. to avoid payment defaults and to prevent property rights violations (in particular fraud, theft, embezzlement).
When providing the SIXT+ service, we use technology that checks the authenticity of ID documents (in particular driving licenses) and records the data electronically rather than manually.
Once both parties have fulfilled their obligations under the SIXT+ service agreement, your master data, financial data and contract data will be stored until the end of the statutory retention period.
Article 6(1)(b) first sentence of the GDPR for the processing of data to the extent that it is necessary to implement reservations, conclude and perform contracts and for the purposes of the customer relationship.
Article 6(1)(f) first sentence of the GDPR for the processing of data to the extent that it is necessary to settle accounts with third parties, to defend claims, to mitigate risks and to prevent fraud.
Article 6(1)(c) first sentence of the GDPR for the processing of data to the extent that it is necessary for the detection, prevention and investigation of criminal offences, to check and store driving license data and to comply with commercial and tax law retention periods.
Legitimate interests insofar as Article 6(1)(f) GDPR applies to the type of processing in question
Our legitimate interests in using your personal data to improve our services and customer service are based on our desire to offer the best possible service and sustainably improve customer satisfaction. Insofar as the processing of data is necessary to carry out analyses to prevent losses to our company and our vehicles, our legitimate interests are to ensure the security of payments and to prevent adverse economic conditions such as those resulting from non-payment or the loss of our vehicle.
For the purposes described above, we disclose your data to the following recipients: IT service providers, call centers, data collection companies, financial service providers, credit agencies, SIXT group companies.
As part of our fraud prevention measures, we also transfer personal data to third parties who have been victims of fraud or are at risk, in situations where third parties have been victims or may be at risk.
If you discover damage to our vehicles, if you or another person causes/causes such damage, or if you or another person is involved in an accident with one of our vehicles, we will process your basic data, contact data, contract data, and, if applicable, health data for the following purposes: receiving and handling complaints:
This includes processing the above-mentioned data categories for the purpose of settling claims, for example in relation to insurance companies. When dealing with losses and accidents, we also process your basic data, contact data and contract data in order to provide loss compensation services. We also process your basic data, contact data and contract data in order to comply with legal obligations (for example, by providing information to investigative authorities). If the competent authorities suspect that an administrative or criminal offence has been committed with one of our vehicles, we will process not only the basic data we have stored about you, but also the data that the competent authorities have transferred to us. We also process your basic data, contact data, contract data and, if necessary, health data in order to support and defend any claims that may arise against you, such as claims arising from non-payment or damage to our vehicles.
The first sentence of Article 6(1)(b) of the GDPR applies to the processing of data for the purpose of handling complaints, providing customer service in the event of damage and handling claims arising from accidents.
The first sentence of Article 6(1)(c) of the GDPR applies to the processing of data for the purpose of handling claims arising from accidents.
The first sentence of Article 6(1)(f) of the GDPR applies to the processing of data for the purpose of satisfying claims, defending possible claims against you and handling claims relating to administrative offences.
Article 9(2)(f) of the GDPR applies to the processing of health data for the purpose of establishing, exercising or defending legal claims. Legal interests insofar as the first sentence of Article 6(1)(f) of the GDPR applies to the type of processing concerned.
Our legitimate interests in using your personal data to investigate and defend any claims we may have against you are based on our desire to prevent losses to our company and to ensure that we can serve our customers with undamaged vehicles. In addition, we are obliged to process your data in accordance with our contractual relationships with third parties (e.g. insurance companies) for the purpose of settling claims.
Our legitimate interests in this regard are to ensure our contractual reliability.
For the purposes mentioned above, we disclose your personal data to the following recipients: public authorities (investigative authorities, administrative authorities, police authorities), collective management companies, experts, assistance service providers, lawyers and insurance companies.
SIXT vehicles may have so-called “connected vehicle” functions that allow the processing of location data as well as information about the status of the vehicle, such as vehicle locking, vehicle speed, sensor status and activation of safety systems (e.g. airbags). This data is processed solely for the purpose of preventing infringements of property rights, to detect, inspect and investigate vehicle damage and accidents, and to record vehicle routes, in accordance with applicable law.
Article 6(1)(f) first sentence of the General Data Protection Regulation (GDPR). Legitimate interests insofar as Article 6(1)(f) first sentence of the GDPR applies to the type of processing in question
Our legitimate interests in using your personal data to prevent infringements of property rights and to detect, inspect and investigate vehicle damage and accidents are to protect our fleet of vehicles and our contractual and non-contractual rights.
For certain countries and vehicle categories, we work with geolocation service providers to prevent property rights violations.
We process your master data, contact data and contract data to fulfil legal obligations to which SIXT is subject. These require us to process the data, for example to comply with obligations regarding disclosure of information to authorities and to comply with processing requirements set out in commercial and tax law (e.g. retention period for accounting documents and accounting records).
Article 6(1)(c), first sentence, of the General Data Protection Regulation (GDPR)
Authorities may require us to disclose your data for the above purposes.
Our website uses cookies. Cookies are small text files that are copied from a web server to your hard drive. Cookies contain information that can later be read by a web server within the domain in which you were assigned the cookie. Cookies cannot execute any programs or infect your computer with viruses. The cookies we use do not contain personal data and are not linked to such data.
More detailed information about cookies and how to deactivate them can be found in the cookie policy of the respective website (accessible via the link in the banner of the respective cookie and under the menu item "Privacy Policy")
The legal basis for such data processing is set out in Article 6(1)(b) sentence 1 (pre-processing) and in Article 6(1)(f) GDPR, insofar as personal data are processed. Legitimate interests insofar as Article 6(1)(f) GDPR applies to the type of processing in question Our legitimate interests in processing your personal data through our website are based on our desire to optimize our online offering and thus offer our customers the best possible service and sustainably increase customer satisfaction.
We do not intend to transfer or receive data from third countries when providing the SIXT+ service.
However, data processing may be carried out if you have violated the conditions set out in the SIXT+ service contract, which prohibits you from entering a country outside the European Union with your vehicle. If these conditions are violated and, in the event of a violation, violations of the law have been committed in the relevant country, then the data will be transferred to and from the relevant country to the extent necessary to protect the legitimate interests of SIXT.
SIXT stores your personal data until it is no longer necessary in relation to the purposes for which it was collected or otherwise processed (see → Purposes of SIXT data processing).
We will ensure that we delete your data within 30 days of receiving your request for the purchase of the SIXT+ service if your application is rejected. If SIXT is legally obliged to store personal data, it will store the personal data for the duration of the statutory retention period. The retention period for commercial documents, which includes accounting documents and accounting records (including invoices), is 10 years. During this period, your data may be of limited use in day-to-day operations if there are no purposes for processing them.
You have the right to obtain information about the personal data stored at reasonable intervals (Article 15 of the GDPR). The information you have at your disposal includes information about whether SIXT stores personal data about you, the categories of personal data concerned and the purposes of the processing. Upon request, SIXT will provide you with a copy of the personal data processed. You also have the right to request from SIXT the rectification of incorrect personal data concerning you (Article 16 of the GDPR). In addition, you have the right to request from SIXT the erasure of your personal data (Article 17 of the GDPR). We are obliged to erase personal data in certain circumstances, including where the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, where you withdraw the consent on which the processing is based and where the personal data have been unlawfully processed.
Under certain circumstances, you have the right to restrict the processing of your personal data (Article 18 GDPR). These include circumstances where you contest the accuracy of your personal data and we subsequently need to verify such accuracy. In such cases, we must refrain from further processing of your personal data, other than storage, until the issue has been clarified.
You are not contractually or legally bound to provide us with your personal data. However, please note that you cannot enter into a full-service vehicle rental agreement with us or use other services we provide unless we are allowed to collect and process the data as necessary for the above purposes (see → Purposes of data processing SIXT)
If SIXT's processing of data is necessary for the performance of a task carried out in the public interest or in the exercise of a public authority vested in the controller (Article 6(1)(e) GDPR), or if it is necessary for the legitimate interests pursued by SIXT, you have the right to object at any time, on grounds relating to your particular situation, to the processing. SIXT will then cease the processing unless we can demonstrate compelling legitimate grounds for the processing which override the grounds for the cessation of the processing. You may object at any time and without restriction to the processing of your personal data for direct marketing purposes.
If the processing of data by SIXT is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of the processing in the period between the time when consent was obtained and the time when it was withdrawn.
You have the right to lodge complaints with supervisory authorities in accordance with Article 77 of the GDPR.
Cookies are small text files that are sent to your computer's memory when you visit a website. On each subsequent visit, the cookie is sent back to the originating website or to another website that recognizes the cookie. Cookies act as a memory for a particular website, allowing the website to remember your computer on subsequent visits, including remembering your preferences or improving your user experience.
You can find more information about cookies, including what cookies are set on your computer and how to manage or delete them, at www.aboutcookies.org.
By using this website, you agree that cookies are placed and used on this website, the existence of which is necessary for the overall functional operation of the website.
On this website, you can additionally enable cookies that are related to the collection of statistical and marketing data. By default, the relevant cookies are disabled.
You can receive precise information about each of the cookies on this website by opening the functional section – “Cookie settings” of the website. Within the relevant section, you can also provide us with or withdraw your consent to the use of certain categories of cookies at any time when you use our website.
We would like to point out that when withdrawing consent to the use of certain categories of cookies, the relevant withdrawal will be effective only from the moment it is made, while previously obtained data will be stored in accordance with the data retention conditions of the specific cookie, which are mentioned in the description of the specific cookie.
This privacy policy was last updated on April 28, 2025.