1-631-272-1551 24/7 Support Helpline

Call
Now
1-631-272-1551 1-631-272-1551 24/7 Support Helpline

GDPR NOTICE - Effective Date: May 12, 2025

This GDPR privacy notice (“Notice”)—is part of Faretrolley’s Privacy Policy and applies specifically to the processing of ‘personal data,’ as defined in the General Data Protection Regulation (“GDPR”), of individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) by Faretrolley LLC (referred to herein as “EEA Individuals,” “you,” or “your”). Any capitalized terms not defined in this Notice shall have the meanings ascribed to them in the Privacy Policy or, if not defined there, the GDPR. In case of any conflict between this Notice and other sections of our Privacy Policy, this Notice will govern for EEA Individuals and their personal data. If you are located outside of the EEA or UK, please refer to our general Privacy Policy.

Controller Details

Faretrolley is the controller of personal data collected from EEA Individuals via its websites, mobile applications, customer service centers, and other related travel services (collectively, the “Services”).

Data Storage

Faretrolley stores EEA Individuals’ personal data on servers located in the United States.

Data Transfers

Faretrolley is self-certified under:

• The EU-U.S. Data Privacy Framework (EU-U.S. DPF),

• The UK Extension to the EU-U.S. DPF, and

• The Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

If these frameworks become invalid for any reason, Faretrolley will rely on the European Commission’s Standard Contractual Clauses (SCCs) to safeguard international transfers of personal data to the United States.

Transfers to non-EEA/UK travel suppliers (e.g., airlines, hotels) for the purpose of booking and fulfilling your services may be based on derogations under GDPR Article 49(1)(b) and/or 49(1)(c), as necessary for the performance of a contract or at your request.

Retention

We retain your personal data for as long as necessary, based on:

• Your transaction frequency, account activity, and loyalty rewards usage;

• The need to analyze historical travel trends to improve offerings;

• Your marketing subscription status and engagement;

• Requirements for fraud detection, security, and legal compliance;

• The resolution of disputes and customer support activities;

• Legal retention mandates and statutes of limitations;

• Potential legal claims or regulatory obligations.

Information Security

Faretrolley implements strong technical and organizational security measures, including compliance with PCI-DSS and alignment with ISO 27001 standards. Sensitive data, such as your credit card information, is encrypted using SSL.

We collect diagnostic information such as IP addresses, browser types, access times, and referrer URLs to monitor the security and integrity of our platforms.

Government Access Requests

We may be required to disclose your personal data to law enforcement, regulatory, or government agencies in accordance with applicable law.

Corporate Restructuring

If Faretrolley is involved in a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity, subject to existing privacy safeguards.

Your GDPR Rights

As an EEA Individual, you have the right to:

1. Access, correct, or delete your personal data;

2. Restrict or object to its processing;

3. Request data portability;

4. Withdraw your consent, where processing is based on consent.

To exercise your rights, please email: support@faretrolley.com. with the subject line “GDPR Notice.”

Objections to Legitimate Interest / Direct Marketing

You may object to the processing of your data where it is based on Faretrolley’s legitimate interests. Unless we have compelling legal grounds, we will cease processing your data.

You can also object to receiving direct marketing at any time—either via the unsubscribe link in emails or by emailing support@faretrolley.com.

Please note that service-related communications (e.g., booking confirmations) are not subject to opt-out.

Right to Lodge a Complaint

You may lodge a complaint with your local data protection authority in the EEA or UK. You can find contact information here:

https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

You may also assert your rights under any Standard Contractual Clauses entered into by Faretrolley.

Minors

Faretrolley’s Services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors.

Updates to This Notice

If we make changes to how we process your personal data, we will update this Notice accordingly. The “Effective Date” will reflect the most recent changes.

Data Privacy Framework

Faretrolley complies with the Data Privacy Framework (DPF) as outlined by the U.S. Department of Commerce and has certified to the following:

• EU-U.S. DPF Principles (for EU personal data),

• UK Extension to the EU-U.S. DPF (for UK personal data),

• Swiss-U.S. DPF Principles (for Swiss personal data).

In the event of a conflict, the DPF Principles will prevail.

To learn more or view our certification, visit:

https://www.dataprivacyframework.gov/

Faretrolley is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

DPF Complaints

If you have a DPF-related complaint that we cannot resolve, we will cooperate with the BBB National Programs Data Privacy Framework Services.Submit complaints at:

https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers

If necessary, you may invoke binding arbitration for certain unresolved complaints.

Onward Transfers to Third Parties

We may transfer your personal data to third-party service providers (e.g., for hosting, analytics, marketing) acting on our behalf. These parties must maintain the same level of protection as required under the DPF and notify us of any non-compliance.

We may also share data with our affiliates to support our operations and services.

Opt-In/Opt-Out for Onward Transfers

You may opt-out of having your personal data shared with third parties not acting as our agents by emailing support@faretrolley.com. Sensitive personal data will not be shared without your explicit consent.

Your DPF Rights

You have the right to access, correct, or delete your personal data subject to the DPF. Please email support@faretrolley.com to make a request. We will respond within a reasonable timeframe.

Retention under DPF

We retain personal data covered by the DPF for only as long as needed to fulfill the purpose for which it was collected or as required by law. Afterward, we may anonymize or securely delete it.

Security of Your Data

Faretrolley employs appropriate safeguards to protect personal data from unauthorized access, alteration, or destruction.

Contact Us

If you have any questions or wish to exercise your GDPR rights, please contact us:

Email: support@faretrolley.com (Subject: “GDPR Notice”)

Or write to us at:

FARETROLLEY

4478 RT 27 SUITE 201 E KINGSTON, NEW JERSEY POSTAL CODE-08528

Note: Do not include sensitive information like credit card details in emails.