Our Privacy Policy

Privacy Policy and General Data Protection Regulation (GDPR)

Last updated: 11 June 2026 This Privacy Policy explains how BYRNECARS S.L., CIF B42547265, with fiscal address at Calle Maestra Consuelo Sanchiz, 19, Benimeli - 03769 Alicante, Spain, and owner of the registered trademark Car Outlet®, collects, uses and protects personal data through the website CarOutlet.es, our contact forms, online services and our physical premises. For the purposes of this policy, BYRNECARS S.L. / Car Outlet is the data controller. We are committed to processing personal data lawfully, fairly and transparently, and only for legitimate business purposes connected with our vehicle sales, reservations, customer service, finance enquiries, trade-ins, after-sales support and website operation. We do not sell personal data. We only share personal data when it is necessary to provide our services, comply with a legal obligation, protect our rights, prevent fraud, or work with trusted service providers under appropriate confidentiality and data protection obligations.

Personal data we may collect

We may collect and process the following categories of personal data:
  • Website and technical data: IP address, approximate location, browser type and version, operating system, device information, pages viewed, visit duration, referring website, campaign source and similar usage statistics.
  • Contact form data: name and surname, telephone number, email address, preferred language, preferred location, message content, IP address and any other information that you choose to send us through a form.
  • Vehicle enquiry, reservation and purchase data: identification details, contact details, vehicle registration number, reservation information, invoice or payment information, finance or trade-in information, documents needed to process a sale or reservation, and communications by email, telephone, WhatsApp, post or in person.
  • Customer service and after-sales data: details required to respond to enquiries, complaints, warranty matters, vehicle documentation, delivery arrangements and related administrative procedures.

Why we process your data

We process personal data for the following purposes:
  • To respond to enquiries sent through the website, by telephone, by email, by WhatsApp or in person.
  • To manage vehicle reservations, purchases, payments, invoices, delivery, registration, ownership transfer and related paperwork.
  • To provide customer service, after-sales support and administrative assistance.
  • To improve the website, understand how visitors use it and maintain its security.
  • To send communications that you have requested or that are directly related to a service, enquiry, reservation or purchase.
  • To comply with accounting, tax, consumer protection, anti-fraud, anti-money-laundering and other legal obligations where applicable.

Legal basis for processing

Depending on the situation, we process your personal data on one or more of the following legal bases: your consent, the need to take steps before entering into a contract, the performance of a contract with you, compliance with legal obligations, and our legitimate interest in operating, securing and improving our business and responding to customer enquiries.

Cookies and similar technologies

Our website uses cookies and similar technologies to make the site work correctly, remember preferences, improve user experience, analyse traffic and measure the performance of marketing campaigns. Some cookies are necessary for the website to function, while others may require your consent. You can manage or withdraw cookie consent through the cookie settings available on the website, and you can also delete or block cookies using your browser settings. Blocking some cookies may affect the correct operation of the website, including forms, favourites, language preferences or other interactive features. Where analytics or advertising services are used, the relevant providers may process limited technical information according to their own privacy terms and the consent choices made by the user.

Who may receive your data

We may share personal data with employees, authorised collaborators, professional advisers, IT and website providers, hosting providers, payment providers, finance providers, transport companies, administrative agencies, insurers, public authorities or other third parties when this is necessary for the purposes described in this policy. We may also disclose personal data where required by law, in connection with legal proceedings, to establish, exercise or defend legal claims, to prevent fraud or reduce credit risk, or in connection with a business transfer, merger or sale of assets.

International data transfers

As a general rule, we try to use providers located in the European Economic Area. If personal data is transferred outside the European Economic Area, we will take appropriate measures to protect it, such as using providers covered by an adequacy decision, standard contractual clauses or other safeguards recognised by applicable data protection law.

Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures may include access controls, passwords, firewalls, secure servers, encrypted connections, SSL/TLS technology and internal procedures limiting access to authorised personnel only. No internet transmission or electronic storage system can be guaranteed to be completely secure. If a personal data breach occurs and notification is legally required, we will notify the competent authority and/or affected users as required by applicable law.

Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including the time needed to respond to enquiries, manage reservations or purchases, provide after-sales support, comply with legal, tax and accounting obligations, resolve disputes and enforce our agreements. When the data is no longer required, it will be securely deleted, anonymised or blocked where required by law.

Your data protection rights

You have the right to request access to your personal data, rectification of inaccurate data, erasure, restriction of processing, objection to processing, data portability where applicable, and withdrawal of consent where processing is based on consent. You also have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD) if you believe your data protection rights have not been respected. To exercise your rights, please contact us using the details below. We may ask for reasonable information to verify your identity before processing the request.

Third-party websites

Our website may contain links to third-party websites. We are not responsible for the privacy policies, content or practices of those third-party websites. We recommend that you review their privacy information before providing personal data to them.

Changes to this policy

We may update this Privacy Policy from time to time by publishing a new version on this page. The updated version will apply from the date of publication unless stated otherwise.

How to contact us

  • By post: BYRNECARS S.L., Calle Maestra Consuelo Sanchiz, 19, Benimeli - 03769 Alicante, Spain.
  • Online: please contact us through our website contact form: https://caroutlet.es/es/ubicaciones/
  • In person: by prior appointment at our premises. Please call one of the telephone numbers shown in the footer of the website and indicate that your request relates to personal data.