NYN Rentals
HomeCarsDealsHow It WorksManage BookingBlog

Popular Searches

Rent a Car in HonoluluSUV Rental HawaiiJeep Rental HawaiiConvertible RentalEconomy Car RentalLuxury Car RentalSedan Rental HonoluluMinivan Rental HawaiiTruck Rental HonoluluCar Rental DealsPickup LocationsHow It WorksFAQContact UsTravel Blog日本語ページ Alohilani Resort Waikiki Beach Outrigger Waikiki Beach Resort711 Ke'eaumoku Street Honolulu, HI 96814 (Main Office)Aston Waikiki Circle HotelClub Wyndham Royal Garden at WaikikiDaniel K. Inouye International AirportHilton Hawaiian VillageHyatt Regency Waikiki Beach Resort and SpaIlikai Hotel & Luxury SuitesLuana Waikiki Hotel & SuitesMoana Surfrider, A Westin Resort & SpaPrince WaikikiRamada Plaza by Wyndham WaikikiRenaissance Honolulu Hotel & SpaSheraton Princess Kaiulani Waikiki The Imperial Hawaii ResortThe Laylow WaikikiThe Ritz-Carlton Residences, Waikiki BeachWaikiki Beach Marriott Resort & SpaWayfinder Waikiki
NYN Rentals

Honolulu Car Rental Service in Hawaii

711 Ke'eaumoku Street Honolulu, HI 96814

+1 (808) 909-1272

info@nynrentals.com

Company

  • About Us
  • How It Works
  • Locations
  • Alohilani Resort Waikiki Beach
  • Outrigger Waikiki Beach Resort
  • 711 Ke'eaumoku Street Honolulu, HI 96814 (Main Office)
  • Aston Waikiki Circle Hotel
  • Club Wyndham Royal Garden at Waikiki
  • Daniel K. Inouye International Airport
  • Hilton Hawaiian Village
  • Hyatt Regency Waikiki Beach Resort and Spa
  • Ilikai Hotel & Luxury Suites
  • Luana Waikiki Hotel & Suites
  • Moana Surfrider, A Westin Resort & Spa
  • Prince Waikiki
  • Ramada Plaza by Wyndham Waikiki
  • Renaissance Honolulu Hotel & Spa
  • Sheraton Princess Kaiulani Waikiki
  • The Imperial Hawaii Resort
  • The Laylow Waikiki
  • The Ritz-Carlton Residences, Waikiki Beach
  • Waikiki Beach Marriott Resort & Spa
  • Wayfinder Waikiki
  • Blog

Support

  • FAQ
  • Contact Us
  • 日本語

Legal

  • Privacy Policy
  • Terms of Service

© 2026 NYN Rentals. All rights reserved.

Privacy PolicyTerms of Service

Privacy Policy

NYN Rentals (Noyan Trade LLC)

Last updated: May 23, 2026 • Version 2026-05-23

This Privacy Policy describes how Noyan Trade LLC ("we", "our", or "us"), operating the website at nynrentals.com, collects, uses, shares, and protects information about you when you use our car rental services, this website, and any related applications (collectively, the "Services").

1. Affiliated Fleet Partnership

NYN Rentals operates as part of an affiliated fleet partnership with Alp Hawaii LLC, which operates the website at alphawaii.com ("the Affiliated Partner"). The two companies are separate legal entities but share a common technology platform and a common pool of rental vehicles to give customers wider availability across the Hawaiian Islands.

As a result of this partnership, certain information about you, your bookings, and your verification status is stored in a shared back-end database operated by our infrastructure provider Supabase (see Section 5). Each company is responsible, under this Policy and its own equivalent policy, for the information it collects through its own website and customer-facing channels.

2. Shared Database and Categories of Data We Store

Our shared back-end stores the following categories of information related to your interaction with either NYN Rentals or the Affiliated Partner:

  • Account data: name, email, phone number, password hash, account preferences, and language.
  • Booking and reservation data: pickup/return dates, locations, vehicle selected, pricing, add-ons, trip status, and any modifications.
  • Identity verification (KYC) data: the verification status returned by Stripe Identity, document metadata extracted via OCR (name, date of birth, address, document number, issuing country, issued and expiration dates), and references to the underlying images stored at Stripe. Raw document images and selfies are stored by Stripe, not by us (see Section 4).
  • Insurance documentation: proof-of-insurance documents you upload, or — when you purchase optional coverage through us — the policy reference issued by our third-party insurance partner (see Section 5), the historical snapshot of the coverage terms you agreed to, and the record of your point-of-sale acknowledgment (timestamp, disclosure version).
  • Payment metadata: last four digits of the card, card brand, billing ZIP, Stripe customer and payment-method identifiers, charge amounts, refunds, and deposit-hold status. Full card numbers and CVV codes are stored only by Stripe; we do not see or store them.
  • Vehicle-usage data: pickup and return timestamps, condition reports, photographs taken at handover, and any incident records.
  • Device and analytics data: IP address (truncated for analytics use), browser and operating-system identifiers, referrer URL, page-view events, click events, and cookies (see Section 9). Analytics are not collected until you grant consent through our cookie banner.
  • Communications logs: SMS and email content related to your reservation, customer-support correspondence, and consent timestamps.

3. Cross-Site Data Flow with the Affiliated Partner

When a vehicle you select on NYN Rentals is actually operated by the Affiliated Partner, we will tell you so on the vehicle listing and ask you to confirm before continuing your booking on Alp Hawaii's website. If you choose to continue, we transfer a limited set of session information to the Affiliated Partner so that you do not have to re-enter dates and details.

Because cookies cannot cross between separate domains, the transfer is implemented as a short-lived, single-use opaque token (typically expiring within 90 seconds). The token itself contains no personal data. Server-side, the token references a record in our shared database holding only the booking context you were assembling — selected vehicle, pickup and return dates, pickup and return locations, and any partial guest details you had entered. Once the token has been consumed by the receiving site, or after it expires, it cannot be used again.

This transfer is the only mechanism by which information you entered on NYN Rentals is automatically made visible to the Affiliated Partner's customer-facing surface. We do not share your account credentials, payment credentials, or KYC documents through this handoff.

The legal basis for this transfer is your explicit consent, which you give by clicking the "Continue to Alp Hawaii" button on the referral confirmation dialog. If you decline, no token is created and no booking context is shared.

4. Identity Verification (Stripe Identity)

To comply with rental requirements and prevent fraud, we use Stripe Identity to verify your identity. During this process, the following data may be collected and processed:

  • Government-issued identification documents — such as your driver's license, passport, or national ID card, including photographs of the front and/or back.
  • Document data extracted via OCR — full name, date of birth, address, document number, issuing country, issued date, and expiration date.
  • Selfie photograph — used for facial comparison against your identity document.
  • Biometric data — facial geometry derived from your selfie and document photo for identity matching. Biometric data is processed by Stripe and is not stored by NYN Rentals or the Affiliated Partner.

Important: Document images and selfie photographs are stored and processed by Stripe, not in our database. Our authorized administrators may temporarily view these images for verification review purposes, but images are never cached, downloaded, or stored on our servers. We store only the verification status, extracted text data (name, date of birth, address), and Stripe reference identifiers.

5. Third Parties Who Process Your Data

We work with the following service providers ("sub-processors") to deliver the Services. Each is bound by contractual confidentiality and data-protection obligations.

  • Supabase, Inc. — managed PostgreSQL database hosting our shared back-end. Data is stored in the United States.
  • Stripe, Inc. — payment processing, security deposit holds, and Stripe Identity verification (including biometric processing). See Stripe's Privacy Policy.
  • Twilio Inc. — delivery of transactional SMS messages related to your booking and account (confirmations, reminders, verification codes, payment requests, additional charge notices). See Section 7 below.
  • Resend / Gmail — delivery of transactional emails related to your booking and account.
  • DocuSign — electronic signature of the rental agreement, when required.
  • Inuity Insurance Company — issues the optional Coverage Product (rental-collision and liability coverage) when you elect to purchase it at checkout or via the trip-management page. Inuity Insurance Company receives only the information needed to issue a policy on the vehicle and dates you booked: your name, email address, booking dates, pickup and return locations, and the rental vehicle. Payment card details are not shared. Inuity Insurance Company sends the policy certificate and any claim communications to you directly by email. Specific provider disclosures (including jurisdiction and licensing information) are presented to you at the point of sale and recorded with your acknowledgment. See inuity.com.
  • Vercel Inc. — application hosting, edge networking, and basic performance telemetry (Vercel Speed Insights). Performance telemetry is essential to operate the site and is not gated by consent.
  • Google LLC — optional analytics and advertising measurement via Google Analytics, Google Tag Manager, and Google Ads conversion tracking. These scripts do not load until you consent through our cookie banner.
  • Ahrefs Pte. Ltd. — optional web analytics. Loads only with analytics consent.
  • Law enforcement and government authorities — when we are required to disclose information by valid legal process or to protect against fraud or imminent harm.

We do not sell your personal information for money. For purposes of the California Consumer Privacy Act (CCPA), the transfer of session context to the Affiliated Partner described in Section 3 may be characterized as "sharing"; you may opt out of that transfer by not clicking "Continue" on the referral dialog.

6. Payment Processing and Security Deposits

All payment transactions are processed by Stripe, Inc., a PCI DSS Level 1 certified payment processor. We do not have access to, or store, your full credit card number, CVV, or other sensitive payment credentials. This data is handled entirely by Stripe.

When you complete a booking, a temporary authorization hold (security deposit) may be placed on your payment method. This hold is not a charge. The hold amount, capture conditions, and release timeline are described in our Terms of Service. Stripe may store your payment method information for the purpose of processing security deposit holds and any subsequent charges related to your rental (such as damage or additional fees).

7. SMS / Text Messaging

When you provide your mobile phone number during booking or account signup, we may send you transactional SMS messages related to your reservation. These are sent through Twilio Inc.

  • Booking confirmations, pickup and return reminders, vehicle status updates, verification codes, and payment-related notices.
  • Message frequency varies with your booking activity. A typical reservation generates between 2 and 8 messages over the course of a rental.
  • Standard message and data rates from your mobile carrier may apply. NYN Rentals does not charge you for SMS.
  • You may opt out of SMS at any time by contacting info@nynrentals.com or +1 (808) 909-1272. Opting out does not cancel your booking or affect transactional emails.
  • We do not send marketing SMS, and we do not share your phone number with third parties for their marketing purposes.

8. Biometric Data

During identity verification, biometric identifiers (facial geometry) may be collected and processed by Stripe, Inc. We provide this disclosure as required by applicable biometric privacy laws:

  • Purpose: verifying that the person presenting the identity document is the same person depicted on it.
  • Processing: biometric data is processed by Stripe; NYN Rentals does not directly collect, store, or have access to raw biometric data.
  • Retention: Stripe retains biometric data in accordance with its data retention policies and applicable law. You may request deletion through Stripe or by contacting us using the details in Section 13.
  • Consent: by initiating identity verification, you consent to the collection and processing of your biometric data for that purpose only.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for three categories of purpose:

  • Necessary cookies (always on): authentication tokens, CSRF protection, the active tenant identifier, and session continuity. Disabling these breaks the booking flow.
  • Analytics cookies (opt-in): Google Analytics, Ahrefs, and our first-party page-view / scroll / click tracking, used to understand how the site is used and to improve it.
  • Marketing cookies (opt-in): Google Ads conversion tracking and Google Tag Manager containers, used to measure advertising performance.

Analytics and marketing tags do not load until you grant consent through our cookie banner. You can change your decision at any time by clicking the "Cookie preferences" link in the footer.

10. Data Retention

We retain information for the following typical windows. Specific records may be retained longer when required by law or by an open dispute, claim, or insurance investigation.

  • Account data: for as long as your account is active, plus 24 months after your last booking, after which the account is anonymized.
  • Booking, payment, and rental-agreement records: 7 years from the rental end date, in line with federal and Hawaii state tax / accounting record-retention requirements.
  • Identity-verification metadata: 7 years from verification, then deleted.
  • Identity document images and selfies: stored and rotated by Stripe under its own retention schedule.
  • Biometric data: retained at Stripe under its biometric retention policy; deleted on request.
  • Vehicle-condition photographs and incident reports: 5 years from the trip end date, or until any related insurance claim is closed (whichever is later).
  • Cross-tenant handoff token records: the token record is deleted automatically 24 hours after creation, regardless of whether it was consumed.
  • Analytics events: 26 months from the event date.
  • SMS and email logs: 24 months from delivery for customer-support purposes, then deleted.

11. Your Rights

Depending on where you live, you may have one or more of the following rights under the California Consumer Privacy Act (CCPA/CPRA), the EU/UK General Data Protection Regulation (GDPR), and similar laws:

  • Right to know / access: request a copy of the personal information we hold about you and confirmation of the categories of sources and recipients.
  • Right to correct: ask us to update inaccurate or incomplete data.
  • Right to delete: ask us to delete your personal information, subject to our legal retention obligations described in Section 10.
  • Right to portability: receive your booking and account data in a structured, machine-readable format.
  • Right to opt out of sale or sharing (CCPA): opt out of the cross-site transfer described in Section 3 and of any advertising cookies categorized as "sharing".
  • Right to object / restrict processing (GDPR): object to processing based on legitimate interests, or ask us to restrict processing during the resolution of a complaint.
  • Right to withdraw consent: withdraw any consent previously given (e.g., for analytics cookies, biometric verification) without affecting the lawfulness of processing done before withdrawal.
  • Non-discrimination: we will not deny service, charge a different price, or provide a lesser-quality service because you exercised any of these rights.

To exercise any of these rights, contact us using the details in Section 13. We respond within 45 days (CCPA) or one month (GDPR), extending once if reasonably necessary. We may need to verify your identity before we can act on a request.

12. Children

Our Services are intended for adults aged 18 or older, and rental eligibility starts at 21 (25 for some vehicle categories — see the Terms of Service). We do not knowingly collect personal information from anyone under the age of 18. If you believe that we hold data about a child, please contact us using the details in Section 13 and we will delete it.

13. Contact Us

For questions about this Privacy Policy, to exercise any of the rights described in Section 11, or to report a privacy concern, contact Noyan Trade LLC:

  • Email: info@nynrentals.com
  • Phone: +1 (808) 909-1272
  • Mailing address: 711 Ke'eaumoku Street Honolulu, HI 96814

For privacy questions specifically related to the Affiliated Partner, please reach out to Alp Hawaii LLC via their website at alphawaii.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date and version above mark the effective date of the latest revision. When we make material changes, we will re-prompt you for cookie consent and surface a notification on the site. Continued use of the Services after a change takes effect indicates acceptance of the updated Policy.