Privacy Policy for GVA Airport Transfer
This Privacy Policy explains how GVA Airport Transfer collects, uses, stores, protects, and shares personal information when clients request quotes, book transfers, use our website, or contact our company.
- 17 May 2026
- Last Updated
- Swiss
- Data Protection
- GDPR
- EU Framework
- 30 Days
- Rights Response
How we handle personal information
GVA Airport Transfer collects personal information when clients submit quote requests, place bookings, create accounts, browse our website, or contact our company by form, email, live chat, telephone, or WhatsApp.
The information is used to arrange transportation, manage bookings, process payments through service providers, maintain records, secure the website, and communicate with clients about transfer requests.
Key point: GVA Airport Transfer does not sell personal information. Data is shared only when needed for the booking, payment processing, hosting, legal compliance, business operations, or with your consent.
Main privacy points at a glance
This summary highlights the practical parts of the policy. The full legal text appears below in the policy sections.
Data We Collect
Identity, contact, booking, payment, technical, usage, marketing, and communication information may be collected depending on how you use our services.
Why We Use It
Data is processed to provide transfers, manage records, improve services, secure systems, prevent fraud, and send marketing only where consent applies.
How Long We Keep It
Swiss accounting records are kept for 10 years. Other data is retained only as long as needed for service, legal, dispute, or account purposes.
Who Receives It
Data may be shared with service providers, payment processors, transport partners, legal authorities, group companies, or third parties with your consent.
Your Rights
You may request access, correction, deletion, restriction, objection, portability, consent withdrawal, or complaint support under GDPR/FADP conditions.
Contact
Privacy requests can be sent to privacy@gvaairporttransfer.com. The policy states that responses are handled within 30 days.
Privacy Policy sections
Use the table of contents to move through the policy. Each section below follows the supplied Privacy Policy text.
1 . Introduction
GVA Airport Transfer ("we", "our", "us") respects your privacy and is committed to protecting your personal information in accordance with applicable Swiss and European data-protection laws, including the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR).
This Privacy Policy explains what information we collect, how we process it, the legal bases on which we rely, and the choices you have. If you do not agree with this policy, please do not access or use our services.
2 . What information we collect
We collect information when you: submit a quote request, place an order, create a customer account, browse our websites, or otherwise interact with us. This may include:
- Identity data – title, first and last name, company name (if applicable).
- Contact data – address, email address, telephone number.
- Booking data – lead passenger details, pick-up and drop-off locations, flight/ship information, service history.
- Financial data – payment-card details (processed only by our payment gateway), billing address, transaction records.
- Technical & usage data – IP address, device ID, browser type, cookies, referrer URL, pages visited, and interaction logs.
- Marketing & communications data – preferences for receiving marketing from us and your communication history.
We do not knowingly collect personal data from children under 16 without verifiable parental consent (see section 9).
3 . When and how we collect data
We collect data:
- Directly from you (forms, emails, live chat, telephone).
- Automatically when you use our websites and apps (through cookies and similar technologies).
- From third-party sources that have a lawful basis to share your data (e.g., analytics providers, public databases, marketing partners).
4 . Why we process your data (Legal bases)
| Purpose | Legal basis | Examples |
|---|---|---|
| Provide and manage the services you request | Contract (Art. 6 (1)(b) GDPR) | Process bookings, arrange transportation, manage accounts. |
| Maintain business records and comply with Swiss accounting law | Legal obligation (Art. 6 (1)(c) GDPR) | Retain invoice data for 10 years in line with Art. 958f of the Swiss Code of Obligations. |
| Improve and secure our services | Legitimate interests (Art. 6 (1)(f) GDPR) | Analyse site usage, prevent fraud, ensure network security. |
| Send marketing communications | Consent (Art. 6 (1)(a) GDPR) | Newsletters, promotions (opt-out any time). |
5 . Data retention
- Accounting & transaction records required by Swiss law are kept for 10 years (Art. 958f CO).
- Other personal data are retained only as long as necessary to fulfil the purposes described above, resolve disputes, enforce agreements, or as required by law. Typical retention periods range from 6 months (web logs) to 5 years (customer-service correspondence).
- Customer-account data are stored while the account remains active. You can delete your account at any time (see section 10).
6 . Data sharing
We never sell your personal information. We disclose data only:
- Within our group – to subsidiaries that follow this policy or one offering equal protection.
- Service providers – e.g., hosting, IT support, analytics, and payment processing via *[Payment-Gateway-Name]*, which is PCI-DSS Level 1 certified.
- Transportation partners – limited data (name, pick-up/drop-off details) so they can perform the ride you booked.
- Legal or regulatory authorities – where required to comply with law or to protect rights, property, or safety.
- Business transfers – in the event of a merger or acquisition, provided the recipient upholds this policy.
- With your consent – e.g., publishing testimonials.
All third parties are bound by contract to keep your data confidential and apply appropriate security measures.
7 . International transfers & hosting location
Your data are stored on servers located within the European Economic Area and operated by Infomaniak Network SA, an ISO 27001-certified provider. Where we must transfer data outside the EEA/Switzerland, we rely on EU adequacy decisions, Standard Contractual Clauses, or other legally recognized safeguards.
8 . Security measures
- All interactions with our websites and APIs are encrypted via TLS 1.2+ (A-grade rating on the latest SSL Labs test).
- We implement industry-standard technical and organisational measures, including firewalls, intrusion detection, least-privilege access controls, and staff training.
- Payment-card data are transmitted directly to our payment gateway and are never stored on our servers.
- We conduct annual penetration tests and maintain ISO 27001 alignment for critical infrastructure.
9 . Children’s privacy
Our services are not directed to individuals under 16 years of age (or the lower age set by local law, e.g., 13 in some EU Member States). We do not knowingly collect such data without parental consent. If you become aware that a child has provided us data, please contact us so we can delete it.
10 . Your rights
Subject to conditions and exceptions in the GDPR/FADP, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase data (“right to be forgotten”).
- Restrict or object to processing.
- Data portability.
- Withdraw consent at any time (for future processing).
- Lodge a complaint with the Swiss FDPIC or your local EU supervisory authority.
To exercise your rights, email privacy@gvaairporttransfer.com. We will respond within 30 days.
11 . Data-breach notification
In the unlikely event of a personal-data breach, we will notify the Swiss Federal Data Protection and Information Commissioner (FDPIC) and, where applicable, affected individuals within 72 hours of becoming aware, in accordance with Art. 24 FADP and Art. 33 GDPR.
12 . Cookies and tracking technologies
Our websites use the following categories of cookies:
- Necessary – essential for site navigation and security.
- Preference – remember your settings (e.g., language).
- Statistics – collect anonymised usage data (e.g., Google Analytics with IP anonymisation).
- Marketing – show relevant ads (only with your consent).
You can manage or disable cookies via our Cookie Settings tool or in your browser.
13 . Automated decision-making
We do not use personal data for automated decision-making that produces legal or similarly significant effects.
14 . How to contact us
GVA Airport Transfer
Rue Henri-Mussard 20, 1208 Geneva, Switzerland
Email: privacy@gvaairporttransfer.com
Telephone: +41 77 215 15 35
15 . Changes to this Policy
We may amend this Privacy Policy from time to time. The latest version is always published on our website with the "Last updated" date. Material changes will be announced via email or notification within your account.
*© 2026 GVA Airport Transfer – All rights reserved.*
How to request access, correction, or deletion
The policy provides several rights under the GDPR/FADP framework, subject to legal conditions and exceptions.
Access Your Data
You may ask what personal data GVA Airport Transfer holds about you and how it is processed.
Correct Information
You may request correction of inaccurate or incomplete personal information linked to your booking or account.
Request Deletion
You may request deletion where the data is no longer needed, unless legal retention duties apply.
Restrict or Object
You may request restrictions or object to certain types of processing where applicable law allows it.
Withdraw Consent
You may withdraw consent for future processing where consent is the legal basis, such as optional marketing.
Contact Privacy Team
Privacy requests can be sent to privacy@gvaairporttransfer.com with enough details to identify the relevant data.