Privacy Policy

1) Personal data we process

• Website and consent data: IP address, browser/device data, timestamps, language preference, cookie_consent choices, and analytics identifiers only if analytics is enabled and accepted.
• Customer account data: first name, last name, email, phone, address, preferred language, password hash, account/session identifiers, and Google or Apple OAuth identifiers if used.
• Booking and passenger data: pickup and drop-off addresses, route, dates, times, flight number, passenger count, luggage, selected vehicle, child-seat or pet requests, public booking references, ride notes and special requests.
• Payment, refund and invoice data: amount, currency, payment status, provider references, refund/dispute status, invoice details and VAT/accounting records. We do not store full card numbers or CVV.
• Support and contact data: messages, contact details and any files or screenshots you choose to send us.
• Partner onboarding data: company and contact details, VAT/VIES check data, authorised-representative confirmation, service/onboarding email acknowledgement, documents, vehicle data/photos, IBAN/payout details, service areas and application status.
• Dispatch, proof and admin data: assigned partner/driver, operational status, ride proof events, timestamps, admin actions, security logs and troubleshooting records.

2) Purposes and legal bases

• Bookings, account access, passenger coordination, payment and invoices: contract performance or steps before a contract (GDPR Art. 6(1)(b)).
• Accounting, tax, payment, refund and legal record keeping: legal obligation (Art. 6(1)(c)).
• Fraud prevention, platform security, dispatch quality, support, dispute handling, service improvement and limited operational logging: legitimate interests (Art. 6(1)(f)).
• Partner onboarding, document review, payout setup and eligibility checks: contract/pre-contract steps, legal obligations and legitimate interests, depending on the record.
• Analytics cookies and Google Analytics, if configured: consent (Art. 6(1)(a)); analytics is blocked until analytics consent is granted.
• Promo or offer emails: only with separate opt-in if such marketing is implemented. Transactional account and booking emails are not marketing.
• Special category data is not requested. If you voluntarily include sensitive details in notes or support messages, we process only what is necessary for the transfer, support, legal claim or safety purpose.

3) Recipients and service providers

• Assigned partners, operators or drivers receive the booking details needed to perform the ride.
• Payment providers: Stripe and myPOS process online payments and refunds where used.
• Email and mailbox providers: Brevo for transactional email sending and Google Workspace for business mailboxes.
• Maps and route services: Google Maps Platform for address lookup, maps and route support.
• Analytics: Google Analytics may receive sanitized page information only if configured and accepted through cookie settings.
• Upload/storage and infrastructure: Cloudflare R2-compatible storage code is used for partner uploads; PostgreSQL is used as database technology; hosting appears likely to use Vercel. Production provider, region and dashboard settings must be verified in the relevant provider accounts.
• Authentication and checks: Google OAuth, Apple OAuth and EU VIES may be used where relevant.
• Professional advisers, authorities, banks, card schemes or courts may receive data where required for accounting, legal claims, compliance, fraud prevention or dispute handling.

4) International transfers and provider regions

Provider locations can depend on production configuration, provider dashboards and subprocessor infrastructure. This page does not state a confirmed hosting, database, storage, analytics or backup region unless it has been verified.

Where a provider or subprocessor involves access from outside the EEA, an applicable lawful transfer mechanism and provider contract review must be in place before that provider is relied on for production processing. You may contact privacy@oddotransfer.com for current provider and transfer information.

5) Retention

• Invoices, accounting, payment and refund records: 10 years.
• Booking records linked to payment, invoice, refund, dispute or accounting: up to 10 years.
• Operational ride notes, driver notes and special requests: normally 3 years, unless needed for a dispute, legal claim, accounting or security reason.
• Customer account data: active account plus 3 years of inactivity, unless accounting or legal records must be retained longer.
• Support messages: normally 24-36 months after case closure.
• Rejected partner applications: normally 12 months, unless fraud, dispute or legal reasons require longer.
• Approved partner records and documents: for the partner relationship plus the required legal/accounting period.
• Security logs: normally 30-90 days; longer only for incident, fraud, dispute or legal reasons.
• Google Analytics: according to the configured Google Analytics retention setting, which must be verified in the GA dashboard if GA is enabled.
• Cookie consent: about 6 months.

6) Your GDPR rights and DSAR process

• You may request access, rectification, erasure, restriction, portability, objection and withdrawal of consent where applicable.
• Send requests to privacy@oddotransfer.com. We may verify your identity and ask for enough information to locate the relevant records.
• The current system does not provide confirmed self-service account deletion or export. Requests are handled manually through internal systems where needed.
• Deletion requests may not remove invoices, accounting, payment, refund, fraud, dispute or legal records that must be kept by law or for legal claims. In those cases, processing is limited to the required purpose.
• You may lodge a complaint with the CNPD Luxembourg if you believe your data protection rights have been infringed.

7) Cookies, local storage, maps and analytics

• Essential cookies and storage support sessions, language, booking state, payment flow, security and core website operation.
• The cookie_consent cookie stores your choices for about 6 months and can be changed through Cookie settings in the footer.
• Google Analytics is loaded only after analytics consent is true. Before sending a page view, query parameters are removed and tokenized booking/payment paths are masked.
• If analytics consent is withdrawn, the site stops loading Google Analytics for future page loads and clears known _ga cookies where feasible.
• Google Maps remains part of the booking/address experience and may process map/address request data under Google terms.

8) Marketing, rewards and data minimisation

• Rewards may be visible inside the customer account or dashboard.
• Promo or offer emails require a separate opt-in if implemented. Welcome/account emails are transactional and should not contain promotional offer content without such opt-in.
• ODDO TRANSFER does not collect a customer profile gender field in the current profile flow.
• Please do not include unnecessary sensitive information, such as health, religion, ID documents or other special category data, in free-text notes unless strictly needed for your transfer.

9) Security

We use technical and organisational measures appropriate to the risk, including access controls, authentication/session controls, HTTPS, limited operational access, logging for security and troubleshooting, and administrative controls for partner documents and payment/refund workflows.

Some operational safeguards, such as production storage region, lifecycle rules, backup retention and provider security settings, are controlled in provider dashboards and should be verified before formal vendor due diligence.

10) Updates

We may update this Privacy Policy when the service, providers, legal requirements or internal processes change. The latest version is available on this page.