Privacy Policy

Obsidian Transfers & Tours

This Privacy Policy describes how Obsidian Transfers & Tours collects, uses, stores, and protects the personal data of users of the website https://obsidiantransfers.gr, in accordance with Regulation (EU) 2016/679 (GDPR) and applicable European and Greek data protection laws.

  1. Data Controller

The data controller responsible for the processing of personal data is:

Obsidian Transfers & Tours
Based in Greece
Email: info@obsidiantransfers.gr

  1. Personal Data We Collect

When you use our website or make a booking, we may collect the following personal data:

Identification and contact details

  • Full name
  • Email address
  • Phone number

Booking and transfer details

  • Pick-up and drop-off locations
  • Date and time of transfer
  • Flight number
  • Number of passengers
  • Luggage details or special requests

🔹 Technical data

  • IP address
  • Device and browser type
  • Cookies and navigation data

  1. Purpose of Data Processing

Your personal data is processed strictly for the following purposes:
1. Managing and executing your transfer booking
2. Communicating with you regarding your service
3. Compliance with legal and tax obligations
4. Improving our services and user experience
5. Statistical analysis and website performance measurement

Processing for marketing or remarketing purposes is carried out only with your explicit consent, where required by law.

  1. Legal Basis for Processing

Personal data processing is based on:

  • Performance of a contract (transfer booking)
  • User consent (cookies, marketing, remarketing)
  • Compliance with legal obligations
  • Legitimate interest of the company (service improvement)

  1. Cookies and Tracking Technologies

Our website uses cookies for:

  • Proper website functionality
  • Traffic and usage analysis (e.g. Google Analytics)
  • Advertising and remarketing purposes (e.g. Google Ads, Meta Ads)

Users may accept, reject, or modify cookie preferences via the cookie banner or through browser settings.

  1. Data Sharing with Third Parties

Personal data is never sold or traded to third parties.

Data may be shared only:

  • With partner drivers or service providers, strictly for the execution of the transfer
  • With technology providers (hosting, analytics, payment systems)
  • With public authorities, if required by law

All third parties are required to comply with GDPR regulations.

  1. Data Retention Period

Personal data is retained:

  • For as long as necessary to provide the requested service
  • As required by tax and legal regulations
  • For marketing purposes, only until consent is withdrawn

After this period, data is securely deleted or anonymized.

  1. User Rights

In accordance with GDPR, users have the right to:

  • Access their personal data
  • Rectify inaccurate or incomplete data
  • Request data deletion (right to be forgotten)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise your rights, please contact info@obsidiantransfers.gr.

  1. Data Security

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, or misuse.

  1. Policy Updates

This Privacy Policy may be updated at any time.
The latest version will always be published on this page.

  1. Contact Information

For any questions regarding this Privacy Policy, please contact:

📧 info@obsidiantransfers.gr