Privacy Policy 1 — Exklusiver Chauffeur Service Lindhofer

Privacy Policy

Table of Contents

1. Controller

2. General Principles of Data Processing

3. Legal Bases for Processing

4. Data Collection Upon Contact

5. Bookings, Transfers and Service Execution

6. Processing of Special Categories of Personal Data

7. WhatsApp Communication

8. Disclosure of Data to Third Parties

9. Payment Processing

10. Website, Hosting and Server Log Files

11. Cookies and Tracking

12. Analytics and Marketing Services (Future Use)

13. Data Retention

14. Data Security

15. Rights of Data Subjects

16. Right to Lodge a Complaint

17. Data Processing in Relation to Switzerland

18. Changes to this Privacy Policy

1. Controller

1.1 The controller within the meaning of the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG), and – where applicable – the Swiss Federal Act on Data Protection (revDSG) is:

Exclusive Limousine Management Lindhofer GmbH

Tuchlauben 7A/5

1010 Vienna

Austria

Email: datenschutz@lindhofer.at

General Email: office@lindhofer.at

Phone: +43 699 11 222 334

1.2 Responsibility for data processing lies with the management of Exclusive Limousine Management Lindhofer GmbH.

There is currently no legal obligation to appoint a Data Protection Officer.

Voluntary contact person for data protection matters: Karoline Lindhofer

2. General Principles of Data Processing

2.1 Personal data is processed exclusively in accordance with applicable data protection laws, in particular the GDPR, DSG and – where applicable – the revDSG.

2.2 Personal data means any information relating to an identified or identifiable natural person (e.g. name, address, phone number, travel details).

2.3 Processing is carried out only where at least one legal basis applies and always in accordance with the principle of data minimisation.

2.4 This Privacy Policy applies to all processing activities in Austria, the European Union and – where applicable – Switzerland.

3. Legal Bases for Processing

3.1 Processing is based in particular on the following legal grounds:

• Art. 6(1)(b) GDPR – performance of a contract and pre-contractual measures

• Art. 6(1)(c) GDPR – legal obligation

• Art. 6(1)(f) GDPR – legitimate interest

• Art. 6(1)(a) GDPR – consent (where applicable)

• Art. 9(2)(a), (b) GDPR – explicit consent or social protection (for sensitive data)

4. Data Collection Upon Contact

4.1 When contacting us via website form, email, phone or WhatsApp, the following data is processed:

• Name

• Phone number

• Email address

• Content of the inquiry

4.2 This data is processed solely for handling the request and initiating a contractual relationship.

5. Bookings, Transfers and Service Execution

5.1 For bookings and services, the following data may be processed:

• Name, phone number, email

• Pickup address, destination address, additional stops

• Date, time and duration

• Flight or train number

• Number of passengers

• Vehicle class

• Luggage details and special luggage

• Child seats (number, type)

• Assistance animals or pets

• Special requests (e.g. stops, door pickup)

5.2 For hourly, daily or multi-day bookings, routes, locations, hotels and schedules are also processed.

5.3 For tours, routes, stops and external guides may be processed.

6. Processing of Special Categories of Personal Data

6.1 In certain cases, sensitive data pursuant to Art. 9 GDPR may be processed, particularly:

• Mobility restrictions (e.g. wheelchair, walking aid)

• Medical assistance requirements

6.2 Such data is processed solely to ensure optimal service and support and only by appropriately trained chauffeurs.

7. WhatsApp Communication

7.1 Communication via WhatsApp Business is voluntary and only upon explicit request by the customer.

7.2 The following data may be transmitted via WhatsApp:

• Name

• Pickup and destination

• Flight or train number

• Special requests

7.3 Transmission of sensitive data, ID documents or payment data via WhatsApp is neither requested nor desired.

7.4 WhatsApp chats are stored for up to 3 years unless deletion is required or requested.

7.5 Please note that data may be transferred to Meta Platforms Inc. (USA).

8. Disclosure of Data to Third Parties

8.1 Personal data is shared only where necessary for contract performance.

8.2 Recipients may include:

• Chauffeurs

• Subcontractors and partner companies

• Payment providers

• Tax advisors

• Hosting and IT providers

8.3 Subcontractors receive only the data necessary for the assigned service.

9. Payment Processing

9.1 Card payments are processed via a mobile terminal (Ready2Go by Ready2Order).

9.2 The provider does not process credit card or banking data directly.

9.3 Accounting data is retained for 7 years in accordance with Austrian tax law.

10. Website, Hosting and Server Log Files

10.1 The website is hosted via Squarespace.

10.2 The following data is automatically collected:

• IP address

• Date and time of access

• Browser type and operating system

• Referrer URL

10.3 This data is used for technical security, stability and optimisation.

11. Cookies and Tracking

11.1 Currently, no cookie banner is implemented.

11.2 No analytics or marketing tools (e.g. Google Analytics, Meta Pixel) are active.

Future use will include proper consent mechanisms.

12. Analytics & Marketing (Future Use)

12.1 Future use of Google Analytics (GA4) or Meta services is possible.

12.2 Processing will occur only with user consent and in compliance with Art. 44 et seq. GDPR.

13. Data Retention

13.1 Data retention periods:

• General inquiries: 12 months

• Booking and customer data: stored indefinitely unless deletion is requested

• Invoices: 7 years

• WhatsApp communication: approx. 3 years

14. Data Security

14.1 Technical and organisational measures are implemented, including backups and access restrictions.

14.2 Access is limited to:

• Management

• Karoline Lindhofer

• Assigned chauffeurs/subcontractors (service-specific)

15. Rights of Data Subjects

Data subjects have the right to:

• Access

• Rectification

• Erasure

• Restriction of processing

• Data portability

• Objection

Requests: office@lindhofer.at

16. Right to Lodge a Complaint

16.1 Complaints may be submitted to the Austrian Data Protection Authority.

17. Data Processing in Relation to Switzerland

17.1 For journeys to or from Switzerland, data processing primarily takes place in Austria.

17.2 No systematic transfer of personal data to Swiss authorities occurs unless necessary.

17.3 The provisions of the Swiss revDSG apply additionally where relevant.

18. Changes to this Privacy Policy

18.1 The provider reserves the right to amend this Privacy Policy due to legal, technical or operational changes.