Privacy Policy

We take your privacy seriously. This policy explains how we collect, use, and protect your personal data in accordance with GDPR and Austrian law.

Last Updated: October 31, 2025

1Introduction

Vienna MDV Transfer ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our airport transfer booking services.

This policy complies with the EU General Data Protection Regulation (GDPR) and Austrian Data Protection Act (Datenschutzgesetz).

By using our services, you agree to the collection and use of information in accordance with this policy.

2Data Controller

The data controller responsible for your personal data is:

•

Company Name: Vienna MDV Transfer

•

Address: Kegelgasse 44, 1030 Vienna, Austria

•

Email: info@viennamdvtransfer.com

•

Phone: +43 (660) 9457570

For any questions about this Privacy Policy or your personal data, please contact us using the details above.

3Data We Collect

We collect the following types of personal data:

Booking Information:

•

Full name

•

Email address

•

Phone number

•

Pickup and drop-off addresses

•

Flight information (flight number, arrival/departure times, origin city)

•

Special requirements (child seats, additional luggage, accessibility needs)

Technical Data:

•

IP address

•

Browser type and version

•

Device information

•

Pages visited and time spent on our website

•

Referring website addresses

Optional Data:

•

Additional comments or special requests you provide during booking

4How We Use Your Data

We use your personal data for the following purposes:

Service Delivery:

•

Processing and confirming your booking

•

Coordinating your airport transfer

•

Communicating with you about your booking (confirmations, updates, driver details)

•

Meeting special requirements (child seats, accessibility needs)

Business Operations:

•

Managing customer relationships

•

Responding to inquiries and customer support

•

Processing payments

•

Maintaining booking records for accounting and tax purposes

Legal Compliance:

•

Complying with legal obligations (tax records, business records)

•

Protecting against fraud and abuse

Service Improvement:

•

Analyzing service usage to improve our offerings

•

Understanding customer preferences

We do not use your data for automated decision-making or profiling.

5Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contract Performance (GDPR Art. 6(1)(b)):

•

Processing necessary to fulfill your booking and provide transfer services

Legitimate Interests (GDPR Art. 6(1)(f)):

•

Fraud prevention and security

•

Business analytics and service improvement

•

Direct marketing (with opt-out option)

Legal Obligation (GDPR Art. 6(1)(c)):

•

Compliance with tax and accounting laws (7-year retention in Austria)

•

Compliance with transport regulations

Consent (GDPR Art. 6(1)(a)):

•

Where required, such as for optional marketing communications

•

You can withdraw consent at any time

6Data Sharing and Third Parties

We may share your personal data with the following third parties:

Service Providers:

•

Hosting providers (for website and database hosting)

•

Email service providers (for sending booking confirmations)

•

Payment processors (if card payments are processed)

•

IT support and maintenance providers

Legal Requirements:

•

Law enforcement or regulatory authorities when required by law

•

Courts and legal advisors in case of legal proceedings

Business Transfers:

•

In the event of a merger, acquisition, or sale of business assets

We do NOT:

•

Sell your personal data to third parties

•

Share your data for third-party marketing without your consent

•

Transfer data outside the EU/EEA without appropriate safeguards

All third-party service providers are required to protect your data and use it only for specified purposes.

7Data Retention

We retain your personal data for the following periods:

Booking Records:

•

7 years from the date of service (Austrian tax law requirement)

•

Includes: name, contact details, booking details, payment information

Communication Records:

•

Email correspondence: 3 years

•

Customer support inquiries: 2 years after resolution

Technical Data:

•

Website logs and analytics: 12 months

•

IP addresses: 90 days

After the retention period expires, your personal data will be securely deleted or anonymized.

You may request earlier deletion of your data, subject to our legal obligations (e.g., tax records must be retained for 7 years).

8Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access (Art. 15):

•

Request a copy of the personal data we hold about you

Right to Rectification (Art. 16):

•

Request correction of inaccurate or incomplete data

Right to Erasure (Art. 17) - "Right to be Forgotten":

•

Request deletion of your data (subject to legal retention requirements)

Right to Restriction of Processing (Art. 18):

•

Request limitation of how we use your data

Right to Data Portability (Art. 20):

•

Receive your data in a structured, machine-readable format

•

Transfer your data to another service provider

Right to Object (Art. 21):

•

Object to processing based on legitimate interests

•

Object to direct marketing at any time

Right to Withdraw Consent (Art. 7(3)):

•

Withdraw consent for processing based on consent

Right to Lodge a Complaint:

•

File a complaint with the Austrian Data Protection Authority (Datenschutzbehörde)

•

Website: https://www.dsb.gv.at

To exercise these rights, contact us at info@viennamdvtransfer.com. We will respond within 30 days.

9Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Technical Measures:

•

SSL/TLS encryption for data transmission

•

Secure servers with firewall protection

•

Regular security updates and patches

•

Encrypted backups

•

Access controls and authentication

Organizational Measures:

•

Confidentiality agreements with staff and contractors

•

Data breach response procedures

•

Limited access to personal data (need-to-know basis)

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

In the event of a data breach affecting your rights, we will notify you and the relevant authorities within 72 hours as required by GDPR.

10International Data Transfers

Your personal data is primarily stored and processed within the European Union/European Economic Area (EU/EEA).

If we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place:

•

EU Standard Contractual Clauses (SCCs)

•

Adequacy decisions by the European Commission

•

Privacy Shield Framework (where applicable)

Currently, we do not routinely transfer personal data outside the EU/EEA.

If this changes, we will update this policy and inform you accordingly.

11Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

•

Changes in our data processing practices

•

New legal requirements

•

Improvements to our services

•

Customer feedback

When we make significant changes, we will:

•

Update the "Last Modified" date at the top of this policy

•

Notify you via email (for existing customers)

•

Display a prominent notice on our website

We encourage you to review this Privacy Policy periodically.

Continued use of our services after changes constitutes acceptance of the updated policy.

12Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Vienna MDV Transfer

Kegelgasse 44, 1030 Vienna, Austria