Effective date: 28 April 2026. This Privacy Policy describes how Swiss Limousine Service (“SLS”, “we”, “us”) collects, uses and protects personal data when you visit our website, request a quote, place a booking, or otherwise interact with our service. We comply with the Swiss Federal Act on Data Protection (revFADP, in force since 1 September 2023) and, where the European General Data Protection Regulation (GDPR) applies because you are a resident of the European Union, with the GDPR.
1. Data controller
The controller responsible for processing your personal data under this Policy is:
- Swiss Limousine Service
- Rue Ferrier 17, 1202 Geneva, Switzerland
- UID: CHE-291.358.212
- Phone: +41 76 511 20 00 (24/7) — alternative +41 22 518 31 33
- Email: [email protected]
- Privacy contact: [email protected]
You may write to us at the postal address or contact us by email at any time to exercise the rights described in section 9 below.
2. What personal data we collect
We collect only the data we need to provide a high-quality chauffeur service and to comply with our legal obligations.
2.1 When you book or request a quote
- Identification data: first name, last name, title
- Contact data: email address, mobile phone number
- Travel data: pickup and drop-off addresses, date and time, flight number and airline (for airport transfers), number of passengers, luggage details, vehicle preference, special requirements (child seat, additional stops, dietary preferences for in-vehicle service)
- Payment data: card details are entered directly into our payment processor’s secure form (see section 4). We never store your full card number on our servers; we retain only the last four digits and the brand for receipts and dispute handling
- Optional information you provide in the comments field of the booking form
2.2 When you visit our website
- Technical data: IP address (truncated for analytics), browser type and version, operating system, referring URL, pages visited, time spent on each page, device category
- Cookies and similar technologies: see section 5 for our cookie policy and your choices
2.3 Sensitive data and NDA-covered information
For clients who request a Non-Disclosure Agreement (NDA) — typically family-office, diplomatic, and corporate executive accounts — the chauffeur on the assignment counter-signs a confidentiality undertaking before pickup. Information that becomes incidentally known during the transfer (identity of fellow passengers, locations visited, conversations inside the vehicle, attached documents) is treated as strictly confidential, is not stored in any system beyond the original booking record, and is accessible only to the personnel assigned to the booking. You may request additional confidentiality measures (alternative pickup location, decoy vehicle, route variation) at the time of booking; these are documented in your client file rather than in any public-facing system.
3. Why we process your data and on what legal basis
- Performance of the transport contract (booking confirmation, dispatch, chauffeur briefing, billing, customer support): Article 6(1)(b) GDPR; Article 31(2)(a) revFADP
- Compliance with legal obligations (Swiss VAT records retained for 10 years, accounting records, response to lawful requests from authorities): Article 6(1)(c) GDPR; Article 31(2)(c) revFADP
- Legitimate interest (fraud prevention, network security, service improvement, internal reporting, defence of legal claims): Article 6(1)(f) GDPR; Article 31(1) revFADP
- Consent (analytics cookies, marketing communications): Article 6(1)(a) GDPR; Article 31(1) revFADP. You may withdraw consent at any time via the cookie banner footer link or by emailing [email protected]
4. Sharing with third parties
We share personal data only with carefully selected service providers acting as data processors on our instructions, and only to the extent necessary for them to perform their function.
- Payment processing: Stripe Payments Europe Ltd. (Ireland) for card payments. Stripe receives your card data directly via tokenisation; we never see the full card number. Stripe’s privacy policy: stripe.com/privacy
- Flight tracking: AeroAPI by FlightAware (United States) for monitoring scheduled and actual arrival times. Only the flight number and date are shared; no personal identifiers are transmitted
- Email delivery: SMTP provider for booking confirmations and operational notifications (server location: Switzerland and EU)
- Hosting and infrastructure: data is hosted on servers located in Europe; CDN edge caching is provided by Cloudflare (data may transit edge nodes globally for performance)
- Analytics: Google Analytics 4 with IP truncation, ad-personalisation disabled, and EU-based regional endpoint, conditional on your consent. You may opt out at any time via the cookie banner
- Accounting and legal: external Swiss accountants and, where strictly necessary, legal counsel
We do not sell, rent, or trade personal data with any party for advertising or commercial purposes.
5. Cookies and tracking
Our website uses cookies. The cookie banner you see on your first visit allows you to accept all cookies, accept only essential cookies, or customise your preferences.
- Essential cookies (always active): session identifier, language preference, cookie-banner choice, security tokens. These are required for the site to function and do not require consent
- Analytics cookies (consent required): Google Analytics 4 to measure aggregate site usage. IP addresses are truncated; no personal identifiers are exported
- Functional cookies (consent required): video player preferences, embedded map preferences if used
You can change your cookie preferences at any time via the “Cookies” link in the website footer.
6. International data transfers
Some of our service providers are located outside Switzerland and the European Economic Area (EEA). When personal data is transferred to such a country, we ensure that an appropriate level of protection is in place through Standard Contractual Clauses approved by the European Commission and recognised by the Swiss Federal Data Protection and Information Commissioner (FDPIC), and where applicable, through additional safeguards such as encryption in transit and at rest.
7. Data retention
- Booking and trip records: 10 years (Swiss VAT and commercial-law obligations)
- Customer support emails: 5 years from last contact
- Marketing-consent records: until consent withdrawn, plus 3 years for proof
- Web-analytics events: 14 months (Google Analytics retention setting)
- Server access logs: 90 days, then aggregated or deleted
- NDA-covered booking notes: deleted within 12 months of trip completion unless dispute or legal hold applies
8. Security
We implement organisational and technical measures appropriate to the sensitivity of the data we hold: encryption in transit (TLS 1.3) and at rest, principle-of-least-privilege access controls for staff, multi-factor authentication on critical systems, regular security updates, and an incident-response procedure aligned with revFADP Article 24 notification timelines (72 hours to the FDPIC for breaches likely to result in a high risk to the rights of data subjects).
9. Your rights
Subject to the conditions of revFADP and, where applicable, GDPR, you have the right to:
- access the personal data we hold about you
- request correction of inaccurate or incomplete data
- request deletion (subject to retention obligations described in section 7)
- object to or restrict certain processing operations
- request portability of data you have provided to us
- withdraw consent for any processing based on consent, without affecting the lawfulness of prior processing
- lodge a complaint with the Swiss FDPIC (edoeb.admin.ch) or, if GDPR applies, your national supervisory authority
Send your request to [email protected]. We respond within 30 days, free of charge for the first request in any 12-month period. We may ask you to verify your identity to prevent unauthorised disclosure.
10. Children
Our service is not directed at children under 16. We do not knowingly collect personal data from children. Bookings made on behalf of minor passengers are placed by the parent, guardian, or authorised adult traveller, who is responsible for providing only the data necessary for the trip.
11. Changes to this Policy
We may update this Privacy Policy to reflect changes in our practices or in applicable law. The “Effective date” at the top of this page indicates the latest version. Material changes will be communicated by a banner on the website and, for active clients, by email.
12. Contact
For any question about this Privacy Policy or about how we handle your personal data, contact [email protected] or write to Swiss Limousine Service, Rue Ferrier 17, 1202 Geneva, Switzerland.