Privacy Policy

We, Grandlane Transfer, take the protection of your personal data seriously and protect your privacy when processing them in accordance with the applicable data protection regulations.

This privacy policy informs you as a visitor of the Grandlane Transfer website, as a user or customer of the online platform of Grandlane Transfer, or other services of Grandlane Transfer (together also “Grandlane Transfer Services”) which of your personal data is processed by Grandlane Transfer and for which purpose. The Grandlane Transfer Services are not aimed at minors.

Data Security

Grandlane Transfer uses appropriate technical and organizational security measures to ensure a level of protection for personal data appropriate to the risk, taking into account the state of the art, implementation costs and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and the degree of risk. The transfer of personal data between your end device and Grandlane Transfer is generally carried out in an encrypted form (TLS encryption). You can identify an encrypted connection for example by the lock symbol in the address line of your browser.

If you communicate with us by e-mail, access by third parties cannot be ruled out. Grandlane Transfer also uses transport encryption for e-mails in general. But in the case of confidential information, Grandlane Transfer recommends using the postal way or fully encrypted e-mail communication (PGP). Please let us know if you would like to correspond with us by e-mail in an encrypted form so that we can give you information on the relevant addresses and public keys.

Provision of the websites

When visiting Grandlane Transfer websites for information purposes, i.e. even without your registration, data is automatically collected regarding the usage through your browser (hereinafter “surf data”). This includes your IP address, the status code, the Grandlane Transfer websites visited, date and time of the server request, browser type and browser version, referrer (website visited beforehand), files transferred and data volume. The surf data is stored by Grandlane Transfer in so-called log files. If you visit Grandlane Transfer websites without having a Grandlane Transfer account, we will not know who you are.

We inform you about the cookies and analysis services used by Grandlane Transfer in section 6. Otherwise, your surf data will not be provided to third parties. The processing of surf data is mainly carried out to establish and maintain the technical connection when surfing the internet. This data is also used by Grandlane Transfer in a pseudonymized or anonymized form in order to analyze the use of our websites, to design and improve the Grandlane Transfer services to meet demand, to recognize and eliminate technical or process-related disruptions and problems and to prevent illegal use of the Grandlane Transfer services (e.g. fraudulent booking, cyberattacks).

Stored log files are erased or anonymized, provided they are no longer required to ensure the general functionality of Grandlane Transfer services. Grandlane Transfer retains the log files only insofar as you have consented to this or if there are legal retention obligations.

The legal basis for the processing of personal data when providing websites is Art. 6 Paragraph 1 lit f GDPR (Grandlane Transfer’s legitimate interest). Insofar you are a Grandlane Transfer user or customer, the legal basis is also Art. 6 para. 1 lit. b DSGVO (contract performance, see otherwise below number 9.). If you have consented to an extended usage of your surf data, the legal basis is Art. 6 Paragraph 1 lit. a GDPR (your consent). You can revoke your consent at any time.

Cookies, pixels and similar technologies

When using Grandlane Transfer services, cookies, pixels or similar methods may be used. This is common for most large websites.

Cookies are small text files and pixels are small graphic files which can be stored on the user’s end device. You will find comprehensive information on the cookies, pixels and similar methods used by Grandlane Transfer in our Cookie Policy.

As part of your use of Grandlane Transfer Services, Grandlane Transfer sets the cookies that are necessary for Grandlane Transfer to provide a feature you request (e.g., language, login status, cookie consent). Grandlane Transfer also uses, where you have consented, its own and third party cookies to analyze and improve the use of the Grandlane Transfer Services, to improve and personalize functionality to you, to detect and correct malfunctions and problems of a technical or process nature, to prevent unlawful use of the Grandlane Transfer Services (e.g. fraudulent booking, cyber-attacks) and for marketing purposes. (including the measurement, analysis and evaluation of advertising). The details of this can be found in our Cookie Policy. Your consent to the setting and use of cookies by Grandlane Transfer is documented electronically via a Consent Management Tool or Consent Management Platform (CMP) used by Grandlane Transfer. You can revoke your consent at any time with future effect or change your cookie settings; the easiest way to do this is to change your cookie settings as you wish in the CMP used by Grandlane Transfer.

Additionally, you can prevent the storage of cookies and delete existing cookies at any time in the settings of your browser. However, this may lead to the fact that individual functions of the Grandlane Transfer Services are not or only partially available. The storage period varies per cookie and can be viewed in your browser in our Cookie Policy.

The legal basis for the processing of personal data when using cookies, pixels and similar procedures are Art. 6 para. 1 lit. a (your consent) and lit. f DSGVO (legitimate interest of Grandlane Transfer in case of necessary cookies in connection with § 25 TTDSG).

Social Media / Social Networks

Grandlane Transfer’s Social Media Presence

Grandlane Transfer maintains pages in social networks such as Instagram or Facebook. The respective provider of the social network provides detailed information about which personal data is processed and how. In addition, please see our notes on our pages on the respective platforms.

Facebook, Facebook Messenger and Facebook Connect

Grandlane Transfer uses services of the social network, Facebook operated by Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”). The controller for the data processing in Europe for Facebook is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. You can access Facebook’s data protection information here: https://www.facebook.com/about/privacy/

You can contact us and exchange messages with Grandlane Transfer via Facebook Messenger.

Grandlane Transfer also provides the option of logging in to the Grandlane Transfer account using Facebook Connect. In order to do this, you will be sent to a Facebook page where you may log in using your Facebook user information. If you log in to the Grandlane Transfer account using Facebook Connect, certain personal data will be transferred by Facebook to Grandlane Transfer. Facebook will inform you regarding what data will be transferred, for the purpose of which you may grant or refuse explicit consent. Personal data will not be transferred by Facebook to Grandlane Transfer without this consent. Facebook can also determine from your login via Facebook Connect that you have logged in with us and when you have done so. Grandlane Transfer uses the data transmitted by Facebook in order to identify you.

If you actively choose to log in via Facebook, you consent to Grandlane Transfer processing, in a personalized form, the data transmitted by Facebook to identify you in connection with your account. This consent may be revoked at any time without any additional costs and with effect for the future.

You also have the option at any time to adjust the usage of Facebook Connect and log in to your Grandlane Transfer account in another manner.

Grandlane Transfer uses, where you have consented to this, Facebook Custom Audiences from lists to show you targeted advertising via Facebook. Grandlane Transfer creates lists of existing contacts and uploads them to Facebook via Grandlane Transfer’s Facebook account. Before uploading, the list is hashed locally in the browser and only then sent to Facebook. There it is compared with Facebook’s existing list of hashed IDs of Facebook users. The matches are then added to Grandlane Transfer’s Custom Audience. Facebook does not collect any new personal data.

The legal basis for the processing of personal data when using Facebook Connect is in each case Art. 6 Paragraph 1 lit a GDPR (your consent).

We will inform you in our Cookie Policy about Facebook’s cookies, pixels and similar technologies which are used by Grandlane Transfer.

Google Customer Match

Grandlane Transfer uses the Customer Match service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

At Google Customer Match, Grandlane Transfer creates lists of existing contacts and uploads them to Google via Grandlane Transfer’s Google Account. Before uploading, the list is hashed locally in the browser with the SHA256 algorithm and only then transmitted to Google with TLS encryption. There it is compared with existing Google Accounts. The matches are then added to the Grandlane Transfer Audience. On this basis we can display targeted advertising via Google Ads.

The legal basis for processing personal data when using Google Customer Match is Art. 6 para. 1 lit. a GDPR (your consent).

We will inform you about cookies and similar procedures of Google, which are used by Grandlane Transfer, in our Cookie Policy.

Data Processing During Registered Use of Grandlane Transfer Services and Booking Rides

Grandlane Transfer processes the following personal data provided by you when you register and use Grandlane Transfer Services or when you book rides (hereinafter “customer data”).

  • Personal master data (form of address, title, first name, last name, company, address, zip code, place, country, password);
  • Contact data (e.g. telephone number, cellphone number, e-mail address);
  • Contract data (e.g. time and manner of registration, status)
  • Ride-related data (e.g. pickup location, destination, times, flight number, special requests).
  • Status (e.g. bonus program), customer history (e.g. previous rides);
  • Contract invoicing (e.g. invoices, status, invoicing address) and payment data (e.g. last 4 digits of the credit card number).

The customer data will be used for Grandlane Transfer services, i.e. for the personalized fulfillment of the framework agreement after registration (creation, storage, administration and support of your Grandlane Transfer account), for the procurement of booked rides and for the fulfillment of the contract of carriage for the benefit of the customer with the limousine service provider. Grandlane Transfer provides customer data to third parties, if necessary, in particular to the limousine service providers so that the customer can be transported in accordance with their booking and the transport can be processed. If the customer has indicated a bonus program supported by Grandlane Transfer, the data required in this regard is transmitted to the bonus program provider. The payment data collected is stored via a payment service provider and transferred to the intermediary financial service provider or bank.

Personal data can be transmitted to limousine service providers in a third-party country outside of the European Union or the European Economic Area in which the transport is intended to take place. Grandlane Transfer cannot generally provide further information on the data protection level in the third-party country. An adequacy decision (see Art. 45 Paragraph 3 GDPR) or suitable guarantees (see Art. 46 GDPR) are not required for the transmission since the transmission is required for the performance of a contract between the data subject and the controller or to carry out pre-contractual measures upon request from the data subject (Art. 49 Paragraph 1 lit b GDPR) or because the transmission is required to enter into or to perform a contract concluded in the interest of the data subject by the controller with another natural or legal person (Art. 49 Paragraph 1 lit c GDPR).

Customers have the possibility to rate a ride arranged by Grandlane Transfer e.g. in the Grandlane Transfer App. Ratings are stored in the customer’s profile and can be communicated to the respective driving service or provider or chauffeur in anonymised form. The customer can view his own reviews, other customers will not see these reviews. The purpose of the data processing within the evaluation system is the handling of the trip or the payment towards the driver or the dispatcher as well as the analysis and improvement of the Grandlane Transfer Services, e.g. to monitor the proper execution of trips, to increase the quality and to prevent or combat illegal use. Ratings are usually not stored for more than 2 years and then deleted or anonymised.

The legal basis for the processing of personal data during the registered use of Grandlane Transfer Services and during the booking of trips is Art. 6 para. 1 lit. b GDPR (contract performance). If the data subject provides additional, voluntary information (e.g. flight number, frequent flyer programme, special requests, rating), the legal basis is their consent according to Art. 6 Paragraph 1 lit a GDPR and our legitimate interest according to Art. 6 Paragraph 1 lit. f GDPR.

In addition, Grandlane Transfer processes customer data in order to analyse the use of the Grandlane Transfer Services, to design and improve them in a demand-oriented and personalised manner, to advertise the Grandlane Transfer Services, to detect, limit and eliminate malfunctions and problems of a technical or process-related nature and to prevent illegal use of the Grandlane Transfer Services (e.g. fraudulent booking, cyberattacks). In this respect, the legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR (legitimate interest of Grandlane Transfer). Data will not be passed on to recipients in this respect unless to Grandlane Transfer’s data processors (see Art. 28 GDPR) or as far as otherwise permitted by law.

Payment & Fraud Prevention

Payment

All Grandlane Transfer bookings can be paid by credit or debit card. The credit card information only has to be stored once upon the first booking and is protected against unauthorized access. For this purpose, a certified payment provider is used whose systems meet the applicable security standards, such as the PCI DSS standard (Payment Card Industry Data Security Standard). For recurring transactions, the card data is stored with our assigned PCI DSS-certified payment provider. In this respect, the legal basis for the processing is Art. 6(1)(b) GDPR (performance of contract).

Grandlane Transfer itself does not store credit card data or only in abbreviated form for analysis purposes or to prevent fraud. The legal basis for this is Art. 6 Paragraph 1 lit f GDPR (Grandlane Transfer’s legitimate interest).

Fraud Prevention

To ensure that a payment instrument is used by its rightful owner and to prevent fraud, IP addresses, e-mail addresses, payment data and card information may be transmitted to one or more external fraud prevention service providers. This transmission may also contain additional personal data. The external fraud prevention service providers process these personal data on behalf of Grandlane Transfer. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR (legitimate interest of Grandlane Transfer).

In the course of the authentication of the cardholder, it may also be necessary for individual transactions that Grandlane Transfer requires a copy of an additional identification document (e.g. identity card, passport, drivers’ licence) or a copy of the credit card. Grandlane Transfer will ask you to black out any data that is not required (e.g. the credit card number except the last four digits). In this respect, the legal basis is Art. 6 para. 1 lit. b GDPR (fulfilment of contract), your consent (Art. 6 para. 1 lit. a GDPR) and our legitimate interest (Art. 6 para. 1 lit. f GDPR).

Communication with Grandlane Transfer

If you contact Grandlane Transfer (e.g. by phone, contact form, feedback form, chat, messenger, e-mail or social media (Facebook, Instagram, Twitter)), the data you provide will be processed to handle your request and to answer your inquiry. The legal basis is Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (fulfilment of contract and initiation of contract).

Contact data is also used by Grandlane Transfer – pseudonymised or anonymised if possible – to design and improve Grandlane Transfer services according to your needs, to identify and eliminate malfunctions and problems of a technical or process-related nature and to prevent illegal use of Grandlane Transfer services (e.g. fraudulent booking, cyberattacks). In this respect, the legal basis for the processing of personal data is Art. 6 para. 1 letter f GDPR (legitimate interest of Grandlane Transfer).

Grandlane Transfer also uses external services and tools, e.g. messenger services or chat support tools, to communicate with the customer. The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR (legitimate interest of Grandlane Transfer). Agreements on commissioned data processing exist with the respective providers – where necessary.

In this context, we use Intercom as a communication medium, either by e-mail or by messages within our products. The Intercom Messenger apps and apps in inbox products can also give you access to other third-party applications such as Stripe. You should consult the privacy notices of these third parties for more information about how they use your personal information. As part of our service agreements, Intercom collects publicly available contact and social information about you, such as your email address, gender, company, job title, photos, website URLs, social networking sites and physical addresses, to improve your user experience. For more information about Intercom’s privacy practices, please visit https://www.intercom.com/terms-and-policies#privacy.

Grandlane Transfer also offers customers different feedback channels, also via external platforms. Such customer feedback is also used to process your request and also – if possible pseudonymized or anonymized – to design and improve Grandlane Transfer Services according to your needs, to recognize and eliminate malfunctions and problems of a technical or process-related nature and to prevent illegal use of Grandlane Transfer Services (e.g. fraudulent booking, cyberattacks). The legal basis for the data processing is, if you have separately and explicitly agreed, Art. 6 para. 1 lit. a GDPR (consent) and otherwise Art. 6 para. 1 lit. f GDPR (legitimate interest of Grandlane Transfer). With the respective providers of feedback tools there are again – as far as necessary – agreements on commissioned data processing. The respective feedback tool may contain additional information about which data is collected and in which way data is processed.

E-mail Advertising, Newsletter

If you have agreed to receiving advertising or if Grandlane Transfer otherwise has the right, we will use your customer data to send you personalized advertising or general newsletters. The following data is mainly affected: Form of address, name, e-mail address. The purpose of the data processing is for Grandlane Transfer to inform you regarding current offers and to draw attention to features of Grandlane Transfer services.

E-mail advertising and newsletters may contain pixels. In this case, a graphic file is inserted into the e-mail sent in HTML format, based on which a statistical evaluation may be carried out. By using pixels, Grandlane Transfer can detect whether and when e-mails have been opened and links contained therein clicked. The legal base for the data processing is, insofar as you have separately and expressly consented, Art. 6 Paragraph 1 lit a GDPR (consent) and otherwise Art. 6 Paragraph 1 lit f GDPR (Grandlane Transfer’s legitimate interest) in conjunction with Section 7 Paragraph 3 of the German Act Against Unfair Competition (UWG).

Grandlane Transfer has the right, in context of legal permission according to Section 7 Paragraph 3 UWG, to use the e-mail address, which you have provided regarding a chargeable booking, to directly advertise its own, similar products or services. If you do not wish to receive advertising from Grandlane Transfer for similar products or services, you may at any time revoke the corresponding use of your e-mail address without incurring any costs other than the transmission costs in accordance with the base tariffs. To this end, you can use the unsubscribe link contained in any mail or you can write an e-mail to us using the above-mentioned e-mail addresses.

Involvement of Data Processors by Grandlane Transfer

As far as Grandlane Transfer involves third parties in its data processing, e.g. technical service providers or other Grandlane Transfer subsidiaries, this is always done on behalf of Grandlane Transfer and only if these processors offer sufficient guarantees that suitable technical and organizational measures are carried out in such a way that the processing is in accordance with the data protection requirements, in particular Art. 28 GDPR, and guarantees the protection of the rights of the data subject. If processors are located in third countries, the data protection requirements for the transfer pursuant to Art. 44 et seq. GDPR are complied with in each case. As a rule, the appropriate guarantees in third countries are established by means of an adequacy decision (Art. 45 para. 3 GDPR) or the agreement of standard contractual clauses (see Art. 46 para. 2 c) GDPR in conjunction with Art. 93 para. 2 GDPR).

Rights of Data Subjects

If your personal data is processed by Grandlane Transfer, you are the data subject (Art. 4 No. 1 GDPR). As the data subject, you have the following rights in relation to the personal data affecting you:

Right to information (Art. 15 GDPR)

The data subject has the right to obtain a confirmation from the controller as to whether personal data is processed; if this is the case, they have a right of information about this personal data and further information on the data processing.

Right to rectification (Art. 16 GDPR)

The data subject has the right to obtain from the controller without undue delay the rectification or completion of inaccurate personal data.

Right to erasure (Art. 17 GDPR)

The data subject has the right to demand from the controller the erasure of personal data without undue delay and the controller is obliged to erase personal data without undue delay, provided the data is no longer required, the data subject revokes their consent or lodges an objection to the processing, the personal data was processed unlawfully or there is otherwise a ground for erasure within the meaning of Art. 17 GDPR and the controller does not have the right to object to erasure.

Right to the restriction of data processing (Art. 18 GDPR)

The data subject has the right to demand from the controller the restriction of processing when one of the conditions mentioned in Art. 18 GDPR applies, namely the accuracy of the personal data is contested by the data subject or the processing is unlawful and the data subject opposes the erasure of the personal data.

Right to objection (Art. 21 GDPR)

Insofar as the data processing is based on a legitimate interest from our side (Art. 6 Paragraph 1 lit. f GDPR) or is direct advertising, the data subject has at any time the right to lodge an objection to the processing of personal data affecting them for the reasons mentioned in Art. 21 GDPR. The controller will then no longer process the personal data, unless they can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or the processing serves for the establishment, exercise or defense of legal claims.

Right to data portability (Art. 20 GDPR)

The data subject has the right within the meaning of Art. 20 GDPR to receive the personal data, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided.

Right to lodge a complaint (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority according to Art. 77 GDPR.

Revocation of consent (Art. 7 para. 4 GDPR)

If the data processing is based on the consent of a data subject, the data subject has the right to revoke his or her consent at any time. You can do this by sending an e-mail to: info@Grandlanetransfer.com. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Automated decisions

In the case of Grandlane Transfer, you are only subject to an automated decision process (see Art. 22 GDPR) in exceptional cases if you re-enter a payment method via which a payment has already previously failed or when current indications justify the suspicion that it is a fraudulent booking. In these cases, your request to book a ride with Grandlane Transfer will be refused. Such an automatic decision is required to conclude the contract (Art. 22 Paragraph 2 lit a GDPR). The data subject has the option of contacting us using the mentioned contact data in order to have an explanation or an intervention by a person or to express their point of view.

Data Erasure and Storage Duration

We will erase your personal data as soon as the legal basis for its processing lapses. However, legal bases may also exist in parallel or a new one may intervene with the lapsing of a legal basis, such as for example the duty to store determined data to fulfill a legal retention obligation (e.g. according to commercial or tax law).

Amendment or Update of this Privacy Policy

Grandlane Transfer reserves the right to update or amend this privacy policy at any time without giving reasons, as far as this should become necessary, e. g. due to developments in legislation, jurisdiction or regulatory actions or due to further technical developments.

hello.

Get 5% OFF On First Ride | Use Code: Grandlane

X
logo
Book ride