PRIVACY POLICY

FOR Ithra Transportation

 

– Standardized Company Name: Aligned the company name with your Terms and Conditions to Ithra Transportation for consistency across your legal documents.

– Corrected Registration Number:  Fixed the registration number inconsistency (HE 41255 vs. HE412557 from the T&Cs). I have used the one from this document, but you should verify the correct official number.

– Improved Structure:  Organized the document into numbered Articles and sections for easier reference and to match the style of the revised Terms and Conditions.

– Corrected Grammar and Syntax:  Fixed numerous grammatical errors, typos, and awkward phrasing (e.g., “info@ithraglobal.com,” corrected phone number formatting).

– Clarified Legal Language:  Rephrased sections for precision, especially regarding data processing purposes, third-party sharing, and data retention periods.

– Integrated Cookie Policy: Added a reference and placeholder for the detailed Cookie Policy (which was Article 16 in your T&Cs) to ensure the documents are linked.

– Defined Key Terms:  Moved definitions to the beginning for clarity.

–  Enhanced User Rights Section: Made the explanation of user rights clearer and more actionable.

LEGALLY AMENDED AND REVISED TEXT

****

Last Updated: January 26, 2021

(Note: This policy is subject to amendment as per Article 1.5 below)

 

What We May Collect

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous date ).

 

:We may collect, use,store and transfer different Kinds of personal data about you which we have grouped together as follows

 

  • Identity Date includes first name, last name username, or similar identifier. When you email, phone, live chat or otherwise, we may collect information such as your first name, last name email address and phone number.
  • Contact Data includes billing address, invoicing address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details

  • Transaction Data includes details about payment and other details of our Services you have purchased from us.

  • Technical Data includes internet Protocol (IP) address, your login data, browser type and version, time zone setting and location. Browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website

**ARTICLE 1: INTRODUCTION AND SCOPE**

 

1.1. Our Commitment

At Ithra Transportation, we take privacy seriously. We take all necessary actions to safeguard the privacy of our customers, partners, and associates and to comply with national and European legislation.

 

1.2. Regulatory Framework

Since May 25, 2018, all entities established and operating within the European Union that control personal data are subject to the General Data Protection Regulation (GDPR) (EU) 2016/679. The GDPR introduces the framework for how all entities must process, manage, and protect personal data. Ithra Transportation, being such an entity, has adopted the highest standards of the industry.

 

1.3. Purpose of this Policy

Because we know that privacy is important to you, we invite you to devote some of your time to understand how Ithra Transportation collects, processes, manages, and protects your privacy. This Privacy Policy (the **”Policy”** ) is intended to inform the Users of Our Platform about what information We collect, what We do with it, and what rights You have in relation to Your personal data.

 

1.4. Company Information (Data Controller)

Ithra Transportation is incorporated and existing under the laws of the Republic of Cyprus with registration number HE 41255, having its registered address at Ayiou Nikolaou 33, Egkomi 2408, Cyprus.

– **Contact Email:** info@ithraglobal.com

– **Contact Phone Number:** +966 56 740 2272

(Hereinafter referred to as the **”Company,” “We,” “Us,”** or **”Our”**). We are the **Data Controller** of Your Personal Data.

 

1.5. Acceptance and Amendments

By continuing to use Our Services or Platform by any means, You automatically and unconditionally accept the current and/or modified version of this Policy in its entirety.

We reserve the right to update this Privacy Policy and any supplemental privacy notices at Our sole discretion from time to time. The amended version shall come into effect upon posting on Our website. We recommend reviewing this Policy on a regular basis.

If You do not agree with any aspect of the current or modified version of this Policy, You should not use Our Services or Platform and shall not provide Us with Your personal data.

This Privacy Policy is in force since January 26, 2021.

 

ARTICLE 2: DEFINITIONS

 

2.1. Personal Data

As defined by the GDPR, Personal Data is any information related to an identified or identifiable natural person (**”Data Subject”** ). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

 

2.2. Platform

Refers to the website (ithraglobal.net) and/or any associated mobile applications owned and/or operated by the Company.

 

**2.3. Services**

Refers to the transportation services arranged through the Platform, including taxi services, hourly car hire with driver, and tour packages (hereinafter **”Transportation Services”** or **”Services”** ).

 

2.4. User

Refers to the travelers and users of the Platform (**”Traveler(s),” “You,” “Your”** ).

 

ARTICLE 3: DATA COLLECTION

 

3.1. What Personal Data Do We Collect?

While using Our Services to book a transfer through Our Platform, We may collect the following categories of personal data:

  • Identity Data: Full name (including nicknames).
  • Contact Data: Home or business address, email address, and telephone number.
  • Financial Data:  Payment information such as bank card number, expiration date, CVV, etc.
  • Transaction Data:  Transportation history, including details of transfers You have booked.
  • echnical Data: IP address, login information, browser type and version, operating system and platform, geolocation, and other technology on the devices You use to access our Platform.
  • Profile Data:  Your account login credentials (email and password), preferences, flight numbers, and other information You provide to facilitate your booking.
  • Usage Data:  Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.
  • Customer Service Data: Records of communications with our support team.
  • Demographic Data:  Age, city, postal code, etc.

 

 3.2. How and When Do We Collect Personal Data

We collect personal data directly from You in the following circumstances:

– When You create an account on our Platform.

– When You book a taxi transfer.

– When You communicate with Us (email, phone, chat).

– When You conduct payments for Our Services.

– Through the use of cookies and similar technologies on our Platform (see **Article 8: Cookies** ).

 

**ARTICLE 4: DATA USAGE (PURPOSE AND LEGAL BASIS)**

 

**4.1. How and Why Do We Use Your Personal Data?**

We use Your data for the sole purpose of providing You with the Services. This includes, but is not limited to:

  • Contract Performance: To open and operate your account, arrange and manage your taxi transfer, process your requests, and meet our contractual obligations towards You.
  • Legitimate Interests:  To communicate with You, identify You, receive payments, and improve our Services.
  • Legal Obligation: To comply with applicable laws and regulations.
  • Consent: We may use Your personal data for direct marketing purposes  only after  You have given your prior explicit consent. You have the right to withdraw your consent at any time.

 

 ARTICLE 5: DATA SHARING AND DISCLOSURE 

 5.1. Internal Access 

Primarily, Your personal data is shared only with necessary employees, associates, and/or departments of the Company who are managing and/or processing Your request and/or Services on a strict need-to-know basis.

 

 5.2. Third-Party Service Providers 

For the provision of Services and the operation of the Platform, We may cooperate with third-party service providers. When we do, We share only the minimum necessary data required for them to perform their functions. We contractually bind these third-party service providers to:

– Not use Your personal data for any other reason.

– Process, manage, and protect your data in accordance with our instructions and data protection laws.

 

Specific categories of third parties we may share data with include:

  • Drivers (Transportation Providers) : To fulfill your booking.
  • Professional Advisors: Lawyers, accountants, and other professionals.
  • Technology Providers: Data analysis companies, providers of technology services, and IT support.
  • Marketing Partners:  Third-party email marketing companies acting on our behalf to send newsletters (with your consent), and advertising companies.

 

 5.3. Business Transfers 

We reserve the right to disclose Your personal data to a third party in the event that We choose to sell, transfer, or merge all or part of Our business or assets.

 

 5.4. International Transfers 

As a general rule, We do not transfer Your personal data outside the EU and EEA unless such transfer is necessary for the provision of Services to You (e.g., if a driver’s dispatch center is located outside the EEA). When Your data is transferred to third countries outside the European Union and European Economic Area, we will ensure that all appropriate safeguards (such as Standard Contractual Clauses) are in place for the protection of Your Personal Data.

 

 ARTICLE 6: DATA PROTECTION AND RETENTION 

 

 6.1. Security Measures 

We maintain the highest industry standards to secure and protect your personal data. We have implemented appropriate technical and organizational measures, safeguards, protocols, and systems to protect Your personal data from unauthorized or unlawful processing, accidental loss, destruction, or damage.

 

 6.2. Data Retention Periods 

We will retain information about You for the period necessary to fulfil the purposes for which the information was collected.

  • Active Users: We retain your data for as long as you maintain an active account and use our Services.
  • Inactive Users: If you have not used Our Services for a period of  five (5) years , your account along with your personal data will be scheduled for deletion, unless a longer retention period is required or permitted by law.
  • Consent-Based Processing: If you allow us to use your personal data for marketing purposes, we may keep your personal data until you withdraw your consent or inform us otherwise.
  • Legal Holds: We may be legally obliged to retain certain information for a longer period (e.g., for tax or accounting purposes).
  • Anonymization: We reserve the right to anonymize Your data for research or statistical purposes so that it cannot be associated with an identifiable person. We may use this anonymized information for an indefinite period.

 

 ARTICLE 7: YOUR RIGHTS 

 

 7.1. Summary of Your Rights 

As a Data Subject, you have the following rights regarding Your personal data. Limitations and conditions may apply to some of these rights.

  • Right of Access: You have the right to request confirmation of whether we process your data and to request a copy of the personal data we hold about you.
  • Right to Rectification:  You have the right to request that we correct inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data, subject to certain legal exceptions.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your data in certain circumstances (e.g., while a dispute about its accuracy is being resolved).
  • Right to Data Portability: You have the right to request that we provide your personal data to you in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes, or where processing is based on our legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

–  Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority (data protection authority) in the country of your habitual residence, place of work, or place of the alleged infringement.

 

 7.2. How to Exercise Your Rights 

We offer You easy ways to exercise these rights:

–  By Phone:  Contact our Customer Support Team.

–  By Email: Send your request to  info@ithraglobal.com**

 

 ARTICLE 8: COOKIES AND PUSH NOTIFICATIONS 

 

 8.1. Cookies 

Our website/Platform uses cookies and similar tracking technologies. Cookies are small text files stored on your device that allow Us to collect data about Your preferences, your interaction with Us, the type of Transfer that You book, and the search terms You enter. For detailed information on the cookies we use and how to control them, please refer to our **Cookie Policy**, which forms part of these Terms of Use.

 

 8.2. Push Notifications 

Our mobile application and/or Platform may send you push messages/notifications, for instance about Offers or Services. You can disable these messages/notifications through the settings in Your phone or the Platform settings.