Privacy Policy

SIA EuroVentro ("we", "us") operates euroventro.com (the "Platform"). This Privacy Policy explains what personal data we collect, how we use it, and your rights under the EU General Data Protection Regulation (GDPR).

Data Controller

SIA EuroVentro
Mārupe, Latvija
Email: [email protected]

What we collect

You provide:

• Name, email, phone, password (account)
• Billing address; payment information (handled by Stripe — we never see card numbers)
• Booking details (pickup/dropoff addresses, item descriptions, passenger details, photos)
• Communication content (support tickets, in-app messages)

Automatically:

• IP address, device type, browser
• Essential session cookies
• Usage logs (pages viewed, actions taken)

From third parties:

• Payment status from Stripe
• Email delivery status from our email provider

Why we process (legal bases under GDPR Art. 6)

• Account & booking management — Contract (Art. 6(1)(b))
• Payment processing — Contract
• Transactional emails — Contract
• Marketing emails — Consent (Art. 6(1)(a)), opt-in only
• Security & fraud prevention — Legitimate interest (Art. 6(1)(f))
• Tax & accounting compliance — Legal obligation (Art. 6(1)(c))

Sharing

We share personal data only with:

• Stripe — payment processing & carrier payouts (independent data controller). stripe.com/privacy
• Carriers — booking details necessary for them to perform the trip.
• Cloud hosting (DigitalOcean) — server infrastructure (data processor).
• Email service — transactional email delivery (data processor).
• Tax authorities — when legally required.

We do not sell personal data. We do not transfer data outside the EEA without GDPR-compliant safeguards (Standard Contractual Clauses).

How long we keep your data

• Active account: while account exists
• Booking and invoice records: 7 years (Latvian tax law)
• Marketing consent records: until withdrawn
• Server logs: 90 days
• Support tickets: 3 years

Your rights (GDPR)

• Access — copy of personal data we hold
• Rectification — correct inaccurate data
• Erasure — "right to be forgotten" (except where retention is legally required)
• Restriction — limit processing
• Portability — machine-readable export
• Object — to processing based on legitimate interest
• Withdraw consent — for marketing at any time
• Lodge a complaint with the Latvian Data State Inspectorate (Datu valsts inspekcija): dvi.gov.lv

Email [email protected] to exercise any right. We respond within 30 days.

Cookies

We use only essential cookies required for the Platform to function (login session, language preference, security tokens). We do not use advertising or third-party tracking cookies. No cookie banner is displayed because no consent-required cookies are placed.

Children

The Platform is not directed at children under 16. We do not knowingly collect data from children. Parents may book on behalf of minors as passengers.

Changes

We may update this Policy. Material changes will be emailed and posted at least 14 days before taking effect.

Contact

[email protected]
SIA EuroVentro, Mārupe, Latvija