Data Privacy Policy
How we collect, store and process your personal data in compliance with the EU General Data Protection Regulation (GDPR).
Last updated: 1 January 2025. This policy applies to all personal data processed through Bus-service.com.
1. Data Controller
The data controller responsible for your personal data is:
Our Data Protection Officer (DPO) can be reached at [email protected]. We aim to respond to all data protection enquiries within 5 working days.
2. Types of Data Collected
We may collect and process the following categories of personal data:
Identity data: first name, last name, company name, job title.
Contact data: e-mail address, telephone number, postal address.
Booking data: travel dates, itinerary, passenger numbers, special requirements (e.g. accessibility needs, luggage).
Financial data: payment method, bank account or credit card details (processed securely by our payment provider; we do not store full card numbers).
Technical data: IP address, browser type and version, device information, operating system, time zone, referral source.
Usage data: pages visited, time spent on pages, click patterns, search queries on our website.
Communication data: e-mail correspondence, telephone call records, live chat transcripts, feedback and reviews.
3. Purpose of Processing & Legal Basis
We process your personal data for the following purposes, each supported by a lawful basis under Article 6 of the GDPR:
| Purpose | Legal Basis |
|---|---|
| Processing and fulfilling your booking | Performance of a contract (Art. 6(1)(b)) |
| Sending booking confirmations and travel updates | Performance of a contract (Art. 6(1)(b)) |
| Processing payments and issuing invoices | Performance of a contract (Art. 6(1)(b)) |
| Responding to enquiries and customer support | Legitimate interest (Art. 6(1)(f)) |
| Sending marketing communications (with consent) | Consent (Art. 6(1)(a)) |
| Improving our website and services | Legitimate interest (Art. 6(1)(f)) |
| Compliance with legal and tax obligations | Legal obligation (Art. 6(1)(c)) |
4. Cookies
Our website uses cookies and similar tracking technologies. For full details on the cookies we use, their purpose and how to manage your preferences, please see our Cookies Policy.
You can adjust your cookie preferences at any time via the cookie settings banner on our website or through your browser settings.
5. Third-Party Data Sharing
We do not sell your personal data. We may share your data with the following categories of third parties, solely for the purposes described in this policy:
Payment processors: to securely process your payments (e.g. Stripe, PayPal). These providers are PCI-DSS compliant.
E-mail service providers: to send booking confirmations, travel updates and, where you have opted in, marketing communications.
Sub-contracted coach operators: where a partner operator provides the vehicle, we share the necessary booking details (pick-up location, passenger count, itinerary).
Analytics providers: Google Analytics (anonymised IP) to understand website usage patterns. See our Cookies Policy for details.
Legal and regulatory authorities: where required by law, court order or regulatory obligation.
All third-party processors are bound by data processing agreements that require them to handle your data in accordance with the GDPR.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
Booking and contact data: retained for 24 months after the last date of travel, unless a longer retention period is required for legal, tax or accounting purposes.
Financial and invoice data: retained for 7 years as required by Dutch tax legislation (Algemene wet inzake rijksbelastingen).
Marketing consent records: retained for the duration of your consent plus 12 months after withdrawal.
Website analytics data: anonymised and aggregated; individual session data is deleted after 14 months.
When data is no longer required, it is securely deleted or anonymised so that it can no longer be associated with you.
7. Your Rights Under the GDPR
Under the GDPR, you have the following rights in relation to your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your data where there is no compelling reason for continued processing.
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Restrict Processing
Request limitation of processing in certain circumstances.
Right to Object
Object to processing based on legitimate interests or direct marketing.
Right to Withdraw Consent
Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact our DPO at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.
8. International Data Transfers
Your data is primarily stored and processed within the European Economic Area (EEA). Where data is transferred outside the EEA (for example, to a US-based analytics or email provider), we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses (SCCs) or an adequacy decision by the European Commission.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include SSL/TLS encryption on our website, restricted access controls, regular security audits and staff training on data protection.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by Articles 33 and 34 of the GDPR.
10. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or applicable legislation. The “last updated” date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically. Material changes will be communicated via a prominent notice on our website.
Request Availability
and Price
15+
Countries
4.7★
Rating
376
Reviews
Reservation Hotline
+31 20 808 0046Dispatch 24/7
+31 20 808 004624/7 Support Available
Mon-Fri 8AM-5PM CET · Weekends 9AM-3PM CET · Dispatch 24/7
