Privacy Policy

Last updated: March 2026

1. Data Controller

Bus Booking GmbH
Oettingenstraße 26
80538 München, Germany
Email: [email protected]

2. What Data We Collect

When you submit a quote request or contact form, we collect:

  • Name and email address
  • Travel details (city, date, passenger count, route)
  • Any additional information you provide in the message field

We also collect standard server log data (IP address, browser type, pages visited, timestamps) for security and analytics purposes.

3. How We Use Your Data

We use your personal data to:

  • Respond to your quote requests and enquiries
  • Coordinate transport services with our partner operators
  • Send booking confirmations and service updates
  • Improve our website and services

We do not sell your data to third parties. We do not send marketing emails unless you explicitly opt in.

4. Legal Basis (GDPR)

We process your data based on: (a) your consent when submitting a form; (b) our legitimate business interest in responding to enquiries and providing services; (c) contractual necessity when you book a service with us.

5. Data Sharing

To fulfil your transport booking, we share relevant details (route, date, passenger count) with our partner bus operators in the relevant city. We do not share your email address or personal contact details with third parties for marketing purposes.

6. Cookies

This website uses essential cookies for site functionality. We may use analytics cookies (e.g., Google Analytics) to understand how visitors use the site. You can disable cookies in your browser settings at any time.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purpose for which it was collected, typically up to 3 years after your last interaction. Financial records are retained as required by German tax law (10 years).

8. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, email [email protected].

9. Security

We use industry-standard security measures including SSL/TLS encryption, secure server infrastructure, and access controls to protect your personal data.

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.