Privacy Policy (GDPR)

PRIVACY POLICY (GDPR) – Maxx Limousine

Controller (Data Controller / Veri Sorumlusu): AIGEN Global L.L.C. (Brand: Maxx Limousine)
Website: https://www.maxxlimousine.com
Contact (Privacy): [email protected]
Effective / Last Updated: 24 January 2026

This Privacy Policy explains how we collect, use, store, and share personal data when you visit our website, request a quote, make a reservation, or use our services (luxury transfers, chauffeur-driven services, self-drive rentals, private tours, and related services).

If you are located in Turkey, please also review our Privacy Notice (Turkey – KVKK). If you are a consumer located in Turkey and purchase remotely, you may also see additional disclosures under Distance Sales Agreement (Turkey).

1) What Data We Collect

Depending on your interaction with us, we may collect:

A. Identification & Contact Data
Name, surname, phone number (including WhatsApp), email address, preferred language.

B. Booking & Service Data
Pickup/drop-off location, date/time, flight details (if applicable), passenger count, baggage notes, special requests.

C. Payment & Transaction Data
Payment status, amount, currency, transaction references, invoices/receipts.
We do not store your full payment card details on our systems. Card payments are processed by authorized payment service providers.

D. Technical & Usage Data
IP address, device/browser data, logs, approximate location (from IP), cookies and similar technologies.

E. Communications
Messages you send us via forms, email, phone, or messaging apps; support interactions; complaint/dispute information.

2) Why We Use Your Data (Purposes)

We use personal data to:

  1. Provide services and manage reservations (quotes, booking confirmation, dispatch, operational coordination).

  2. Customer support (questions, changes, cancellations, refunds).

  3. Payments and fraud prevention (payment validation, chargeback/dispute handling).

  4. Legal and compliance obligations (accounting, tax, record-keeping, responding to lawful requests).

  5. Website security and performance (monitoring, preventing abuse).

  6. Analytics and service improvement (aggregated insights, performance measurement).

  7. Marketing communications (only where permitted by law and your preferences; you can opt out anytime).

3) Legal Bases (GDPR)

Where GDPR applies, we process personal data under one or more of the following legal bases:

  • Contract performance (to provide the services you request, manage bookings, execute refunds).

  • Legal obligations (tax/accounting compliance, regulatory requirements).

  • Legitimate interests (security, fraud prevention, service improvement, dispute management), balanced against your rights.

  • Consent (where required, e.g., certain marketing/cookie categories; you may withdraw consent at any time).

4) Payments, Refunds, and “Same-Channel” Rule

We offer multiple payment methods (e.g., Paysera, Payoneer, cash, and Paysera collection channels such as website checkout, payment link/bank transfer, mobile POS where available).

Important: Approved refunds are processed to the same payment channel used for the original transaction (e.g., card-to-same-card, transfer-to-same-account, Paysera-to-Paysera, Payoneer-to-Payoneer, cash-to-cash where applicable).
For operational details, please see Cancellation & Refund Policy and Service Delivery Terms.

5) Who We Share Data With (Recipients)

We may share personal data only as needed with:

  • Payment service providers (to process payments/refunds and manage disputes).

  • Operational partners / drivers / third-party operators (to deliver the service you booked).

  • IT and infrastructure providers (hosting, email delivery, security, analytics—only to the extent necessary).

  • Professional advisors (accountants, legal advisors) where required.

  • Authorities where we are legally required to comply with lawful requests.

We do not sell your personal data.

6) International Data Transfers

Because we serve international customers and use international service providers, your data may be processed in countries outside your country of residence.

Where GDPR applies and data is transferred outside the EEA/UK, we use appropriate safeguards (such as contractual protections) and transfer only what is necessary for the stated purposes.

7) Data Retention (How Long We Keep Data)

We keep personal data only as long as needed for the purposes described above, including:

  • Booking and service records for operational continuity and dispute handling.

  • Payment and accounting records for legally required retention periods.

  • Security logs for a limited period, as necessary to protect our systems.

When retention is no longer necessary, data is securely deleted or anonymized.

8) Your Rights (GDPR)

Where GDPR applies, you may have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request deletion (where applicable)

  • Restrict or object to processing (in certain cases)

  • Data portability (for certain data)

  • Withdraw consent (where processing relies on consent)

To exercise your rights, contact us at [email protected]. You also have the right to lodge a complaint with your local data protection authority.

(For Turkey-specific rights and processes, see Privacy Notice (Turkey – KVKK).)

9) Cookies and Similar Technologies

We use cookies and similar technologies for:

  • Strictly necessary functions (site operation, security)

  • Performance/analytics (understanding how users interact with the site)

  • Functional preferences (language, session settings)

  • Marketing (only where applicable and permitted)

You can manage cookies through your browser settings and, where available, our cookie preferences tools.

10) Security

We implement reasonable technical and organizational measures to protect personal data (e.g., encryption in transit via SSL/TLS, access controls).
No system is 100% secure, but we continuously work to reduce risks.

11) Children

Our services are not intended for children. If you believe a child has provided personal data, contact us so we can take appropriate action.

12) External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those third parties. Please review their policies separately.

13) Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website with an updated effective date.

14) Contact

For any privacy-related questions or requests, contact:
[email protected]
(Include “Privacy Request” in the subject line.)