Data protection

Effective Date: February 29th, 2024

Data protection and security are very important to us. You can find out more about our safety precautions here.

Siva Travel and Finance LLC  (“We”) is the data controller responsible for collecting and processing your personal data in connection with its activities. Our mission is to offer our customers a comprehensive range of travel services.

In this privacy policy we explain to you how we process your personal data and how you can control and manage it. Our data processing may be covered by further data protection information, such as those contained in the General (Travel) Conditions, or may arise from the circumstances or be regulated by law.

This data protection declaration complies with the requirements of Swiss data protection law and – if and to the extent applicable – the European Union’s General Data Protection Regulation (GDPR).

1. Are you affected by this notice?

This privacy policy applies to you if you:

  • are one of our customers or have a contractual relationship with us;
  • are a fellow traveler of one of our customers.
  • are interested in our products or services and therefore provide us with your personal data (e.g. in an agency, on our websites) so that we can contact you.

If you provide us with other people’s personal information, please ensure that you inform them about the sharing of their personal information and encourage them to read this privacy policy. We will ensure that we do the same whenever possible (e.g. where the person’s contact details are available).

2. How can you control our processing of your Personal Data?

You have rights that enable you to effectively control your personal data and the way we process it. Below we explain your rights in connection with your personal data. 

If you would like to exercise the rights listed below, please submit a request by email to or by post to the following address: Siva Travel and Finance LLC, Data Protection, Weltpoststr.3e, 3015 Bern.

If you have any questions about the use of your personal data within the scope of this data protection declaration, please address them to the following address:

3. For what purpose and on what legal basis do we use your personal data?

3.1. Contract execution and legitimate interest

In this section we explain the purposes for which we process your personal data and the legal basis on which this is done. We primarily use your personal data to process a contract to which you are a party or to carry out pre-contractual measures at your request. However, we may also process your personal data to fulfill our legitimate interests or those of third parties.

In particular, your personal data will be processed if this is necessary for the conclusion or performance of a contract in order to:

  • conclude a (travel) contract with you. We may process personal data to register you as a new customer, enter into and perform a contract with you;
  • To provide you with products and services purchased under the relevant Agreement;
  • carry out billing, invoicing and debt collection;
  • to provide you with services related to the preparation and implementation of a trip;
  • for insurance purposes;
  • to offer consulting services;
  • to be able to provide assistance if necessary in case of difficulties during the trip;
  • To provide you with access to our digital platforms. We may process personal data when you use our digital platforms for various purposes (e.g. to manage your personal information or to access travel information);
  • to provide access to our premises and facilities. We may process personal data when you visit us on our premises in order to carry out appropriate access and security controls;
  • to communicate with you. We may process personal data if you want to contact us, if you ask us for information about our company or services or if the contract needs to be updated;
  • Respond to your inquiries and support you;
  • manage the termination of the contract.

When we base a processing activity on a legitimate interest, we will balance that interest against your interests or fundamental rights and freedoms to ensure that they are proportionate. As part of our business as a travel provider, we also use your personal data to:

  • to further develop our products and services;
  • improve cybersecurity, manage our platforms and websites and ensure business continuity;
  • to implement the introduction of IT solutions;
  • to carry out maintenance of IT systems during ongoing operations;
  • Improve the automation and efficiency of our operations and customer services (e.g. automatically filling complaints, tracking your requests and improving your satisfaction based on personal data collected during our interactions with you, such as telephone records, emails or chats);
  • enable the assertion of legal claims and defense in connection with legal disputes and governmental proceedings;
  • Organize competitions, promotions and conduct opinion polls and customer satisfaction surveys.

3.2. Advertising and Marketing

If you are a customer and unless you object, we may send you offers for our products and services. We ensure that these commercial offers relate to products or services that are relevant to your needs and complement the offers you have already taken advantage of. You can object to this at any time.

3.3. Consent

For certain processing of personal data, we will specifically inform you and ask for your consent. Of course, you can revoke your consent at any time.
In particular, we ask for your consent for:

  • The transmission of particularly sensitive personal data to third parties;
  • Tailoring our offerings and products or services based on a complex profile to predict your needs and behavior;
  • any electronic offers for products and services that are not similar to those you have purchased or for products and services from our trusted partners.

If necessary, we can ask you for further consent to process your personal data, but this has no effect on data processing that has already taken place.

4. What types of personal information do we collect?

We collect and use your personal data, which means any information that identifies you or that allows you to be identified.

Depending on the type of product or service we offer you and the interactions we have with you, we collect different types of personal data about you:

  • Contact information, postal address (personal or professional), email address, telephone number;
  • Personal information, e.g. gender, birthday and age, marital status, nationality, passport details, etc.;
  • lifestyle, e.g. hobbies and interests, travel;
  • Travel information such as travel dates, itinerary/destination, airline, hotel, price, customer preferences, information about your fellow travelers, frequent flyer programs, etc.;
  • Health data, e.g. information about health-related special needs or illnesses and accidents during a trip;
  • Financial information, such as payment information, credit card number, account details;
  • Data about your habits and preferences regarding the use of our products and services (e.g. meal requests);
  • Data from our interactions with you, e.g. B. Your comments, suggestions, needs during our exchange with you in person at our locations and during telephone communication (conversation note or conversation recording), communication via email, chat, chatbot, exchange on our social media and your possible Complaints were collected. Your connection and tracking data (e.g. collected via cookies for non-advertising or analytical purposes on our websites), online services, other applications;
  • Data about your devices (mobile phone, computer, tablet, etc.), such as IP address, technical data and unique identifying data;
  • Personalized login details or security features used to connect you to our website and apps.

5. From whom do we collect personal data?

We generally collect personal data directly from you. But we can also collect them from other sources.

Sometimes we collect data from public sources:

  • Publications/databases provided by official authorities or third parties (e.g. the Swiss Commercial Gazette or the Commercial Register);
  • Legal entity or corporate client websites/social media presences that contain information that you have disclosed (e.g. your own website or social media presence);
  • public information, e.g. information from the media.

We also collect personal data from third parties:

  • from our customers (e.g. as fellow travelers);
  • from our business partners (e.g. tour operators, service providers abroad);
  • from third parties such as credit reference agencies and fraud prevention agencies;
  • from address research service providers who are responsible for ensuring that they collect the relevant information lawfully.

6. Who do we share your personal information with and why?

In order to fulfill some of the purposes described in this privacy policy, in particular to carry out a trip, we may share your personal data with others. These can be the following:

  • Our service providers in the destination country  (e.g. agencies, tour guides, hotel reservations, transfer and excursion services), transport service providers (airline, train, car rental, etc.) and accommodation operators (hotel, hostels, etc.);
  • Processors who provide services on our behalf (e.g. IT services, logistics, printing services, telecommunications, debt collection, consulting and sales as well as marketing);
  • certain regulated professional groups such as lawyers, notaries or auditors when necessary in certain circumstances (litigation, auditing, etc.) and to our insurers;
  • Partner to carry out advertising, market and opinion research;
  • Partner to support the investigation of criminal offenses (e.g. fraud), assertion, exercise or defense of legal claims;
  • Authorities and official bodies (e.g. tax authorities, embassies of the destination country) if there is a legal or official obligation (e.g. retention requirements, obtaining visas, obtaining entry requirements).

7. International transfer of personal data

International transfers from Switzerland and the European Economic Area (EEA) to a non-EEA country (third country) may involve cross-border transfer of your personal data. In particular, you must expect your data to be transmitted to the countries you are traveling to. But also to countries in Europe, the USA and worldwide, where the service providers and service providers we use are located. If the FDPIC or the European Commission has recognized that a third country offers an adequate level of data protection, your personal data can be transferred on this basis.

For transfers to a third country whose level of protection has not been recognized as adequate by the FDPIC and the European Commission, we either rely on an exception that applies to the respective situation (e.g. if the transfer is necessary to fulfill our contract with you) or apply one of the following appropriate safeguards to ensure the protection of your personal data:

  • standard contractual clauses approved by the FDPIC and the European Commission;
  • binding internal data protection regulations.

To obtain a copy of these warranties or information about where they can be obtained, you may submit a written request in accordance with Section 2.

8. How long do we keep your personal data?

We will retain your personal information for as long as necessary to fulfill our contractual obligations and comply with applicable laws and regulations, or for any other period necessary for our legitimate business interests, such as: B. proper accounting and responding to legal claims or official inquiries.

9. Data Security

We use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties (e.g. encryption of data transmission, access controls, etc.). Our security measures are continuously improved in line with technological developments.

We take reasonable precautions to protect your information. The transmission of information via the Internet and other electronic means always involves certain security risks and we cannot guarantee the security of information transmitted in this manner.

10. Cookies, tracking and data collection when using the website

We typically use “cookies” and similar technologies on our websites and apps that can identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you use when you visit our website or install an app. This way, when you visit this website or use our app again, we can recognize you, even if we don’t know who you are. In addition to cookies that are only used during a session and are deleted after your visit to the website (“session cookies”), cookies can also be used to store user settings and other information over a certain period of time (e.g. two years) (“permanent cookies “). However, you can set your browser so that it rejects cookies, only saves them for one session or otherwise deletes them early. Most browsers are preset to accept cookies. We use permanent cookies to save user settings (e.g. language, autologin), so that we can better understand how you use our offers and content, and so that we can show you offers and advertising tailored to you (which can also happen on websites of other companies ; however, they will not find out from us who you are, if we even know that ourselves, because they only see that the same user is on their website who was on a specific page on our site). Some of the cookies are set by us, and some are also set by contractual partners with whom we work. If you block cookies, certain functionalities (such as language selection or booking processes) may no longer work.

11. Social media plug-ins

On our website we also use so-called plug-ins from social networks such as Facebook, Twitter, YouTube, Pinterest or Instagram. This is clear to you in each case (via corresponding symbols). We have configured these elements to be disabled by default. If you activate it (by clicking on it), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection regulations. We do not receive any information about you from him.

12. How you can follow the development of this privacy policy

In a world where technologies are constantly evolving, we regularly review this privacy policy and update it as necessary.

The current version published on our website applies. We encourage you to view the latest version of this document online. We will notify you of any changes via our website or through our usual communication channels.