Scope
This Privacy Policy applies to all personal data processed by My Private Service in connection with the use of our website myprivateservice.com, our booking and contact forms, and our luxury chauffeur, concierge and close protection services.
Our services are not directed at minors under the age of 18. We do not knowingly collect personal data from minors.
Data Controller
The controller for the processing of personal data within the meaning of the GDPR is:
For any questions regarding the processing of your personal data or to exercise your rights, please contact us at the address above.
Data Security
My Private Service implements appropriate technical and organisational security measures to ensure a level of protection for personal data appropriate to the risk. Data transferred between your device and our website is transmitted in encrypted form using TLS (Transport Layer Security) encryption.
If you communicate with us by email, access by third parties cannot be entirely excluded. For sensitive information, we recommend using our secure contact form or encrypted email communication. Please contact us if you would like to use encrypted email (PGP).
Website Usage Data
When you visit our website for information purposes — without registering or submitting a form — your browser automatically transmits certain usage data to our servers. This includes:
- IP address (anonymised)
- Date and time of access
- Pages visited and URLs requested
- Browser type and version
- Referring website (referrer)
- Files transferred and data volume
- HTTP status codes
This data is stored in server log files and used to ensure the technical functioning of the website, to analyse and improve website usage, and to detect and prevent security incidents. Log files are deleted or anonymised once they are no longer required for these purposes.
Legal basis: Art. 6(1)(f) GDPR — Legitimate interest
Cookies & Tracking Technologies
Our website uses cookies, pixels and similar technologies to ensure functionality, analyse usage and serve relevant advertising. Detailed information on each cookie, its provider, purpose and duration is provided in our Cookie Policy.
You may manage or withdraw your cookie consent at any time via the cookie settings banner on our website, or by configuring your browser settings.
Legal basis: Art. 6(1)(a) GDPR — Consent for non-essential cookies · Art. 6(1)(f) GDPR — Legitimate interest for strictly necessary cookies.
Bookings & Service Requests
When you submit a booking or service request — whether via our contact form, email, phone or WhatsApp — we collect and process the personal data necessary to fulfil your request. This includes:
| Category | Data Collected | Purpose |
|---|---|---|
| Identity | Title, first name, last name, company | Client identification and personalisation |
| Contact | Phone number, email address, WhatsApp | Communication and booking confirmation |
| Journey | Pickup/destination address, date, time, flight number | Service execution and driver briefing |
| Preferences | Vehicle type, special requests, language | Service personalisation |
| Billing | Billing address, invoice details | Invoicing and accounting |
| Payment | Last 4 digits of card (stored by payment provider) | Payment processing and fraud prevention |
This data is used exclusively to fulfil your service request, manage your account, process payment and communicate with you regarding your booking. We do not sell your personal data to third parties.
Where necessary, we may share journey-related data with partner chauffeur service providers in the destination city to ensure your transport is executed. All partners are bound by confidentiality obligations.
Legal basis: Art. 6(1)(b) GDPR — Contract performance
Payment Processing
Payments are processed via certified third-party payment providers operating under PCI DSS standards. My Private Service does not store full credit card details. Payment data is processed securely by our payment provider. For recurring bookings, card data is stored exclusively with the payment provider.
Close Protection Services
For close protection and VIP security services, we may process additional sensitive information such as itinerary details, risk assessments and destination intelligence. This data is handled with the highest level of discretion and shared only with the assigned security team under strict confidentiality obligations.
Legal basis: Art. 6(1)(b) GDPR — Contract performance · Art. 6(1)(a) GDPR — Consent
Communication
When you contact us by phone, email, contact form, WhatsApp or any other channel, the data you provide will be processed to handle your request and respond to your enquiry. This includes your name, contact details and the content of your message.
We may also use contact data — in pseudonymised or anonymised form where possible — to improve our services, identify and resolve technical issues, and prevent fraudulent use of our services.
Legal basis: Art. 6(1)(a) GDPR — Consent · Art. 6(1)(b) GDPR — Contract performance · Art. 6(1)(f) GDPR — Legitimate interest
We use WhatsApp as a communication channel for booking requests and client support. WhatsApp is operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin, Ireland. When you contact us via WhatsApp, your phone number and message content may be processed by Meta in accordance with their privacy policy. We recommend using end-to-end encrypted messaging for sensitive information.
Google Maps (Booking Form)
Our booking form integrates Google Maps Places API for address autocomplete. When you use this feature, your input and IP address may be transmitted to Google Ireland Limited. For further information, see Google's Privacy Policy.
Marketing & Newsletter
If you have consented to receive marketing communications, or where we are otherwise legally entitled to do so, we may use your contact details to send you information about our services, special offers and news relevant to My Private Service.
You may unsubscribe from marketing communications at any time by clicking the unsubscribe link in any email, or by contacting us directly at contact@myprivateservice.com. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
Legal basis: Art. 6(1)(a) GDPR — Consent · Art. 6(1)(f) GDPR — Legitimate interest
Third-Party Services & Data Processors
My Private Service may engage trusted third-party service providers to support the delivery of our services. These processors act on our behalf and are contractually bound to process data only in accordance with our instructions and applicable data protection law (Art. 28 GDPR).
The following categories of third-party services may process your personal data:
- Payment processing — Secure payment providers operating under PCI DSS certification
- Analytics — Google Analytics (Google Ireland Limited) for anonymised website usage analysis
- Advertising — Google Ads, Meta Ads, LinkedIn and Microsoft Advertising for targeted campaigns (consent required)
- Tag management — Google Tag Manager for script management
- Performance & security — Cloudflare Inc. for CDN, DDoS protection and performance optimisation
- Communication — WhatsApp (Meta) for client messaging
- Reviews — Trustpilot A/S for customer review management
- Partner chauffeurs — Local chauffeur service providers in destination cities, for execution of booked journeys
Where processors are located outside the European Economic Area, appropriate safeguards are in place — such as EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) or adequacy decisions (Art. 45 GDPR) — to ensure an adequate level of data protection.
We do not sell your personal data to third parties under any circumstances.
Your Rights as a Data Subject
As a data subject under the GDPR, you have the following rights with respect to your personal data processed by My Private Service:
To exercise any of these rights, please contact us at contact@myprivateservice.com. We will respond to your request within 30 days.
You also have the right to lodge a complaint with the French supervisory authority:
Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy, 75007 Paris — www.cnil.fr
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Once the legal basis for processing lapses and no other legal basis applies, personal data is deleted or anonymised.
| Data Category | Retention Period | Basis |
|---|---|---|
| Booking & journey data | 5 years from last service date | Legal obligation (accounting, tax) |
| Invoice & billing records | 10 years | French commercial law obligation |
| Contact form messages | 3 years from last contact | Legitimate interest / contract |
| Marketing communications | Until consent withdrawn or 3 years of inactivity | Consent |
| Server log files | 90 days (anonymised thereafter) | Legitimate interest |
| Analytics data (GA4) | 14 months (Google default) | Consent |
Policy Updates
My Private Service reserves the right to update or amend this Privacy Policy at any time, as far as this should become necessary — for example due to developments in legislation, regulatory actions or further technical developments.
When material changes are made, the "Last updated" date at the top of this page will be revised. We encourage you to review this policy periodically to remain informed of how we protect your data.
Last review: April 2025.