flag_us dtr
flag_uk flag_ca
call_img
Call 24/7 Toll Free

GDPR Privacy Notice of Farehutz.us

Introduction

Effective Date: August 18, 2025

This GDPR Privacy Notice (“Notice”) forms part of the Privacy Policy for Farehutz.us, owned and operated by TGS Ventures Private Limited, and applies specifically to the processing of “personal data,” as defined under the General Data Protection Regulation (GDPR), of individuals located in the European Economic Area (EEA) or the United Kingdom (UK) (collectively referred to in this Notice as “EEA Individuals,” “you,” or “your”).

Any capitalized terms not defined within this Notice shall be deemed to have the same meaning as in our Privacy Policy, or, failing definition there, according to the GDPR. If any conflict exists between this Notice and other sections of our Privacy Policy, this Notice prevails for EEA Individuals and their personal data.

If you are located outside the EEA or UK, please refer to our general Privacy Policy.

Who Controls Your Data?

TGS Ventures Private Limited is the data controller for all personal data collected via our website, customer service centers, booking systems, and other related travel services (collectively, “Services”). For EEA/UK individuals, Farehutz.us controls what personal information it collects and how it is processed in accordance with the GDPR.

Data Storage Location

All personal data whether collected in the U.S. or from UK/EEA residents is hosted on secure servers in the United States.

Cross-Border Data Transfers

We are self-certified under:

  • EU–U.S. Data Privacy Framework (EU-U.S. DPF)
  • UK Extension to the EU-U.S. DPF
  • Swiss–U.S. Data Privacy Framework (Swiss-U.S. DPF)

If these frameworks are no longer valid for data transfer, we will rely on the European Commission’s Standard Contractual Clauses (SCCs) to safeguard transfers from the EEA/UK to the U.S.

Transfers to travel suppliers outside the EEA/UK (for example, airlines or hotels) can be on the basis of GDPR Article 49(1)(b) and/or 49(1)(c) where required to complete a booking or upon your request.

Data Retention

We retain your personal data for as long as necessary, taking into account:

  • Booking history, account activity, and loyalty rewards participation.
  • Analysis of travel trends for service improvements.
  • Your marketing subscription status and engagement history.
  • Fraud prevention, security, and compliance requirements.
  • Resolution of disputes and delivery of customer service.
  • Applicable legal retention periods and statutes of limitation.
  • The handling of potential legal claims or regulatory obligations.

Once no longer required, your personal data will be securely deleted or anonymized.

Security Practices

We protect personal information using technical and organizational measures, including

  • PCI-DSS compliance for payment processing.
  • SSL encryption for sensitive information.
  • Industry-standard frameworks like ISO 27001.
  • System logs capturing IP addresses, browser types, timestamps, and referrer URLs to identify and mitigate threats.

Government and Legal Disclosures

We can share personal information with public authorities when the law requires it, including for national security, law enforcement, or other regulatory compliance reasons.

Business Changes

If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred to the new entity, which will remain bound by this Privacy Notice.

Your GDPR Rights (EEA/UK Users)

If you are in the EEA/UK, you have the right to:

  • Access the personal data we hold about you.
  • Request corrections or deletion.
  • Restrict or object to certain processing activities.
  • Request a portable copy of your data.
  • Withdraw consent where processing is based on consent.

To invoke your rights, e-mail support@farehutz.us with the subject line "GDPR Privacy Request."

Objections to Marketing & Legitimate Interest Processing

You may object to:

  • Processing based on our legitimate interests, unless we can demonstrate overriding legal grounds.
  • Direct marketing at any time, by clicking the unsubscribe link in our emails or by writing to support@farehutz.us.

Please note that transactional and administrative messages (e.g., booking confirmations) are not considered marketing and cannot be opted out of.

Complaints

EEA/UK residents can lodge complaints with their local data protection authority:

https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

You may also exercise rights under any applicable SCCs we have in place.

 U.S. residents may contact their state consumer protection office.

Data Privacy Framework Commitments

We comply with the EU-U.S. DPF Principles, UK Extension, and Swiss-U.S. DPF Principles. In the event of any conflict between these Principles and this Notice, the Principles will govern. These commitments are enforceable under U.S. law and are subject to oversight by the Federal Trade Commission (FTC).

View our certification here: https://www.dataprivacyframework.gov/

If you have an unresolved DPF-related concern, contact BBB National Programs Data Privacy Framework Services at:

https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers

Binding arbitration may be available for certain unresolved complaints.

Learn more: U.S. Data Privacy Framework Program

Onward Transfers

We may share your data with trusted service providers for e.g., hosting, analytics and marketing who act on our behalf and are required to maintain the same level of privacy protection. These providers must also notify us if they can no longer meet these standards.

We may transfer personal data to affiliates to help with operations. Sensitive personal data will only be shared with your explicit opt-in consent.

You can opt-out of onward transfers to third parties not acting as our agents by contacting support@farehutz.us

Minors

Our Services are designed for individuals aged 18 and over. We do not knowingly collect child personal details under this age.

Changes to This Privacy Notice

If we intend to process your personal data in a manner not previously described in this Privacy Notice, we will revise the Notice accordingly and, where required by law, provide advance notification before such changes take effect. The “Effective Date” displayed at the top of the Notice will always indicate the most recent update.

Commitment to Data Privacy Framework (DPF) Principles

We comply with the applicable Data Privacy Framework Principles and remain subject to the enforcement authority of the U.S. Federal Trade Commission. Additional details regarding our certification can be found through the U.S. Data Privacy Framework Program. If you have a privacy-related concern that remains unresolved after contacting us directly, you may seek assistance from the BBB National Programs Data Privacy Framework Services by visiting their DPF Consumer Process page. In certain circumstances, binding arbitration may be available as a final means of resolving disputes.

Sharing of Personal Data (“Onward Transfers”)

We may disclose personal data to:

  • Authorized service providers acting on our behalf (e.g., website hosting, analytics, marketing, and customer support services).
  • Corporate affiliates when needed for operational purposes.

Any third party receiving personal data from Farehutz.us must provide protections equivalent to our own and inform us if they are unable to meet these obligations.

Opt-In / Opt-Out Rights

You have the right to opt-out of personal data sharing with third parties who are not acting as our agents by sending an email to support@farehutz.us. We will not share sensitive personal information with any third party without first obtaining your explicit opt-in consent.

Contact Us

For questions or to exercise your GDPR rights:

By Email: support@farehutz.us

By Phone:

Please do not send payment information or other sensitive data via email.