GDPR Privacy Notice

This GDPR Privacy Notice supplements our general Privacy Policy and applies specifically to individuals located in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland. Air Booker Direct (operated by US Auto Solutions LLC) is committed to complying with the General Data Protection Regulation (GDPR) and ensuring the lawful and transparent processing of your personal data.

1. Data Controller

For the purposes of the GDPR, US Auto Solutions LLC (dba Air Booker Direct) acts as the Data Controller when we collect and determine the purposes and means of processing your personal data to facilitate your travel bookings.

2. Lawful Basis for Processing

We will only process your personal data when we have a legal basis to do so. Our primary legal bases for processing include:

• Performance of a Contract: We need your personal information (such as your name, passport details, and payment information) to fulfill our contractual obligation to book your flights and travel services.
• Legitimate Interests: We may process data for our legitimate business interests, such as preventing fraud, ensuring network security, and improving our website and services, provided these interests do not override your fundamental rights.
• Legal Obligation: We may process your data to comply with statutory requirements, such as tax reporting or providing passenger information to customs and immigration authorities (e.g., APIS data).
• Consent: In specific scenarios, such as sending marketing communications or using non-essential cookies, we will rely on your explicit consent, which you may withdraw at any time.

3. International Data Transfers

Air Booker Direct is headquartered in the United States. When you use our services or book travel through us, your personal data will be transferred to, stored, and processed in the United States and potentially other countries where our third-party travel suppliers (such as global airlines) and service providers are located.

By submitting your personal data, you acknowledge and agree to this transfer. We ensure that appropriate safeguards are in place to protect your data during these international transfers, primarily through the use of Standard Contractual Clauses (SCCs) approved by the European Commission, or by transferring data to entities adhering to recognized adequacy frameworks.

4. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, booking records and related financial transactions are retained for up to seven (7) years to comply with US tax laws.

5. Your Data Protection Rights under GDPR

Under the GDPR, you have the following rights regarding your personal data:

The Right to Access

You have the right to request copies of your personal data that we hold. We may charge you a small fee for this service if the request is manifestly unfounded or excessive.

The Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

The Right to Erasure ("Right to be Forgotten")

You have the right to request that we erase your personal data, under certain conditions (e.g., if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent and there is no other legal ground for processing).

The Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

The Right to Object to Processing

You have the right to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.

The Right to Data Portability

You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

6. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact our Data Protection Officer (DPO) / Privacy Team by submitting a request to: