Privacy Policy

Privacy Policy

This Privacy Policy explains how personal data is collected, processed, and protected when using the Terbango website and related services.
Terbango is operated by SKY MAXXI SIA, which acts as the data controller in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Data Controller

SKY MAXXI SIA
Registration number: LV40103416234
Registered address: Tirzas 1a-19, Rīga, LV-1024, Latvia
Email: [email protected]

Purpose of Personal Data Processing

Personal data may be processed for the following purposes:

  • identification of clients and travelers
  • preparation and conclusion of service agreements
  • provision of travel and booking services
  • handling inquiries, complaints, and claims
  • payment administration and accounting
  • compliance with legal and regulatory obligations
  • recovery of debts and protection of legitimate interests
  • sending commercial communications, where user consent has been given

Categories of Data Recipients

Personal data may be shared with:

  • SKY MAXXI SIA employees and travel service consultants
  • airlines and travel service providers
  • persons making bookings on behalf of travelers
  • employers, in case of business travel
  • service providers supporting business operations (IT, accounting, legal, payment, courier services)
  • public authorities, where required by law

Data Subject Rights

Users have the right to:

  • access their personal data
  • request correction or deletion
  • restrict or object to processing
  • request data portability
  • receive information about data recipients

Requests can be submitted by contacting SKY MAXXI SIA using the contact details above. Identity verification may be required.

Data Retention

Personal data is stored:

  • as long as required to fulfill contractual and legal obligations
  • in accordance with accounting and regulatory requirements
  • until user consent is withdrawn, where consent is the legal basis

After the retention period expires, personal data is securely deleted.

Supervisory Authority

If a user believes their data protection rights have been violated, they have the right to lodge a complaint with the relevant data protection authority.