DPA

Data Processing Agreement

Group Getaways – a trademark of Titans RE AG
Löwenstrasse 25, 8001 Zurich, Switzerland
Last Update: 01 July 2025

1. Purpose

This DPA governs the processing of personal data shared between the Controller and the Processor in the context of delivering travel-related services.

2. Subject Matter and Duration

The Processor shall process personal data only for the duration and purposes of the business relationship.

3. Nature and Scope

Personal data includes traveler names, contact details, and preferences, used solely to deliver booked services or for quality assurance purposes.

4. Obligations of the Processor

• Process data only on documented instructions from the Controller

• Implement appropriate technical and organizational measures

• Ensure confidentiality, train personnel, and restrict access

• Support Controller in handling data subject requests

5. Sub-Processors

Use of sub-processors is permitted if they have equivalent data protection standards.

6. Data Breach Notification

Processor shall notify Controller without undue delay upon becoming aware of any personal data breach.

7. Audit Rights

Controller may audit the Processor’s data handling practices with reasonable notice.

Contact

We are always available at hello@group-getaways.com for support or clarification.