1. Who is responsible for your data?
The data controller is Railhop Europe s.r.o. (IČO 57 720 339), Tibora Andrašovana 14299/42, 974 01 Banská Bystrica, Slovakia — operator of the Railhop service at railhop.eu. Further details are in our Imprint.
Privacy questions and requests: hello@railhop.eu
2. What data we collect
When you use our forms
Depending on which form you submit, we may receive:
- Contact form: name, email address, message content
- Trip request form: name, email, travel dates, route or destinations, optional notes (e.g. group size, promo code), selected package tier
- Newsletter signup: email address
Forms are delivered to us via Formspree (form processing service). We do not collect payment card data on this website — payment, when due, is handled separately via a link we send by email.
When you email us directly
If you write to hello@railhop.eu, we process the information you include (email address, name, trip details, and any attachments).
When you browse the site
Our hosting provider may process technical data in server logs (e.g. IP address, browser type, pages requested, date and time). We use this only for security, troubleshooting, and basic operation of the website.
We do not currently use analytics tools (such as Google Analytics) or advertising pixels on railhop.eu.
Fonts and external resources
We load fonts from Google Fonts. When your browser requests those files, Google may receive your IP address and technical browser data. See Google’s privacy documentation for details.
3. Why we use your data and legal bases (GDPR)
- To respond to your enquiry or trip request — steps at your request before a contract, and performance of a contract if you purchase a planning package (Art. 6(1)(b) GDPR)
- To send our newsletter — including your welcome code and occasional rail planning tips (about four emails per year) — based on your consent when you subscribe (Art. 6(1)(a) GDPR). You can unsubscribe at any time
- To operate and secure the website — legitimate interest (Art. 6(1)(f) GDPR)
- To comply with law — legal obligation where applicable (Art. 6(1)(c) GDPR)
When you submit a trip request or contact form, a required consent checkbox points to this policy. When you subscribe to the newsletter, submitting your email counts as consent to receive our newsletter (about four emails per year, including your welcome code) — see the note under the signup form.
4. How long we keep data
- Enquiries and trip requests: typically up to 24 months after last contact, unless we need longer for an active booking, dispute, or legal obligation
- Customer project files (if you become a paying client): for the duration of the service and a reasonable period afterward for support and accounting
- Newsletter: until you unsubscribe or ask us to delete your address
- Server logs: as configured by our host, usually a limited number of days
5. Who we share data with
We do not sell your personal data. We share it only where necessary:
- Formspree (Formspree, Inc., USA) — processes form submissions on our behalf. Data may be transferred outside the EEA; Formspree provides appropriate safeguards for international transfers
- Hosting provider — stores and serves the website
- Email provider — when we communicate with you at hello@railhop.eu
- Payment provider — if you pay for a Railhop package via a link we send (we do not receive your full card details from them beyond what they provide for reconciliation)
- Authorities — if required by law
6. International transfers
Formspree and some infrastructure providers may process data in the United States or other countries outside the European Economic Area. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms offered by those providers.
7. Your rights
If you are in the EU/EEA (or where similar laws apply), you may have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase data (“right to be forgotten”) in certain cases
- Restrict or object to processing in certain cases
- Data portability, where applicable
- Withdraw consent at any time (without affecting prior lawful processing)
- Lodge a complaint with a supervisory authority
To exercise your rights, email hello@railhop.eu. We respond within one month where possible.
Supervisory authority (Slovakia): Úrad na ochranu osobných údajov SR (ÚOOÚ), dataprotection.gov.sk
8. Children
Our services are aimed at adults planning travel. We do not knowingly collect data from children under 16. If you believe a child has provided us data, contact us and we will delete it.
9. Security
We use reasonable technical and organisational measures to protect your data. No method of transmission over the internet is 100% secure; please do not send sensitive identity documents unless we explicitly ask for them.
10. Changes to this policy
We may update this policy from time to time. The “Last updated” date at the top will change. Material changes may also be noted on the website.