Privacy Policy
How we collect, use and protect your personal data.
This Privacy Policy explains how Swiss Sailplane GmbH (we, us) processes personal data in connection with the GetAGlider marketplace.
Data controller
Swiss Sailplane GmbHSandrainstrasse 2
3007 Bern
Switzerland
info@getaglider.com
Data we collect
Depending on how you use the service, we process the following categories of personal data:
- Account data: Name, email address, language, country, optional phone number, password hash, pilot details and ratings you choose to share.
- Listing data: Glider details, photos, airfield location, pricing, availability and contract terms uploaded by owners.
- Booking data: Pilot and owner identifiers, dates, pricing, contract signatures, handover checklists and messages exchanged in connection with a rental.
- Payment data: Stripe customer and transaction identifiers. We never see or store full card numbers.
- Technical data: IP address, browser, device characteristics, audit logs and error traces required to operate the service securely.
Purposes of processing
- Providing the marketplace, your account, listings, bookings and contracts.
- Processing payments and payouts, including fraud prevention.
- Sending transactional emails (booking updates, handover reminders) and replying to support requests.
- Complying with legal obligations (tax, accounting, aviation-related disclosures).
- Securing the platform, preventing abuse, debugging and improving the service.
Legal bases
We rely on the performance of a contract with you (Art. 6(1)(b) GDPR / Art. 31(2)(a) revFADP) for service delivery, on legitimate interests (Art. 6(1)(f) GDPR) for security and fraud prevention, on legal obligation (Art. 6(1)(c) GDPR) for accounting and aviation rules, and on consent (Art. 6(1)(a) GDPR) where we explicitly ask for it (e.g. marketing or non-essential cookies).
Processors and sub-processors
We rely on the following providers to operate the service. Each is bound by a data-processing agreement:
- Supabase — database, authentication and file storage (EU region).
- Vercel — web hosting and CDN.
- Stripe — card payments and payouts.
- Resend — transactional email delivery.
- Sentry — error monitoring (with PII scrubbing enabled).
International transfers
Some processors are based in the United States. Where personal data is transferred outside Switzerland or the EEA, we rely on Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable.
Retention
We retain account data for as long as your account exists, booking and contract data for ten years to comply with Swiss accounting law, and technical logs for up to 90 days. Backups are rotated within 30 days.
Your rights
Subject to applicable law you have the right to:
- request access to your data;
- request rectification of inaccurate data;
- request erasure of data we no longer need to retain;
- request restriction of processing;
- receive a portable copy of the data you provided;
- object to processing based on legitimate interests;
- lodge a complaint with your national supervisory authority (in Switzerland: the FDPIC).
To exercise these rights, write to info@getaglider.com.
Cookies
We only set strictly necessary cookies (authentication, security, language) by default. Non-essential cookies, if any, are only set after you give consent through the cookie banner.
Changes to this policy
We may update this policy from time to time. Material changes will be announced via email or an in-app notice before they take effect.
Last updated: 2026-05-18