Data Controller: Odamigo Turizm Ltd. Sti. (TURSAB License No: 12754)
The following third-party service providers ("sub-processors") process personal data on behalf of EuroTrain to deliver our services. This list is maintained in accordance with Article 28 of the GDPR and Article 12 of the KVKK.
Transfer Safeguards: For transfers outside the European Economic Area (EEA), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or applicable adequacy decisions, to ensure your data is protected.
Purpose: Train inventory, ticketing & distribution
Data: Passenger name, DOB, travel documents
Location: EU (France)
Safeguard: Within EEA
Purpose: Payment processing (PCI DSS Level 1)
Data: Transaction data (no full card numbers)
Location: Turkey
Safeguard: SCCs
Purpose: PostgreSQL database
Data: Encrypted booking & user data
Location: EU (Frankfurt, Germany)
Safeguard: Within EEA
Purpose: Frontend hosting & CDN
Data: Anonymized access logs
Location: USA (Global Edge Network)
Safeguard: SCCs
Purpose: Backend application hosting
Data: Application data (encrypted)
Location: USA (US-West)
Safeguard: SCCs
Purpose: Error monitoring & performance
Data: Anonymized technical/diagnostic data
Location: USA
Safeguard: SCCs
Last updated: March 2026
For questions about our data processing practices, contact privacy@eurotrain.net