Vola.ro srl is a Romanian legal entity with registered office in Splaiul Unirii 165, Timpuri Noi Offices, Building 2, 2nd floor, 3rd District, Bucharest, Romania, Postal code: 030133, Bucharest, Romania, registered at the Trade Register under nr. J2004020890403, CUI RO 17043146, ("Vola.ro", “Controller”or "we").
Vola.ro attaches great importance to the adequate protection of the security and confidentiality of all personal information of: a. the users of its sales channels, including but not limited to the following: mobile applications (“App”), Official website(s): www.vola.ro, www.govola.com and www.vola.bg, online chat systems (live chat or chatbot), call center or telephone sales, other digital platforms. Each sales channel may be operated directly by Vola.ro or through its appointed representatives. Vola.ro will ensure that customers can purchase products or services through any of these channels, in compliance with applicable regulations and standards for each mode of sale; b. its customers, c. its current, past and future employees as well as d. other natural persons, such as contractual partners or their representatives.
Our intention is to provide you, as the user of our Sites, application, or a caller in case of the use of Vola.ro support services including our chatbots, with a safe experience that will not affect your personal life. To this end, we make every effort to ensure that the information you enter into our database is used only for the correct purposes. Terms not defined in this Policy shall have the meaning set forth in the Vola.ro Terms and Conditions.
We reserve the right to periodically update and amend this Privacy Policy to reflect any changes in the way we process your personal data or any changes in legal requirements. In the event of any such changes, we will post the amended version of the Privacy Policy on our website, so please check the content of this Privacy Policy periodically.
Vola.ro processes personal data in accordance with its business profile, solely for the purposes indicated below. If, due to legal regulations, the nature of the service, or the necessity of billing, there is a need to process other personal data of data subjects, the Administrator may process them to the extent necessary.
Personal data of persons using the Website/Application (including IP address or other identifiers and information collected via cookies or other similar technologies) who are not registered Users (i.e. persons who do not have a profile on the Website) are processed by the Controller:
When you use Vola’s phone line, register on www.vola.ro or www.govola.com by creating an user account, by accessing the site, by completing specific forms, by booking, buying or simply requesting information about various Vola services and products offered by Vola /Vola’s partners, or by activation of promotional or advertising materials, as well as when acting as a legal or authorised representative of a contractual partner of Vola, we will process personal information that is likely to identify a specific person.
When you choose to sign in or make a reservation using the "Sign in with Apple" feature, you may opt to hide your personal email address. In this case, Apple generates a unique relay email address which forwards our communications to your actual Apple ID email. We collect and store this relay email address as part of your booking data, solely for purposes of managing your reservation, customer support, and service notifications.
We do not have direct access to your actual Apple ID email address unless you explicitly share it with us. If you disable email forwarding or delete this relay address via your Apple settings, we may no longer be able to contact you using this channel.
Personal data we process may include:
When you order or purchase a service from our website or via other contact methods provided by us (phone, email, chat, face-to-face at our premises/airport offices, Facebook, Instagram, TikTok, YouTube or any social media platform, or application such as WhatsApp etc.), we will require you to provide personal information, including your first name and last name, date of birth, gender, address, travel identity document details (identity card or passport), phone number, email address, credit card information and nationality, billing details and signature.
Based on your choice of our services, if your services include a flight ticket, we will also retain the following information: flight ticket number, booking number, ticket price, booking code, flight number, date and place of departure/return, flight destination or any other details related to the flight ticket service. It may be the case that some airlines require a standard passenger’s identity check for certain bookings. Thus, in order to assist/perform this standard check on your behalf, we may request a photograph of your passport or ID card which we will use only for the verification process. Please note that these documents will only be retained for the duration of the verification process.
Additionally, we may collect medical certificates or other supporting medical documentation from passengers. This data is collected solely when provided by the passenger to substantiate requests for airline refunds, schedule changes, or other travel service adjustments that require such proof under airline policies.
If your services include hotels, travel packages, car rental, transfers, tickets to destinations or any other travel service, we will retain the following information: booking number, voucher number, booking price, hotel name, hotel stars, destination or any other information related to the hotel/travel package service.
If your services are related to a travel insurance policy, we will also retain all the information related to the insurance: destination, period of coverage, insurance price, insured personal details.
If the services you choose are related to assistance in order to submit a claim for compensation from a Tourist Service Provider, it is possible that we will collect and/or transfer to our partners the following personal data: first name, last name, address, email, telephone number, passport/identity card number, copy of the ticket, flight details (airline, flight number, airport of departure and arrival, date of departure, adult and minor passengers) booking, plane ticket booking, boarding pass.
Users who register on our Sites, as defined in our general terms and conditions, are asked to provide data necessary to create and manage an account. To facilitate service, the User may provide additional data, thereby consenting to its processing. Such data may be deleted at any time. Providing data marked as mandatory is required to create and manage an account, while failure to provide this data will result in the inability to create an account.
You can also register for an account on the Website/App via social media (Facebook, G+, TikTok). In this case, the Website/App will only download the data necessary for registration and account management from your social media account. By changing the plugin settings yourself, you can easily expand the scope of downloaded data to include data that may be useful when using the functionality of your account on the Website/App.
When you create an account on our Sites, as defined in our general terms and conditions, we will require you to provide personal information, including your first name and last name, gender, phone number, email address and password. The user account allows you to add information about your travel preferences and about yourself: photo, details of passengers you travel with, seat preferences, billing details that you can use during the booking. The user account also grants you access to the discount coupons you are eligible for. We also retain information regarding miles cards provided by the airlines, search history and booking history.
When you subscribe to our Newsletter or to the Fare Alerts service, we will require you to provide your email address, your first name and last name.
If you subscribe to our newsletter, we may ask you details regarding your travel preferences and other details and/or to complete customer satisfaction survey forms.
When you purchase the SMS alert service to stay informed of changes/alerts related to your booking, check-in, boarding of your flights, etc. we will ask you to provide us with your email address and phone number.
When you contact us by calling the Vola phone line or when you write to us using the contact forms on our website, we ask you to provide your contact details: first name and last name, email address, phone number.
When you order face-to-face services at our offices located in airports, we will also ask for your signature.
Also, the our Site allows you to post your opinion about services purchased from us. If you choose to post comments, your name and comments about our services could be viewed by other website users.
When you will act as legal or authorised representative of a contractual partner, we will process your first name, last name, email address, phone number, position, signature.
When you visit www.vola.ro or www.govola.com, we automatically collect certain information, which include, but is not limited to, your IP address, cookie information, namely the date and time you accessed our services, the hardware, software or Internet browser you use and information about your computer’s operating system, such as language settings and location from where you accessed our services.
When you create a user account on www.vola.ro/www.govola.com, when you purchase a service from Vola, or when you subscribe to the Vola Newsletter, we also collect information about your search and purchase history and about your activity on www.vola.ro/www.govola.com, including information about clicks and which pages have been shown to you.
Please note that we may associate this data with your account. Some of this data may be collected by using different types of cookies or similar technologies. For more information, regarding the use of cookies, please view our Cookie Policy.
When you purchase a service from www.vola.ro/www.govola.com or via any other channel (phone, email, chat, Facebook Instagram, TikTok, YouTube, or any social media platform, or application such as WhatsApp etc.), your trip may involve other passengers whose details you provide as part of the booking process, or you may purchase a service on behalf of someone else or also for any other person on the same booking. In these circumstances, it is your responsibility to ensure that the person you have provided personal data about is aware that you’ve done so and has understood and accepted the way we use their information as described in our Privacy Policy.
Vola uses your stored personal information - the details provided at registration and your activity carried on our website - mainly in order to facilitate your access to the site, improve products and services and to inform you on the latest products and services you are interested in.
Vola.ro uses your stored personal information - the details provided at registration and your activity carried on our Sites (including App) - mainly to facilitate your access to our services, improve products and services, and to inform you about offerings of interest.
We may use your personal data for the following purposes only ("Permitted Purposes"):
Firstly, we are using your personal data in order to issue the travel services or any other additional services ordered by you.
Furthermore, where you request assistance for refunds, schedule changes, or other specific travel service claims, we may process medical certificates or documentation you provide to facilitate your requests with airlines or other service providers.
We are using your personal data in order to contact you regarding the services you purchased from us. We may contact you by email, chat, by post, by phone or by texting you. The method depends on the contact information you have previously shared with us and on the method you used for contacting us.
The reasons for contacting you may include:
Your personal data, such as information regarding the services you have purchased or information about your user account is used in order to find appropriate solutions for your requests, complaints/disputes and responding to any questions you might have about the services you purchased or any other queries.
Your personal data, such as information regarding the services you have purchased or information about your user account is used in order to find appropriate solutions for your requests, complaints/disputes and responding to any questions you might have about the services you purchased or any other queries.
When you contact us (by phone, email, chat, face-to-face at our premises/airports’ offices, Facebook or any social media platform, WhatsApp etc.), Vola uses an automated phone application in order to detect your telephone number from your existing bookings. Vola agents will ask you a few details in order to identify you properly. We will ask you for details used in your bookings, so if you are not able to provide us with enough details, we might not be able to help you with the request/complaint.
You have the option to create a user account on www.vola.ro/www.govola.com.
We use the information provided by you in order to manage this account, allowing you to purchase our services, manage your purchased services, take advantage of special offers and manage your settings.
You must be aged 18 or over in order to create a user account on www.vola.ro/www.govola.com.
Minors may use our Site, only with the involvement and/or approval of a parent or legal representative as per our Terms and Conditions. If we are notified that we have processed a minor's data without the valid consent of a parent or guardian, we will delete it.
We use the personal data you provided for marketing activities, which may include:
You must be aged 16 or older in order to subscribe to our email marketing communications.
We strive to constantly improve our services, and we may use personal data for analytical purposes, in order to optimise and customise our online platform to your needs, making our site easier and more enjoyable to use, and to improve our customer service.
It is possible that we may use dedicated technologies in order to better understand our users’ needs and to optimise this service and experience. Such technologies help us to better understand our users' experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback.
When you contact us using our customer service phone lines or when we contact you by phone, we will record the call for the following reasons: improving the quality and performance of our team, handling complaints and training materials. During calls with our customer service team, live listening may occur or calls may be recorded for quality control and training purposes which include using recordings for the handling of claims and fraud detection purposes.
We may use your data for compliance with our legal obligations (such as record keeping obligations), compliance with screening or recording obligations (e.g. under antitrust laws, export laws, trade sanction and embargo laws, for anti-money laundering, financial and credit check and fraud and crime prevention and detection purposes).
Also, we may use your data, if necessary, in order to comply with court orders and pursue or defend our legal rights.
We use a video surveillance system in order to ensure the security of our premises, for purposes relating to safety of individuals and security of buildings and property. Further to these purposes, video surveillance may be used to monitor exterior and interior areas of our office where there is no reasonable expectation of affecting your privacy.
The platform www.vola.ro/www.govola.com allows you to post your opinion about services purchased from us. If you choose to post comments, your name and comments about our services could be viewed by other website users.
Also, if you are the legal or authorised representative of a contractual partner, it is possible that your data will be used, i.e. first name, last name, email address, position if necessary, in order to conclude contracts with our contractual partners.
Considering that you are entitled to know the purpose of processing your personal data, we will inform you prior to processing your personal data of other purposes than that for which you disclosed your personal data to us.
Based on the agreement or terms and conditions accepted by you, as a customer of Vola, we will process all personal data you made available to us, as well as any other data necessary to provide our services, according to contractual provisions and those of Romanian law.
Carrying out a contractual relationship is grounds for processing your personal data for the following purposes: providing our services, communicating with you and customer service-related activities.
We may use your information for our legitimate interests, such as to provide our services, in the event that the service is purchased by a person other than the beneficiary.
We may use your information for our legitimate interests to provide you with the best suitable content of the website, emails and newsletters, to improve and promote our products and services and the content of www.vola.ro/www.govola.com website, and for call monitoring, administrative purposes, including the security of our premises, and legal purposes. We may also ask you to complete customer satisfaction survey forms.
If you have purchased a service from www.vola.ro/www.govola.com, we will subscribe you to our newsletter for related products and services, in accordance with Romanian law. You have the option to opt-out of receiving such newsletters, both at the moment of purchasing the service and by clicking the unsubscribe button at the end of each email or by sending us an email with the subject "Unsubscribe" to [email protected].
Also, we rely on legitimate interest as a principle when you create your user account on our website.
We are using your personal data based on your specific consent in order to subscribe to our newsletter about our products and services or to the Fare Alerts service through the completion of the relevant forms. You can withdraw your consent by clicking the unsubscribe button at the end of each email or by sending an email with the subject "Unsubscribe" to [email protected].
If you choose to post comments on services purchased from us, we rely on your consent to process this data. You can withdraw your consent by sending an email to [email protected]
We may process some of your data in the context of providing services based on legal obligations (i.e. reporting purposes or for anti-money laundering purposes, billing, consideration of possible customer complaints, fulfilment of GDPR requests) or the obligations imposed upon Vola by the applicable laws.
Where Tourism Service Providers' Privacy Policies apply, you will find a link to them on our Site.
As a rule, Vola will not deliver (by selling or renting) your personal information to third parties. However, Vola will transmit the information to third parties when this is needed for processing purposes, such as in the following cases:
Personal data necessary for issuing the travel services you purchased will be transferred to the third party - Travel Service Providers in order that the travel services or additional services can be issued. The Travel Service Providers’ Privacy Policies shall apply, and when so, you will find a link to them in the booking funnel on our Site.
We may work with business partners which provide:
When you purchase a service from us, certain personal data necessary for providing such services, such as your name and email address, your address, payment details and other relevant information, may be forwarded to our business partners.
The data forwarded to our business partners is limited to the personal data necessary for providing the service, as determined by the business partner.
We may disclose personal data to law enforcement insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud or if we are otherwise legally obliged to do so. We may need to further disclose personal data to competent authorities to protect and defend our rights or properties, or the rights and properties of our business partners.
We may use the data you provide when using social media platforms (Facebook, Instagram, YouTube, TikTok). Thus, when you are logged in with your social media profile, clicking on a social media “like” button included on our Site via plugins, or using any social media services to interact with us, your data can be shared between us and the social media providers (e.g. your username, email address, profile picture, your contact details, etc.).
We may transfer your data and the data you provided to us regarding other people on the same booking to our partners if it is necessary to obtain compensation under EC Regulation 261/2004 for the delay or cancellation of the flight or if you are denied boarding.
Also, in other specific cases, when collecting your personal data, if necessary, we may ask for your consent to forward the data to third parties. In this case, we will inform you of such processing and we will not forward any data prior to obtaining your consent.
We share your data within our group companies for internal purposes relating to centralised management.
Data processing purpose / Legal grounds: Through this page you can subscribe to the "WhatsApp" instant message newsletter. The legal grounds for data processing in order to send the newsletter: your consent according to art. 6 par. (1) lit. (f) of the GDPR. The purpose of data processing with regard to newsletters is to serve our clients' wishes and interests in offers, competitions, promotions, surveys, and other services offered by Vola.
By adding the Vola phone number to your address book and sending a "START" message to Vola via WhatsApp, you agree to receive commercial communications through WhatsApp and give permission to process your data, such as your phone number, WhatsApp ID, profile picture, device information, and all the messages sent to Vola in order to send you relevant information and to inform you through the newsletter about offers, competitions, promotions, surveys, as well as other services provided by Vola. WhatsApp newsletter is sent through a WhatsApp account created on our behalf.
You always have the option to withdraw your consent to receiving the Vola "WhatsApp" instant message newsletter by sending the message "STOP" to the Vola WhatsApp account from which you received the newsletter. After that you will no longer receive the newsletters. Any data previously saved under your agreement will be erased.
Recipients / Recipient Categories: The data collected in order to subscribe to the WhatsApp Newsletter are generally available to Vola, responsible for developing and providing technical support for sending the newsletter.
For the processing of personal data, we can use data processors, such as providers of IT solutions necessary for business management, including financial accounting solutions, providers of contract management solutions and conference organisers. We shall execute agreements for the processing of personal data with all data processors, including adequate clauses to ensure that data processors undertake obligations to process personal data (including to delete them) in full agreement with the applicable laws and which provide proper protection to your personal data.
Your data may be processed by us, as the Controller, in an automated manner, including in the form of profiling. However, decisions about an individual related to this processing will not be automated.
Cookies are small files sent by a web server to the User's browser and stored on their computer. Cookies help the Administrator analyze web traffic and recognize which part of the website has been visited. Cookies do not provide the Administrator with any access to the computer or information about Users, except for information about how the website was used and personal data that Users automatically provide due to browser settings.
The Administrator uses session and persistent cookies, as well as the Facebook pixel. Session cookies are temporary files that are stored on the User's end device until logging out or leaving the website. Persistent cookies enable the Administrator to recognize your browser during your next visit to the Websites/Applications and customize these services to your needs (e.g., remembering your preferred language or font size), as well as for statistical purposes. Persistent cookies remain in the memory of your peripheral device until you delete them. By using the Websites, the User consents to the placement of cookies on their computer or other device for the purposes described above. If the User does not consent to receiving cookies, they can manage and control them through their browser settings. However, please note that deleting or blocking cookies may affect how you use the Websites.
In order to monitor and improve the Websites, aggregate information about Users is collected when browsing the website, including details about the operating system, browser version, domain name, IP address, the URL from which the User accesses the Controller's websites, the URL to which the User is accessing them, and which subpages of the website were visited. The Controller may maintain general statistics, collect data on website and application traffic, and information about related websites, and share this aggregate data with third parties for marketing, advertising, or other promotional purposes. However, this aggregate data does not contain any personal data.
Cookies used to monitor traffic on Websites/Applications, i.e., data analytics, including Google Analytics cookies (these are files used by Google to analyze how Users use Websites/Applications, to create statistics and reports on their operation). Google does not use the collected data to identify Users, nor does it combine this information to enable identification. Detailed information on the scope and principles of data collection in connection with this service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.
TT: https://www.tiktok.com/@govola.com,
FB: https://www.facebook.com/govolacom,
IG: https://www.instagram.com/vola.ro/,
YT: https://www.youtube.com/@GoVola,
LD: https://www.linkedin.com/company/volaromania/.
Using the functionality offered by these plugins, Users can share specific content or share it on social media. However, we would like to point out that using these plugins involves data exchange between the User and the given social media platform. The Administrator does not process this data and has no knowledge of what User data is collected. Therefore, we encourage you to review the terms and conditions and privacy policies of these social media platforms before using a given plugin.
We have implemented technical and organisational measures to establish the process and the criteria set forth for deleting or erasing your personal data.
Your personal data will be deleted or erased when it is no longer reasonably required for the Permitted Purposes or when you withdraw your consent (where applicable) and we are not legally required to continue storing such data. Nevertheless, we will retain your personal data where required for us to assert or defend you or other person against potential legal claims until the end of the relevant retention period or until the claims in question have been settled.
The Apple-generated relay email address is retained in our systems for the duration required to fulfill the purposes of the booking, legal obligations, or customer service needs, but no longer than 3 years after the last interaction.
After this period, or upon request for deletion, we will remove or anonymize such data in compliance with applicable data protection laws.
Due to the fact that the Controller uses applications whose servers are located outside the EEA, personal data obtained in connection with Users' use of the websites/App may be transferred to third countries. Therefore, the Controller has ensured that it only uses suppliers who guarantee a high level of personal data protection.
These guarantees result, in particular, from the suppliers' participation in the Data Privacy Framework, as well as from the Controller's standard contractual clauses issued by the European Commission.
Personal data is secured against threats, and we make sure it is protected by appropriate IT infrastructure and security measures. Moreover, we have implemented internal measures that allow us to discover, notify, and document security breaches in the shortest possible time.
To safeguard your data and privacy, we verify your identity when processing sensitive requests (such as refunds, personal data access, or corrections). While our primary verification method is via the email address associated with your booking, we may request secondary identifiers if the relay email address is inactive or no longer accessible.
These secondary identifiers may include:
a. The booking reference number
b. The last four digits of the payment method used
c. A valid phone number associated with the booking
d. Proof of payment- card excerpt
e. Government-issued identification (in certain exceptional cases)
This process ensures that we can securely verify your identity and comply with our data protection obligations. If you deactivate the Apple relay email forwarding or delete the relay address, please contact us via our support channels and be prepared to provide one or more of the secondary identifiers listed above. This helps us continue to support your requests while ensuring your data security.
Moreover, we have implemented internal measures that allow us to discover, notify, and document security breaches in the shortest possible time.
If we discover any personal data breach that poses a risk for your rights and freedoms, we shall notify the National Supervisory Authority for Personal Data Processing. In the event of a personal data breach, you will be informed if it results in a high risk for your rights and freedoms.
Subject to certain legal conditions, you have the following rights in relation to the processing of your personal data:
Should you have any questions related to the processing of your personal data or if you would like to submit a request, as well as to exercise any of the rights on the processing of personal data, please contact our Data Protection Officer at the following address: [email protected].
We shall review each request and notify you with regard to the actions taken in the shortest possible time, and within one month maximum. Should we require more information from you or experience difficulties in resolving your request, we shall notify you without delay that we need additional time to perform a proper review of your request.
Should you consider that we have failed to resolve all your requests, or you are unsatisfied with our answers, you may file a complaint with the National Supervisory Authority for Personal Data Processing. You may also refer to the courts of law.
The entity responsible for processing your personal data, as described in this Privacy Policy, is Vola.ro SRL, a Romanian Company with its registered office in Bucharest, Splaiul Unirii165, TN Offices 2 building, 2nd floor, district 3, Romania, fax: +40 21 312 59 80, phone +40 21 407 53 00.
If we decide to amend this notification to provide better protection of your rights and personal data, we shall publish the new version here, and it shall replace the current version.
Thank you for entrusting us with your personal data and finding the necessary time to read our notification on the processing of personal data. Please feel free to contact us if you have any questions related to your personal data and our processing of your personal data.
This Privacy Policy was updated on August 8, 2025.