Skip to content
My Booking

Privacy Policy - Flybus

Last updated: January 28, 2026

At Flybus, your privacy and the security of your personal information are important to us. This Privacy Policy explains how we collect, use, store, and protect personal data when you use our website and airport transfer services.

Privacy Notice

Flybus is operated by Icelandia, which acts as the Controller of the personal data you provide. Icelandia operates several travel brands, including Flybus, Reykjavík Excursions, Icelandic Mountain Guides, Dive.is, and others.

To provide our services effectively, we need to collect and process certain basic personal data. This processing is primarily based on our legitimate interests, in accordance with Article 6(1)(f) of the General Data Protection Regulation (EU) 2016/679. Where required, we will ask for your separate consent before collecting or processing personal data.

Our Promise to You

We are committed to handling your personal data responsibly. This means:

  • We collect, use, and store your personal data securely.
  • We only collect the data necessary to provide our services.
  • We use your personal data only for the purposes stated.
  • We are transparent about how your information is used and shared.

What Personal Data Do We Collect?

When you book or use Flybus services, we may collect:

  • Name
  • Email address
  • Phone number
  • Booking and travel details
  • Pickup and drop-off locations
  • Payment information (processed securely by third-party payment providers)
  • Loyalty programme information (such as Saga Club number, if provided)
  • Communications with customer support

We do not intentionally collect sensitive personal data or special categories of personal information.

Why Do We Need Your Data?

We collect and use personal data in order to:

  • Process and manage airport transfer bookings
  • Provide Flybus and Flybus+ services
  • Communicate important information related to your transfer (such as pickup times, service updates, or operational changes)
  • Provide customer support
  • Process payments and refunds
  • Administer loyalty point programmes where applicable
  • Comply with legal, accounting, and regulatory obligations

We do not collect personal data that is not required to deliver these services.

What Do We Do With Your Data?

All personal data is processed by Icelandia staff or trusted service providers acting on our behalf. Data is stored securely, primarily within Iceland or the European Economic Area (EEA).

In order to deliver our services, we may share limited personal data with:

  • Operational partners involved in delivering Flybus services
  • Payment service providers
  • IT and booking system providers
  • Icelandia group companies

Payment card information is processed securely by our payment providers and is never stored by Flybus.

We have appropriate technical and organisational measures in place to protect personal data from unauthorised access, loss, or misuse.

How Long Do We Keep Your Data?

Personal data is retained only for as long as necessary to:

  • Provide our services
  • Meet legal and accounting requirements

Data used for direct marketing purposes is retained until you opt out or request removal.

Marketing Communications

With your consent, we may use your name and email address to send information about Flybus services, offers, or related products. These communications may be managed through third-party providers such as email marketing platforms. You can unsubscribe at any time via the link provided in our emails or by contacting us directly.

How Secure Is Your Data?

Our website uses secure encryption technology (SSL) to protect data transmitted between your browser and our servers. We take appropriate security measures to ensure your personal data is handled safely and responsibly.

Children’s Privacy

Flybus services may be used by families. Personal data relating to children is collected only as part of a booking made by a parent or legal guardian and solely for the purpose of providing the requested service.

Your Rights

Under data protection law, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of personal data where applicable
  • Restrict or object to certain types of processing
  • Withdraw consent where processing is based on consent

If you believe we are processing your personal data unlawfully or you are not satisfied with our response, you have the right to lodge a complaint with the Icelandic Data Protection Authority (Persónuvernd):
https://www.personuvernd.is/ (https://www.personuvernd.is/)

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. Any changes will take effect immediately upon publication on this page.

Contact Us

If you have any questions about this Privacy Policy or how your personal data is handled, please contact us at [email protected]