Welcome to the official website of Capavia AB, a professional provider of corporate travel management services headquartered in Sweden. These Terms and Conditions (“Terms”) govern your access to and use of our website, applications, platforms, and the services we offer through them. By accessing or using any part of the Capavia digital environment, you acknowledge that you have read, understood, and agree to be legally bound by these Terms.

These Terms apply to all categories of users, including corporate clients, travel coordinators, individual travelers, suppliers, partners, and any other entity or person accessing Capavia's digital or offline services. If you are using our services on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these Terms.

Capavia AB provides its services subject to a set of contractual principles, supplier rules, and regulatory obligations under Swedish and European law. Use of our platform and services implies your consent to comply with these frameworks, and to assume responsibility for the accuracy of information submitted by you or on your behalf.

Capavia reserves the unilateral right to revise, update, or replace any part of these Terms at any time, for any reason, without prior notice. Changes may reflect legal updates, business process improvements, or user interface modifications.

You are encouraged to review these Terms regularly to ensure you are aware of your rights and responsibilities. Continued use of the site or any Capavia service after changes are made constitutes your acceptance of the updated Terms.

If you do not agree to any part of these Terms, you should discontinue your use of our website and services. Unauthorized or non-compliant use of the site may result in restriction of access, suspension of services, or legal action, depending on the nature and severity of the violation.

Definitions

For the purposes of these Terms and Conditions, the following terms shall have the meanings set out below. These definitions shall apply whether the terms appear in the singular or the plural.

Client

Means any legal entity, corporation, partnership, public institution, or other organization that enters into a contractual, commercial, or framework agreement with Capavia AB for the provision of corporate travel management, MICE, booking, consulting, or related services, whether acting on its own behalf or on behalf of its employees, representatives, affiliates, or authorized travelers.

Traveller

Means any natural person whose travel, accommodation, event participation, or related services are arranged, coordinated, or facilitated by Capavia, either directly or indirectly through a Client, including but not limited to employees, contractors, consultants, guests, delegates, or other persons authorized by the Client.

Supplier

Means any third-party service provider engaged in the delivery of travel, accommodation, transportation, event, or related services, including but not limited to airlines, air charter operators, hotels, accommodation providers, ground transportation companies, venue operators, destination management companies (DMCs), event service providers, technology providers, and other subcontractors.

Platform

Means Capavia’s digital and operational environment, including its website, booking engines, portals, applications, communication systems, integrations, and any other electronic or technical infrastructure through which Services are accessed, delivered, managed, or supported.

Services

Means all services provided by Capavia, including but not limited to corporate travel management, flight and accommodation bookings, MICE services, supplier coordination, consulting, reporting, traveler support, operational assistance, and any ancillary or administrative services provided under a Corporate Agreement or these Terms.

Corporate Agreement

Means any written agreement, framework contract, service-level agreement (SLA), commercial arrangement, or binding document entered into between Capavia and a Client that governs the scope of Services, commercial terms, pricing, responsibilities, service standards, and contractual obligations of the Parties.

Force Majeure

Means any event, circumstance, or combination of events that is beyond the reasonable control of Capavia, the Client, or the Supplier, and which prevents, delays, or materially impairs the performance of contractual obligations under these Terms or any Corporate Agreement.

Force Majeure events shall include, but not be limited to:

• Acts of God, including natural disasters such as earthquakes, floods, volcanic activity, storms, extreme weather conditions, and fires
• Public health emergencies, including pandemics, epidemics, quarantine measures, and health authority restrictions
• Acts of government or regulatory authorities, including travel bans, border closures, visa restrictions, airspace closures, embargoes, sanctions, and changes in aviation or hospitality regulations
• War, armed conflict, terrorism, civil unrest, riots, or political instability
• Labor disputes, strikes, slowdowns, or industrial actions affecting airlines, airports, hotels, transportation networks, or essential service providers
• Failures or disruptions of critical infrastructure, including airport operations, air traffic control systems, power grids, communication networks, reservation systems, or global distribution systems (GDS)

For the aviation and accommodation sectors, Force Majeure shall specifically include, without limitation:

• Aircraft groundings, fleet-wide safety directives, or mandatory inspections imposed by aviation authorities
• Airport closures, runway restrictions, slot cancellations, or air traffic management decisions
• Crew shortages resulting from regulatory, health, or security restrictions
• Overbooking mandates, involuntary re-accommodation, or supplier-imposed service suspensions
• Hotel closures, government-mandated capacity limits, evacuation orders, or loss of operating licenses
• Supplier insolvency, bankruptcy, or sudden cessation of operations

In the event of Force Majeure, neither Capavia nor the affected Party shall be deemed in breach of these Terms to the extent that performance is prevented or delayed by such event. The obligations of the affected Party shall be suspended for the duration of the Force Majeure event, and all remedies, refunds, or alternative arrangements shall be subject to the terms and conditions of the relevant Supplier and any applicable law.

All travel arrangements made through Capavia are subject to the availability, confirmation, and booking policies of the primary service providers, which may include but are not limited to airlines, hotels, ground transport companies, event venues, and local operators. Capavia does not own, operate, or control these services, and acts solely as an intermediary between the client and the respective supplier.

As such, Capavia cannot guarantee availability, prices, schedules, or the successful fulfillment of any travel service beyond what is confirmed and communicated by the supplier. We facilitate the booking process, but the contractual relationship for service delivery exists directly between the client and the third-party provider.

It is the responsibility of the client to review and understand the fare rules, cancellation conditions, no-show policies, change penalties, and refund eligibility prior to confirming any booking. These conditions may vary significantly between service providers and are often subject to change based on availability, ticket class, supplier policy updates, or force majeure situations.

In the event of a cancellation, modification, or refund request, the rules and restrictions of the relevant provider shall apply in full. Capavia will assist in communicating the request but cannot override the supplier’s decision or influence the speed or scope of the refund process.

For each such request, Capavia applies an administrative handling and service fee, the amount of which is specified in the commercial agreement or framework contract signed with the client. These fees cover the cost of coordination, documentation, and follow-up efforts, and are non-refundable once the related service has been executed, regardless of whether the request results in a successful refund, rescheduling, or cancellation from the supplier.

Requests for changes, cancellations, or support must be submitted in writing via email to [email protected], along with all relevant booking references, passenger details, and a clear explanation of the request. Capavia will respond to all such requests in a timely manner and provide confirmation of the next steps based on the supplier’s terms and availability.

We process all personal information in accordance with the EU General Data Protection Regulation (GDPR) and the Swedish Data Protection Act, particularly with regard to data minimization (Article 5(1)(c)), lawfulness (Article 6), and accountability (Article 5(2)).

Data Minimization – Article 5(1)(c) GDPR

"Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed."

Capavia adheres to the principle of data minimization by ensuring that only the personal data strictly necessary for the execution of travel-related services is collected and processed. This means that we do not request or store excessive or unrelated personal information. For example, when booking a flight or hotel, we only collect data that is essential to complete the booking—such as passenger names, dates of birth, identification numbers, and payment details. We actively review our data collection forms and processes to eliminate any unnecessary fields or excessive retention practices.

Lawfulness of Processing – Article 6 GDPR

"Processing shall be lawful only if and to the extent that at least one of the conditions in Article 6(1) is met."

Capavia ensures that all personal data is processed lawfully, relying only on recognized legal bases under Article 6 of the GDPR. These include:

• Consent: When required, we obtain clear and informed consent from data subjects (e.g., for marketing purposes).
• Contractual necessity: Most of our processing activities are necessary for the performance of a contract, such as booking a flight or managing corporate travel.
• Legal obligation: In some cases, we are required to process certain data in compliance with regulatory requirements, such as for tax or immigration reporting.
• Legitimate interest: In limited circumstances, we may process data in support of legitimate business operations, always ensuring that such interests do not override the rights and freedoms of data subjects.

Capavia evaluates the legal basis applicable to each type of processing and documents the rationale accordingly

Accountability – Article 5(2) GDPR

"The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (‘accountability’)."

Capavia embraces the principle of accountability by implementing a robust internal data protection governance framework. This includes:

• Maintaining up-to-date records of all data processing activities (as per Article 30)
• Appointing internal data privacy coordinators to oversee GDPR compliance
• Conducting regular internal audits and risk assessments
• Providing GDPR awareness training to staff members involved in data handling
• Ensuring that contracts with suppliers, partners, and sub-processors contain GDPR-compliant clauses

We are prepared to demonstrate our compliance efforts to supervisory authorities upon request, and we actively strive to foster a culture of privacy and responsibility throughout the organization.

Records of Processing Activities – Article 30 GDPR

"Each controller and, where applicable, the controller's representative, shall maintain a record of processing activities under its responsibility."

Capavia complies with Article 30 of the GDPR by maintaining detailed and up-to-date Records of Processing Activities (RoPA) that document how and why personal data is collected, processed, and stored across our operations.

These records include:


• The name and contact details of Capavia as the data processor, as well as the contact point for data protection matters
• The purposes of each category of data processing activity (e.g., flight bookings, hotel reservations, event logistics)
• A description of the categories of data subjects (e.g., business travelers, corporate clients’ employees) and personal data processed (e.g., names, passport numbers, payment info)
• The categories of recipients to whom personal data is disclosed, including third-party service providers such as airlines and hotel partners
• Details of international data transfers, where applicable, and safeguards in place (e.g., SCCs or adequacy decisions)
• General descriptions of the technical and organizational measures used to secure data (as required under Article 32)

These records are available in written or electronic form and are updated regularly. Capavia makes them available to the Swedish Data Protection Authority (Integritetsskyddsmyndigheten) upon request, as part of our ongoing commitment to transparency and accountability.

Capavia applies these principles by collecting only the data necessary to deliver and manage travel services, ensuring that processing activities are lawful, and maintaining detailed records of processing activities (Article 30).

This Cookie Policy explains how Capavia AB ("we", "us", or "our") uses cookies and similar technologies to recognize you when you visit our website. It explains what these technologies are and why we use them, as well as your rights to control their use.

By continuing to browse our website, you agree to our use of cookies as outlined in this policy, unless you choose to disable them through your browser settings or our cookie consent tool.

Cookies are small data files that are placed on your device when you visit a website. Cookies are widely used to make websites work more efficiently, as well as to provide information to the owners of the site.

Cookies may be first-party cookies (set by us) or third-party cookies (set by a service provider or partner), and they may be session cookies (which expire when you close your browser) or persistent cookies (which remain on your device until deleted or expired).

Strictly Necessary Cookies

These are essential for the operation of our website. They enable core functionality such as page navigation, secure log-in, and booking workflows. The website cannot function properly without these cookies.

Performance and Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. For example, we use tools like Google Analytics to monitor traffic patterns and optimize user experience.

Functionality Cookies

These cookies allow the website to remember choices you make (such as language preferences or saved searches) to provide enhanced, more personalized features.

Marketing and Advertising Cookies (used only with your consent)

These cookies track your browsing habits and may be used to deliver targeted ads on other platforms. We only enable these cookies after you’ve explicitly opted in.

When you first visit our website, you will be presented with a cookie consent banner allowing you to accept or reject non-essential cookies. You may also manage your preferences at any time by clicking the “Cookie Settings” link in the footer of our site.

In accordance with Article 5(3) of the ePrivacy Directive and Chapter 6, Section 18 of the Swedish Electronic Communications Act, non-essential cookies may only be used with the user’s informed consent.

Third-Party Cookies

Some pages on our website may include third-party services such as maps, videos, or analytics tools. These services may set their own cookies independently of Capavia. We recommend that you review their privacy and cookie policies directly:

• Google Analytics
• YouTube embeds
• LinkedIn insight tag (if marketing is used)

Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Please note that disabling some cookies may impact the functionality of our site.

For more detailed information on how to control cookies, you can visit:

• www.allaboutcookies.org
• www.youronlinechoices.eu

We may update this Cookie Policy from time to time to reflect legal, technical or business changes. When we update our policy, we will take appropriate measures to inform you, consistent with the significance of the changes made.

If you have any questions about our use of cookies or this Cookie Policy, please contact us at: [email protected]

Capavia processes personal data on behalf of its corporate clients in accordance with Article 28 of the GDPR, which requires that a written contract be in place between the data controller and the data processor.

Under Article 28, a data processing agreement must:

- Specify the subject matter and duration of processing
- Outline the nature and purpose of the processing
- Define the type of personal data and categories of data subjects
- Set out the obligations and rights of the data controller

Capavia’s DPA ensures that:

- Personal data is processed only on documented instructions from the controller (Article 28(3)(a))
- Persons authorized to process the data are under a confidentiality obligation (Article 28(3)(b))
- Appropriate technical and organizational security measures are implemented (Article 28(3)(c))
- The controller is assisted in fulfilling its GDPR obligations (Article 28(3)(f))

——————————————————————————————————————

Data Processing Agreement (DPA)

This Data Processing Agreement (the “Agreement”) is entered into between the Customer (the “Data Controller”) and Capavia AB, a Swedish company registered under Org. No: SE 556911-6824, located at Norra Storgatan 15 252 20 Helsingborg, Sweden (the “Data Processor”), collectively referred to as the “Parties”.

This Agreement governs the processing of personal data by Capavia on behalf of the Data Controller in accordance with the EU General Data Protection Regulation (GDPR), particularly Article 28.

In accordance with Article 28 GDPR, a written contract is required when a data controller engages a data processor. The contract must stipulate the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects, and the obligations and rights of the controller.

Capavia AB, as the Data Processor, agrees to:

- Process personal data only on documented instructions from the Data Controller;
- Ensure that persons authorized to process personal data have committed themselves to confidentiality;
- Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk;
- Assist the Data Controller in responding to requests from data subjects exercising their GDPR rights;
- Make available all information necessary to demonstrate compliance with Article 28 obligations;
- Delete or return all personal data to the Data Controller at the end of the provision of services.

Security and Confidentiality

Capavia shall maintain the confidentiality of all personal data processed under this Agreement and shall ensure that appropriate technical and organizational measures are in place to protect the data in compliance with Article 32 GDPR.

Sub-processors

Capavia shall not engage another processor without prior written authorization of the Data Controller. In the case of general written authorization, Capavia shall inform the Data Controller of any intended changes concerning the addition or replacement of other processors, giving the Data Controller the opportunity to object to such changes.

Data Subject Rights

Capavia shall, insofar as this is possible, assist the Data Controller in fulfilling its obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR.

Termination and Deletion

Upon termination of the Agreement, Capavia shall, at the choice of the Data Controller, delete or return all personal data and delete existing copies unless Union or Member State law requires storage of the personal data.

——————————————————————————————————————

Article 28 – Processor

“Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organizational measures...”

Capavia acts as a data processor on behalf of its corporate clients and complies fully with the requirements set out in Article 28 of the GDPR. This includes entering into written Data Processing Agreements (DPAs) with each client, clearly outlining the roles, responsibilities, and scope of processing.

In accordance with Article 28(3), each DPA executed by Capavia ensures that:

• Personal data is processed only on documented instructions from the controller
• Personnel involved in processing are bound by confidentiality obligations
• Technical and organizational measures are implemented to ensure data security
• Sub-processors are only engaged with prior authorization and are bound by the same obligations
• The processor assists the controller in ensuring compliance with obligations under Articles 32–36, including data breach notification and data protection impact assessments
• At the end of the provision of services, all personal data is either returned or securely deleted

Capavia also maintains a list of approved sub-processors and ensures that all third-party vendors provide equivalent levels of data protection.

Article 32 – Security of Processing

“Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing… the controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.”

Capavia is committed to safeguarding personal data through the implementation of technical and organizational security measures in line with Article 32 of the GDPR.

These measures include, but are not limited to:

• Data encryption at rest and in transit using industry-standard cryptographic protocols
• Access controls based on the principle of least privilege and multi-factor authentication for critical systems
• Regular security audits and vulnerability assessments to identify and remediate potential weaknesses
• Secure development practices for any internal systems and vendor integration points
• Incident response procedures to detect, investigate, and respond to data breaches in a timely and compliant manner
• Staff training on data protection principles and secure handling of personal information

Capavia continuously reviews and improves its security controls in alignment with evolving threats and regulatory expectations, ensuring that client and traveler data is handled with the highest degree of integrity and protection.

Capavia AB provides travel booking, coordination, and management services as an independent intermediary between the client and third-party travel service providers, including but not limited to airlines, hotel chains, venue operators, ground transport companies, and event service firms.

While we make every reasonable effort to ensure that the information provided to clients is accurate, up to date, and sourced from reliable suppliers, Capavia does not own, operate, or control the actual delivery of travel services. Therefore, Capavia shall not be held liable for any errors, omissions, delays, disruptions, or service failures resulting from the actions or negligence of third-party suppliers.

This includes—but is not limited to:

• Flight delays or cancellations
• Hotel overbookings or quality deficiencies
• Changes in itinerary imposed by providers
• Venue availability issues
• Visa refusals, customs delays, or denied boarding by authorities
• Lost or damaged baggage handled by carriers

Capavia also disclaims responsibility for service interruptions or travel disruption resulting from force majeure events, including but not limited to: natural disasters, pandemics, political unrest, labor strikes, acts of terrorism, weather disturbances, or unforeseen government restrictions.

In such events, the terms and policies of the relevant supplier shall apply, and Capavia will act in a supportive and advisory role only, assisting the client in pursuing redress, rescheduling, or refunds where applicable. However, Capavia cannot guarantee favorable outcomes nor shall it be held financially liable for the acts or omissions of entities beyond its control.

Clients are advised to maintain appropriate travel insurance coverage to mitigate risks related to cancellations, delays, and other unforeseeable circumstances.

Capavia AB is committed to ensuring that our website and digital services are accessible to the broadest possible audience, regardless of physical ability, cognitive difference, or the technologies used to access our content. We believe that accessibility is a fundamental part of an inclusive and professional digital presence.

Our ongoing efforts are guided by the principles outlined in the Web Content Accessibility Guidelines (WCAG) 2.1, and we aim to meet or exceed Level AA compliance standards. This includes but is not limited to:

• Ensuring sufficient color contrast between text and background
• Providing descriptive alternative text for all meaningful images and visual elements
• Structuring pages with clear headings and semantic HTML for screen readers
• Enabling full keyboard navigation without loss of functionality
• Designing forms with appropriate labels and accessible error messages
• Avoiding content that causes seizures (e.g., flashing content or animations)

Our website is designed to be responsive and tested across major browsers and devices. Where third-party services are embedded (e.g., maps, booking tools), we work with our providers to ensure their tools also meet accessibility standards, to the extent technically feasible.

In accordance with Directive (EU) 2016/2102 on the accessibility of websites and mobile applications of public sector bodies, we acknowledge our responsibility to provide accessible digital services.

If you encounter any barriers while using our website—such as difficulty navigating, reading, or completing a task—we encourage you to notify our team. Your feedback is important and helps us improve.

Please email us at [email protected] with a description of the issue, the page or feature affected, and the type of assistive technology or browser you are using. We will make every reasonable effort to resolve the matter promptly.

Capavia AB
Org. No: SE 556911-6824
Address: Lönngatan 60 E, 214 49 Malmö, Sweden
Phone: +46 73 740 23 02
Email: [email protected]
VAT: SE556911682401
Managing Director: Hamit Altintas

At Capavia, we are committed to maintaining the highest standards of service and professionalism in every aspect of our work. We value feedback from our clients and view it as an opportunity to continuously improve our services and strengthen our relationships.

If you are dissatisfied with any part of your experience—whether it concerns a booking, communication, support interaction, or any service facilitated through Capavia—we encourage you to let us know so that we can address your concerns promptly and effectively.
How to Submit a Complaint or Feedback:

You can contact us at: [email protected]

To help us investigate and respond efficiently, please include:

• A clear and detailed description of the issue
• Any relevant booking references, dates, or names
• Supporting documentation or screenshots, if available

Upon receiving your message, our team will:

• Acknowledge receipt within 5 business days
• Conduct a thorough internal review
• Provide you with a response or proposed resolution, typically within 10–15 business days

Our goal is to treat every case with fairness, transparency, and professionalism. We aim to resolve issues promptly and to the satisfaction of all parties, wherever possible.

If further clarification is needed during our review, we may contact you for additional information. All complaints are handled confidentially, and we strive to ensure that you feel heard, respected, and supported throughout the process.

Any dispute, controversy or claim arising out of or in connection with these Terms, including their validity, formation, interpretation, performance, breach or termination, shall be subject to the exclusive jurisdiction of the courts of Sweden, with the district court of Stockholm (Stockholms tingsrätt) as the court of first instance and Swedish law as applicable law.

All content available on this website—including but not limited to text, branding elements, logos, icons, graphics, images, illustrations, audio clips, downloadable files, databases, and underlying source code—is the intellectual property of Capavia AB or its licensed content providers and is protected under Swedish Copyright Law (Upphovsrättslagen) as well as applicable European Union and international intellectual property treaties.

Capavia retains full ownership rights over its proprietary content, systems, and service structures. Unless otherwise explicitly stated, all rights are reserved.

The following actions are strictly prohibited without prior written authorization from Capavia AB:

• Republishing, reproducing, or redistributing any part of this website or its contents
• Commercial use, resale, or sublicensing of Capavia’s digital assets or booking tools
• Modifying or reverse-engineering any functionality or system provided by Capavia
• Copying or extracting content for use on third-party websites, platforms, or printed materials

Any unauthorized use, duplication, or exploitation of our intellectual property will be considered a breach of applicable copyright law and may result in legal action, including but not limited to injunctive relief, claims for damages, and enforcement of our rights through the appropriate legal channels.

Capavia also respects the intellectual property rights of others. If you believe that any content published on this site infringes upon your copyright or that of a third party, please contact us immediately at [email protected] with a detailed description of the alleged infringement so that we may review and take appropriate action.

At Capavia, we believe that responsible travel starts with conscious choices. As a Sweden-based corporate travel provider, we are committed to reducing our environmental footprint and promoting sustainable travel practices throughout our operations.

We actively work with suppliers who share our commitment to sustainability—favoring airlines with carbon offset programs, eco-certified hotels, and low-emission transportation services. Wherever possible, we propose greener alternatives for flights, transfers, and venues.

In our internal operations, we prioritize paperless workflows, minimize single-use materials, and reduce unnecessary travel through remote collaboration tools.

We also empower our clients with insights and guidance on how to reduce the carbon impact of their travel programs. Sustainability is not just a value—it’s a responsibility we embrace with every booking we manage.

If you have questions or suggestions regarding our sustainability practices, please contact us at [email protected].