This site uses cookies to analyze site traffic, to personalize displayed ads for non-EU users, and to improve our user experience. Privacy Policy

Privacy Policy

This privacy policy was last updated on: April 26, 2023., hereafter referred to hereinafter as  “AndesTransit”, “We”, "Service" or “Website”, has drafted this Privacy Policy referred to hereinafter as the “Policy” so that you can understand your rights and obligations relating to the use of the Website. 

"Family of Websites" hereafter refers to both and all its brands, affiliate sites, subdomains, and subdirectories, including but not limited to,,,,,, and others.

Users of this Website and Family of Websites are also bound by and should read our Terms and Conditions of Use

Contact Us

To obtain a copy of this privacy policy or related Terms of Use, send a postage-paid and self-addressed envelope to the following address with a letter stating you would like a copy of the Privacy Policy sent to you:  Copyright Agent, AndesTransit LLC, 30 N Gould St, Suite 7929, Sheridan, WY 82801 USA

Scope of Privacy Policy

This Privacy Policy applies to your use of all the sites and services owned or operated by AndesTransit (collectively "we,"  "us," or "our"), including and any other site that we may own or operate currently or in the future (collectively, the "Website and Family of Websites").

Unless expressly stated otherwise, all references to the Websites or Family of Websites in this Policy include all such sites. This Policy does not apply to your use of sites to which any of the Website or Family of Websites may link to (“Third  Party Websites”). This Policy covers only information collected on the Website or Family of Websites and does not cover any information collected by Third-Party Websites.

Your privacy is very important to us. We have developed this  Policy in order for you to understand how we collect, use, communicate, disclose, and make use of personal information. 

We will collect and make use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes unless we obtain the consent of the individual concerned or as required by law. We will make readily available to customers information about our policies and practices relating to the management of personal information. We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained. 

AndesTransit is not responsible for the party privacy statements and content on third-party websites outside of the Website and the Family of Websites. 

Children Under Thirteen

AndesTransit will never knowingly collect personally identifiable information from children under the age of thirteen. If you are under the age of thirteen, please do not visit or any of its Family of Websites.

Non-Personal Identifiable Information (Cookies)

We collect non-personal identification information through the use of cookies, including the implementation of all of the Google Analytics Advertising features. The Website or Family of Websites may sometimes use "cookies" to personalize your online experience.  The purpose of a cookie is to tell the Web server that you have returned to a specific page.  We and third-party vendors use first-party cookies for the simple functioning of the website, and or other first-party identifiers, and third-party cookies (such as the Google Analytics cookie and the DoubleClick cookie) or other third-party identifiers together. Cookies cannot run programs or deliver viruses to your computer. You have the ability to accept or decline cookies by altering the settings in your web browser.  You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the services or Website or Family of Websites. To opt out of Google Analytics advertising features, please visit

We use non-personal identifiable information to better manage advertising on the Website or Family of Websites and to understand how our Users as a group use the services and features. This way we know which areas of our Website or Family of Websites are favorites of our users, which areas need improvement, and what technologies are being used so that we may continually improve our Website or Family of Websites.  

Personally Identifiable Information

We may request personal identification information from you such as your name, passport number, date of birth, mailing address, telephone number, e-mail address, and other personally identifying information in connection with your use of the Website or Family of Websites, or to receive products or services, including an e-mail from us.  We will only collect personal identification information if you have voluntarily submitted this information to the Website or Family of Websites.

When you use our Website or Digital Platform to input your credit card number for payment of a service or product, it is passed directly to a third-party payment processor and we only receive notification of whether the payment passed or failed.  We do not know your credit card number or bank details.

Except as otherwise provided in this Policy, we reasonably attempt to ensure that we never intentionally disclose any personally identifiable information about you as an individual user to any third party without having first received your permission or except in other situations or circumstances as required by law.  With your permission, we may use personal identification information for marketing purposes, like sending you e-mails to present a product or a service. We do not, however, share your personally identifiable information with third parties for direct marketing. 

Release of Information

We will release information about you in order to comply with any valid legal process by which we are compelled by law, such as a warrant, subpoena, or court order. 

In the event that AndesTransit goes through a business transaction, such as a merger or acquisition, your personally identifiable information will most likely be among the assets transferred. You will be notified via email of any such change in ownership or control of your personal information. The information you enter when making a purchase of a product or service will be transferred and shared via a secure SSL connection with payment processors, who will authorize credit card payments. This information may also be shared with other necessary third parties, but only for the purpose of carrying out the transactions for the products or services you have ordered. This information is stored in a secure database outside of our control.  

Personal Information Security

AndesTransit secures the personally identifiable information you provide on computer servers in a secure environment. Your information is always protected from unauthorized access. If personal information (such as a credit card number) is transmitted to other websites, its transmission is protected through encryption, such as Secure Socket Layer (SSL) protection.  

AndesTransit does not use or disclose sensitive personal information, such as race, religion, or political affiliations,  without your explicit consent.  
AndesTransit keeps track of the websites and pages our customers visit within the Website or Family of Websites, in order to determine what services or features are the most popular. This data is used to deliver customized content and advertising within the Website or Family of Websites to customers whose behavior indicates that they are interested in a particular subject area.  

AndesTransit will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Website or Family of Websites; (b) protect and defend the rights or property of AndesTransit; and, (c) act under exigent circumstances to protect the personal safety of users of the  Website or Family of Websites, or the public. If you have any questions or comments about our Privacy Policy, or to receive a  copy, please refer to the section "Contact Us" aforementioned in this Policy.

Transfer of Information

For users outside the United States: If you are located outside of the United States, please note that any information you provide to us will be transferred to the United States and that any disputes arising in connection with this Website or Family of Websites will be handled by courts in the United States with the governing law of Wyoming. 

By using this Website or the Family of Websites, you consent to this transfer of information, the entire privacy policy, and the terms and conditions of use. 

AndesTransit may at any time use your comments or suggestions about the products or services offered on their website, exercising common decency and discretion. While we endeavor to ask your permission when possible, by engaging and communicating with AndesTransit, you grant us the right to use, reproduce, modify, adapt, publish, translate, create derivative works, distribute, and expose these comments and suggestions to the public, to and through our Website and Family of Websites or marketing publications and books.

European Union GDPR

The policies in this section apply uniquely and exclusively to European Union (EU) citizens, and in cases where these policies conflict with policies stated elsewhere in this Privacy Policy page, the EU GDPR policies will take precedence only for EU citizens. Citizens of other countries outside the EU are not beneficiaries of this section of policies and should refer to the policies outside this section.

This entire GDPR section is replicated in our Terms and Conditions of Use in the interest of ease of access.


Data Subject: This is you, the consumer of AndesTransit products and services.

Data Controller: This is AndesTransit.  The Data Protection Officer can be reached by placing a request using our GDPR Assistance tool.

Data Processor: These are the third-party services that the data controller passes the data subject's data for either payment processing or marketing.  Payment processing processors include Stripe, PayPal, AliPay, and FastColombia, and only serve the purpose of collecting data for Performance of Contract, which is the GDPR language for what is required for the sale and maintenance of your purchased products and services made through the AndesTransit platform.  Marketing-related processors include Google (AdSense and Analytics), and  AndesTransit does not store any personally identifiable information of its data subjects on behalf of these marketing processors and only allows them to target personalized content to you on our platform from general input like your selected travel destination (in the case of or your browsing profile outside the bounds of AndesTransit (Google).  

Data Subject Rights:

--The Right of Access:  Data subjects have the right to access all data AndesTransit holds about them at any time. In turn, as the data controller, AndesTransit has the right to authenticate the validity of the data subject to prevent fraudulent access. If necessary, we may require the data processor to assist us in the retrieval of the data requested.  The time of delivery for a data subject's access request is no longer than thirty (30) days.

--The Right to be Forgotten:  Data subjects have the right to request their data be forgotten by AndesTransit, but AndesTransit can only comply within the framework of its limitations. Namely, if your data is related to marketing purposes (newsletter, FareBus-ter mail, etc.), we can delete your contact data within 72 hours of request and our systems will have no further knowledge of you.  However, if your data is related to a product or service you paid for from AndesTransit, there are statutory warranties in place of up to 3.5 years that we must maintain your data as evidence in a dispute and chargeback processes before we can delete it.  Likewise, if the data subject has paid for an annual subscription that hasn't been canceled, we need to keep the data in order to continue billing.  You can contact the Data Protection Officer using our GDPR Assistance tool to ascertain what are the exact allowances and limitations for your particular situation, and a more specific deletion date.  The time required to come to a determination is no longer than thirty (30) days.

--The Right to Object: Data subjects have the right to object to the continuance of using their data for direct marketing purposes by contacting the Data Protection Officer using our GDPR Assistance tool. This pertains to marketing under the control of AndesTransit, and not indirect marketing performed by third parties that are outside the bounds of AndesTransit and for which there is no personally identifiable data shared. The right to object does not extend to processing data related to payments, as this processing is immediate upon the data subject's checkout.

--The Right to Rectification:  Data subjects have the right to request AndesTransit rectify incomplete or incorrect data, but in some cases where a ticket has already been acquired, rectifying the data requires a change fee or outright purchasing the ticket again with no refund for the original ticket. By paying the change fee or purchasing a new ticket to replace the original, the right to rectify will be fulfilled.

--The Right to Data Portability: Data subjects have the right to request their personal data be exported in a structured, commonly used, and machine-readable format and sent to them or to another data controller through a secure channel determined by AndesTransit.  The process takes thirty days (30) upon request, but is subject to the following limitations: 1) The data subject must be authenticated by AndesTransit to verify their identity is truly related to the data they request; 2) A form signed in DocuSign must be completed in full by the data subject, acknowledging their agreement and conditions of the data portability request; 3) the data requested was data given to AndesTransit by your consent or for the performance of a contract; 4) The data is not derived or inferred, but only the data you provided to us; 5) The data is personally connected to your identity, and not anonymous data; 6) The data does not include data about other persons besides you, unless those other persons also provide authenticated and signed agreement to the same request; 7) If the request for data is something AndesTransit considers manifestly unfounded or excessive, we have the right under GDPR regulations to request from the data subject a reasonable fee be paid to cover the administrative cost, or to refuse to deal with the request, providing you the data subject a justification of our decision. If you wish to dispute our decision to refuse your request, you can appeal it to your ICO or GDPR supervising authority.

Please note that AndesTransit does not store data on your history of usage of our website or search activities in any personally identifiable way. 

Our Legal Bases for Collecting and Processing Payment Data

Per Article 6 of GDPR, we rest on two legal bases for collecting and processing the data subject's payment data.  The first is the explicit Consent you give us during checkout to proceed with checkout (or purchase) of your products, tickets, or services. Without this consent, you cannot complete your purchase.  The second basis is that your payment data is necessary for the performance of a contract, as manifested in a product, ticket, or service you purchase on AndesTransit.

Definition of personal data used for payment processing

The data subject's personal data used for payment processing by the third-party data processor is limited to: the credit cardholder's name, email address, unique customer identifier, order ID, bank account details, payment card details, card expiration date, CVC code, date/time/amount of transaction, merchant name/ID, and location. It is important to emphasize that the most sensitive data in this list is not held by the data controller (AndesTransit), but by the data processor (Stripe/Paypal), and AndesTransit only holds the least sensitive parts of it.

Data Breach and Incident Response

In the unfortunate event we are made aware of a data breach, we will notify the data subject and the Supervising Authority for the data subject's area within 72 hours.

Age of Consent

Same as stated in our general terms, the age of consent is 16 years of age or older.  However, in the case of tickets, many bus companies do not allow passengers under the age of 18, so consent alone might not be sufficient to acquire a ticket.

Data Retention

By default, data subject personal data is kept on file by the data controller for 3.5 years, at which point it is deleted from our records.

Profiling Use

The only use of personal data for profiling is in our annual reports and business or investor reports, but is only expressed in generalities (e.g., percentage of visitors from Europe) and does not identify data subjects personally.

AndesTransit does not use machine-made profiling to make decisions about the data subject or to limit the content to the data subject.