Privacy Policy for APP IN THE AIR INC. related to the APPINTHEAIR project

(Version 10. 5 September 2019)

 

Introduction

This privacy policy (the “Privacy Policy”) describes how App In The Air Inc., a Washington-based company with a registered office at 1411 Fourth Avenue, Suite 1000, Seattle, WA, 98101, USA, processes the personal data obtained through the App In The Air (“APPINTHEAIR”) Project.

The Privacy Policy is an integral part of the Terms of Service of the APPINTHEAIR project (available here). When you push the “I accept” button, you confirm that you have read the Privacy Policy carefully and that you accept its terms.

The Privacy Policy is prepared in accordance with the General Data Protection Regulation (GDPR), applicable US legislation (i.e. Acts of Federal Trade Commission, the Electronic Communications Privacy Act and others) and the best international practices in the field of personal data protection.

Data Protection Officer

Having the greatest respect for your personal data, we appointed Bayram Annakov to be our data protection officer. You can email our data protection officer at [email protected] with any questions you may have.

If you also have any requests regarding privacy matters, you can also contact us at any time at [email protected].

 

Content

The Privacy Policy covers the following questions:

1.     For what purposes do we process your data and to what extent?

2.     How do we collect your personal data?

3.     What are your choices and rights with respect to personal data?

4.     How do we keep your data safe and secure?

5.     Who has access to your data?

6.     For how long do we store your personal data?

7.     Where do we store your personal data?

8.     What are our principles of data processing?

9.     How do we process children's data?

10.   How will we notify you about changes to the Privacy Policy?

11.   What will we do if there is a personal data breach?

12.   What data do we process for each service in the App (table)?

 

1.       For what purposes do we process your data and to what extent?

The APPINTHEAIR project is a flight and travel service that is available to end users via iOS and Android mobile apps (the “App”). We also have an official website, which is https://www.appintheair.mobi (the “Website”).

Our IT infrastructure is constructed in such a way that we use the Google Cloud platform for storing all data, with servers located worldwide. Please make sure that such storage of data corresponds with your interests.

Our key purpose for collecting and processing your personal data is to provide you with services and the opportunity to use the App. The legal basis on which we process your personal data for this purpose is the performance of a contract with you (Terms of Services). The scope of the data we process directly depends on the services you use in the App, i.e. if you do not use any of the App’s features, we do not require or process any corresponding data. However, we cannot provide you with a service that requires the processing of some data if you refuse to provide such data. More details on the scope of the data we process for each of the App’s services are available in section 12.

If you provide us with any data on behalf of other person (when booking tickets or hotels, auto check-in for flights or subscribing for notifications on flights), you should ensure that such person (i) requested these services and is aware that we render them in his/her interest and (ii) agree that we process his/her personal data for these services.

We also collect and process your personal data:

·       to improve and develop the App and the Website. For this purpose, we collect and process cookies, log files and data on your behaviour within the App and our Website. These include IP addresses, browser types, Internet service providers (ISP), referring/exit pages, operating systems, device type, App version, session date/time stamps, clickstream data, date of first App launch, mobile carrier. We do this on our own and with the use of third-party services such as Google Analytics and Facebook. For more details on the third parties involved, see section 5.

As well, we process some data to adjust our promotion strategy. Namely, if you install the App through Apple Search Ads we may receive name of ad campaign, keyword, ad group and click date. We use these data to adjust our future ad campaigns. No direct marketing is performed based on these data.

The legal basis on which we process your personal data for these purposes is our legitimate interest to make the App and the Website correspond to your needs and to keep them secure as well as to facilitate access to information about the App for other persons who may be interested in it.

·       to prepare aggregated statistical reports on people’s behaviour with respect to their choice of airlines and airports. For this purpose, we collect, aggregate and generalise data on your flights, and bookings that are reflected in the App, as well as reviews and ratings you placed the App. We share anonymised statistics with airlines that use these data to improve their client service (e.g. to choose which flights to plan and how to allocate them between airports). Due to the anonymised nature of the data, no direct marketing or profiling can be performed based on these data.

The legal basis on which we process your personal data for this purpose is our legitimate interest in tracking and analysing trends in the airline industry.

According to our assessment, processing based on specified legitimate interests does not adversely affect your rights and freedoms. Regardless, you are entitled to object to and request the restriction of processing at any time.

We do not process any special categories of personal data (e.g. data revealing racial and ethnic origins, political opinions, religious or philosophical beliefs, trade union memberships or genetic and biometric data) or data related to criminal convictions and offences.

2.       How do we collect your personal data?

We collect your data from:

·       you directly, when you enter data in the App and use the App or Website (we collect log files and cookies)

·       the resources you give us access to (e.g. linked accounts in Facebook, email and TripIt)

·       the auto-fill features and applications on your device that you use in the App (e.g. KeyChain).

·       third parties (for more details on third parties, see section 5).

When parsing your emails to collect data on flights and bookings, we only parse emails that:

When parsing your calendar to collect data on events related to flights, we parse calendar events that are created by [email protected] and contain details of flights.

We do not explore or use emails or calendar events that are neither from / created by the named email addresses nor contain email markups. We do not use any data contained in emails and calendar for serving ads, including retargeting, personalized, or interest-based advertising.

3.       What are your choices and rights with respect to personal data?

You can access and update your personal data on your own in certain sections of the App (e.g. the Settings and Profile sections). You can also delete and export your account in the Settings section.

You have the full legal right to request from us the personal data we collected and information on how we process your data; demand its rectification or erasure; restrict its processing (blocking); or object to data processing. You can also ask us to transfer the personal data we process to any other project, company and/or any other entity or person you deem appropriate (data portability right). We will do our best to fulfil your request in the shortest possible time. You also have the right not to be subject to automated decisions (made solely by machines) that affect you, as defined by law.

In case you are not satisfied with our personal data processing activities and/or have any other complaints, contact our Data Protection Officer (contact details can be found here). You also have the full legal right to lodge a complaint with a supervisory authority.

4.       How do we keep your data safe and secure?

No one can guarantee that data transmission over the Internet or the methods used for electronic storage are 100% secure. Bear this in mind before submitting any information about yourself.

However, the security of your personal data is one of our top priorities. We follow the best international practices and applicable laws to protect your personal data, both during transmission and once we receive it. We implemented the appropriate technical and organisational measures to ensure the security and confidentiality of your personal data, and we follow strict procedures to prevent the unauthorised access, loss or destruction of your personal data.

We use Google Cloud to store the data in connection with the App functioning. Google designed the security of its infrastructure in layers that build upon one another, from the physical security of data centers, to the security protections of hardware and software, to the processes used to support operational security. This layered protection creates a strong security foundation. Full list of data security measures undertaken by Google Cloud please find here. 

5.       Who has access to your data?

We do not share your data with third parties except as described in the Privacy Policy.

Your personal data can only be accessed by our authorised employees, consultants, vendors and service providers, or by the concerned group entities inter alia, to Thoth Inc.. We take appropriate organisational and technical measures to protect your personal data when interchanging data with such third parties. They are bound by confidentiality obligations, and they must ensure the security and confidentiality of data.

We endeavour to cooperate only with those third parties who respect and comply with personal data processing requirements. Below is a list of third parties we cooperate with and links to their privacy statements or terms of use.

Technical purposes

Purpose

Name, details

 

Storage of all data

Google LLC

We use Google Cloud to store all of the data we process in connection with the APPINTHEAIR project.

Link

 

Improving and developing the App and the Website

Purpose

Name, details

 

Improving and developing the App

Google LLC

We use Google Analytics for Firebase tools to see how you interact with the App (e.g. when open the App, your session duration, App updates, App crashes, IP addresses, operating systems and device identifiers, and in-App purchases). See a full list of the default events and user properties collected by Google Analytics for Firebase.

Link

 

Improving and developing the App

Facebook Inc.

We use Facebook SDK to enable Facebook Login feature, to see how you interact with the app (e.g. when you install and open the App, App updates, IP addresses, device features, carrier). See a full list of the default events and user properties collected by Facebook SDK.

Link

Adjusting our further promotion activities

Apple Inc

We use Apple Search Ads for promotion our App on the iOS platform. We do not use the information received from Apple for direct marketing.

Link

Improving and developing the Website

Google LLC

We use Google Analytics tools to use cookie files set on the Website.

Link

 

Services provision

Purpose

Name, details

 

Collection of information from loyalty programme accounts

AwardWallet LLC

Link

Automated check-in

Advanced Travel Technologies LTD (PASSNFLY)

Link

Notification on flights

Twilio Inc.

Link

Hotel bookings 

(in-App service)

Booking.com B.V.

Link

DHISCO, Inc

Link

Hotel bookings (third-party service)

Go Travel Un Limited (Hotellook).

The data you fill in on a Hotellook page are automatically rerouted to a service provider. We do not have access to them. We receive a confirmation of your booking from Hotellook in order to add these data to the App.

Link

Purchase plane tickets

(in-App service)

Airlines  

(United Airlines, Vueling, Lufthansa, American Airlines, WestJet, British Airways, Airfrance, S7, AirCanada, etc.)

Please see official website of an airline

Payment service provider

Stripe Inc.

We do not access, process or store your bank card information.

Bank card information and other payment details of Apple Pay, Google (Android) Pay are provided directly to the PCI DSS-compliant payment processing service held by Stripe Inc. We access only the unique key number/token that is assigned by Stripe Inc. and information on whether the payment operation was successful or not.

Link

PayPal payments (available only to Great Britain users)

PayPal (Europe) S.a.r.l. et Cie, S.C.A

We do not access, process or store your payment information.

All payment details are provided directly to PayPal (Europe) S.a.r.l. et Cie, S.C.A. We access only the unique key number/token that is assigned by PayPal (Europe) S.a.r.l. et Cie, S.C.A. and information on whether the payment operation was successful or not.

Link

Expense tracking service provider (available only to United States users)

Plaid Technologies, Inc.

We do not access, process or store bank card information. Bank card information is provided directly to Plaid Technologies, Inc. We only access data on the amount, type, date and time of expenses sent to us by Plaid Technologies, Inc.

Link

Purchase of passenger insurance (available only to Russian users)

PJSC AlphaStrakhovanie

Link

Car rental

(third-party service)

TravelJigsaw Limited (Rentalcars)

The data you fill in on a Rentalcars service page are automatically rerouted to a service provider. We do not have access to them. We receive a confirmation of your booking from Rentalcars in order to add these data to the App.

Link

Purchase of baggage insurance

(third-party service)

Blue Ribbon Bags, LLC

The data you fill in on the page where you purchase baggage insurance are automatically rerouted to a service provider. We do not have access to them. We receive a confirmation of your purchase from Blue Ribbon Bags, LLC in order to add these data to the App.

Link

We may also share personal data with third parties when:

·       you give us your consent to do so, including if we notify you that the information you provide will be shared with a particular third party in a particular manner, and you provide such information

·       we believe that we are lawfully required or authorised in good faith to do so, or that doing so is reasonably necessary or appropriate to comply with the law or legal procedures, or to respond to lawful requests or legal authorities, including in response to lawful subpoenas, warrants or court orders.

While using the App, you might be interested in inviting random people whom you do not know but with whom you are interested in communicating through the App. In this event, make sure you truly wish to share any of your information or data with such a person. Once you provide the information to such a person, we cannot guarantee that this person will not use this information against you, trade it or misuse it in any other way. We will not be able to prevent such misuse, nor will we be liable for it. We will only be able to block the account or delete the account of any user who violates the Privacy Policy or Terms of Service. However, once any information is provided by you directly to anybody through the App, we are not responsible for any consequences.

We share anonymised statistics with airlines that use these data to improve their client service (e.g. to choose which flights to plan and how to allocate them between airports). Due to the anonymised nature of the data, no direct marketing or profiling can be performed based on them.

 

6.       For how long do we store your personal data?

We store your personal data for the entire period you use the App unless you delete an account in the App. If you delete your account or any part of the information about you contained in the App, we also delete the corresponding information on our servers.

We do not constantly track if you have the App installed at your device. If you want us to quickly delete information about you, you should delete your account before deleting the App.

We also store data for three years that is the minimum required period to be compliant with the US legislative requirements to which we are subject. We do so in order to ensure the possibility of executing regulatory requests and relevant orders from competent courts and authorities, unless we receive a demand from you to rectify or erase your personal data.

7.       Where do we store your personal data?

We use Google Cloud to store your data. Google Cloud servers are located worldwide and data are stored in Google's network of geographically distributed data centres (see Google’s website for more details). The information may be processed outside of your local state or outside of the EU, including in the US, where we are headquartered.

The data protection law and other laws in different countries might not be as comprehensive as those in your country, but please be assured that we have taken steps to ensure that your privacy is protected. With respect to the data of EU users, we ensure that there are appropriate safeguards as set forth in Article 46 of the GDPR (e.g. standard data protection clauses regarding a party storing or otherwise accessing data are in place), or we rely on derogations for specific situations as set forth in Article 49 of the GDPR, i.e. the performance of a contract with you.

8.       What are our principles of data processing?

We have the greatest respect for your personal data, so during the collection and processing of them, we strictly adhere to the best business practices and principles of applicable legislation, including:

·       making the best efforts to process personal data fairly and in a transparent manner

·       collecting data only for the predetermined, explicit and legitimate purposes described herein. We do not process data in a manner incompatible with initial purposes

·       collecting only personal data that we deem adequate, relevant and in a volume strictly necessary to achieve our purposes

·       keeping personal data accurate and, when necessary, up to date. We erase or rectify personal data that is inaccurate without delay

·       keeping personal data in a form that identifies you for no longer than necessary for the purposes for which the personal data were collected and processed

·       ensuring the appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using the appropriate technical or organisational measures.

9.       How do we process children's data?

The App and the Website is for general audience use and is not directed at children. Should a child whom we know to be under 16 send personal data to us, we will use that data only to respond directly to that child to inform him or her that we must have parental consent before processing personal data.

10.    How will we notify you about changes to the Privacy Policy?

We reserve the right to modify the Privacy Policy at any time. If we decide to do so, we will notify you by sending you a message to your personal profile in the App, or by showing the update on the screen of your device when using the App.

11.    What will we do if there is a personal data breach?

If there is a personal data breach, we will without undue delay and where feasible, no later than 72 hours after having become aware of it, notify the competent supervisory authority of the personal data breach unless we reasonably decide that such a breach is unlikely to result in any risk to the rights and freedoms of data subjects.

If a data breach is likely to result in a high risk to your rights and freedoms, we will also send a parallel communication to you.

12.    What data do we process for each service in the App (table)?

Identification of you in the App

Data

Purpose(s)

Source

Third parties

·    Full name

·    Email

·    Phone

·    Password hash (if an account was created using App in the Air authentication system (currently unavailable for new registrations))

·    To properly identify you within the App

·    To send you confirmations, updates, security alerts, support and administrative messages, and to otherwise facilitate your use of and our administration and operation of the App

When you enter data manually in the App, or automatically through social networks or email accounts that you have linked with the App

·   We use Google Cloud (Google LLC) to store data

 

 

·    User ID

Automatically assigned when you start using the App

 

Auto-fill (storage of your logins and passwords in the App)

Data

Purpose(s)

Source

Third parties

·    Login and password data from the services you filled in the App (e.g. in the loyalty programs)

 

·    To provide you with the opportunity to   automatically fill in your login details in other apps on your device  

When you enter them manually in the App

·   Third parties websites or apps on your device in which you choose to use fill in feature  

·   We use Google Cloud (Google LLC) to store data

 

Social communication features in the App

Data

Purpose(s)

Source

Third parties

·    Full name

·    Email

·    Work position

·    Home country

·    Phone

·    Address

·    Job

·    Known languages

·    User-picture

·    Status text  

·    To provide you with the opportunity to communicate with other App users

·    To assign you a rating and show these data in your profile that is available to other App users

·    To show your friends using the App

 

 

When you enter them manually in the App

·   All users of the App, if you decide so

·   We use Google Cloud (Google LLC) to store data

 

·    Aggregated details of you past flights (number of miles/hours spent since start of the current year)

·    Your rating in the App, list of unlocked achievements, in-App friend’s leaderboard information

Automatically based on the travel information stored in the App

·    Content of linked social network accounts (e.g. Google, Facebook, iCloud, TripIt), including:

o email address

o name

o user-picture (URL)

o friends lists

o work position (from TripIT)

Automatically from your profile and friends’ pages on social networks that you have linked with the App. For accessing your data in Google, Facebook, iCloud, TripIt we do not collect login details or password data. We receive only API authorisation tokens from Google, Facebook, iCloud or TripIt.

·    Inbox messages in the App (sender and recipient details, text, attached image, if any)

·    List of conversation with other users in public chats (names, IDs and user-pictures of the participants)

When you use inbox messages features or participate in public charts in the App

·   We use Google Cloud (Google LLC) to store data

 

Flight and airport ratings

·    Ratings and feedbacks leaved by you and other users in the App:

o rating, including flight information

o airport wait times for check-in, customs, passport control, baggage

o airport tips, including airport code, text, photo image, timestamp

o airport tips rating: airport tip ID, rating (+1 / -1)

·    To provide you with the opportunity to leave public reviews and tips for flights and airports

·    To show ratings and feedbacks in the App so that you can choose appropriate flights or airports, and use tips of other users

When you post comments or ratings to flights and airports in the App or rate other users’ reviews or tips 

·   We use Google Cloud (Google LLC) to store data

 

 

 

 

Notification on flights

Data

Purpose(s)

Source

Third parties

·    Phone or email

·    Flight number

·    To send SMS/email notifications on the flight you specified and any information on its changes, delays, time of check-in, departure, take-off or other parts associated with the flight

When you enter them manually in the App

·   We use Twilio to send messages

·   We use Google Cloud (Google LLC) to store data

·    Flight details

From airlines and public resources

·    Title, subscriber group type (family, follower, attendant, welcomer)  

When you enter them manually in the App

·   We use Google Cloud (Google LLC) to store data

 

 

Aggregation of your travel information in the App

Data

Purpose(s)

Source

Third parties

·    Details of flights:

o airline name and code

o flight number

o status of the flight

o aircraft type

o details of departure and arrival (assigned or user’s reported date, time, airport name and code, terminal and gate, aircraft type)

o ticket information (booking reference number, e-ticket number, airline locator, seat number, cabin class, boarding pass decoded barcode string, details of passengers (title, full name, birth date, gender, email, phone), purchased fare details)

·    Details of car rental:

o company name

o reservation code

o car class

o pick up and drop off location and date

·    Details of hotel booking:

o hotel name, address, number of stars

o check-in and check-out dates, number of guests

o in case of reservation though in-App booking, additionally:

-    room details

-    amount paid

-    room PIN

-    booking reference ID.

·    Details of baggage insurance:

o insurance policy number

o insurance policy document

·    Details of life insurance:

o insurance policy number

o insurance confirmation document

·    To aggregate all travel information in the App and to provide you with details on your flights, car rentals, hotel bookings and insurance for the convenient management of such information in the App

 

When you enter them manually in the App, automatically from email and other accounts that you have linked with the App, from your calendar (see below) or from third-party service providers

·   We receive data from third-party service providers you may use to book a hotel or car, or to buy baggage insurance, including:

o  Hotellook

o  Rentalcars

o  Blue Ribbon Bags LLC.

·   As well we receive information from the services we use for bookings inside the App (Advanced Travel Technologies LTD (PASSNFLY), Booking.com B.V., DHISCO, Inc, Airlines you chosen)

·   We use Google Cloud (Google LLC) to store data

·    Content of linked Google or Windows Live account:

o  email address

o  name

o  messages dedicated to:

-      flights

-      car rentals

-      hotel bookings

When you enter them manually in the App and automatically from accounts that you have linked with the App (by parsing the relevant emails in your linked email account). For accessing your accounts we do not collect login details or password data. We receive only API authorisation tokens from Google and Windows Live

·   We use Google Cloud (Google LLC) to store data

·    Content of Outlook or other linked email accounts other than Google / Windows Live (IMAP):

o  login details (email address, name, password, host)

o  messages dedicated to:

-      flights

-      car rentals

-      hotel bookings

 

When you enter them manually in the App and automatically from email accounts that you have linked with the App (by parsing the relevant emails in your linked email account)

·    Calendar events dedicated to flights

Automatically from Google accounts (if you have linked Google email) or when you push “Import” button in settings

·   We use Google Cloud (Google LLC) to store data

·    Content of TripIt account:

o  full name

o  data on your flights, car rentals and hotel bookings, stored in TripIt

When you enter them manually in the App and automatically from the TripIt account, that you have linked with the App. For accessing TripIt we do not collect login details or password data. We receive only API authorisation token from TripIt

·   We use Google Cloud (Google LLC) to store data

 

·    List of emails that should be used as a reference list for email parsing (when you forward itinerary to [email protected])

When you enter them manually in the App

·   We use Google Cloud (Google LLC) to store data

 

 


 

Aggregation of information on loyalty programmes

Data

Purpose(s)

Source

Third parties

·    Details of loyalty programmes:

o  login details (email, loyalty card number, phone number or other identifier used by a loyalty programme, and password)

o  account ID

o  available loyalty points

o  amount of all / status miles

o  program status,

o  miles expiration date

o  number of segments required

o  registered date

o  loyalty program card number

·    To aggregate information in the App and to provide you with details on the relevant state of your loyalty points wallets for your convenient management of such information in the App

When you enter them manually in the App, and automatically from the relevant loyalty points operator accounts that you have linked with the App

·   We use AwardWallet LLC to collect information from loyalty programme accounts

·   We use Google Cloud (Google LLC) to store data

 

 

Automated check-in for flights

Data

Purpose(s)

Source

Third parties

·    Full name

·    Gender

·    Birth date

·    Email

·    Phone number

·    Country of residence

·    International and/or national passport details

·    Visa number/alien registration number

·    Destination address

·    Loyalty programme details (frequent flyer number)

·    Seating preferences

·    E-ticket number

·    Airline locator number

·    To provide you with automated check-in services

When you enter them manually in the App or from auto-fill features you have at your device (e.g. KeyChain). Data are automatically rerouted to PASSNFLY, which actually performs the automated check-in actions

·   We use and share data with PASSNFLY (Advanced Travel Technologies LTD) to provide the service

·   The data are stored at your device, we do not store them at our servers

·    Citizenship

·    List of submitted requests, reference ID

·   We use Google Cloud (Google LLC) to store data

·    Boarding pass details

·    To show boarding pass details in the App

Automatically from PASSNFLY

·   We use Google Cloud (Google LLC) to store data

 

Export to Apple Wallet / Passbook

Data

Purpose(s)

Source

Third parties

·    Passbook Device ID,

·    Passbook Push token

·    To provide you with the possibility to see bookings and boarding passes in Apple Wallet / Passbook

Automatically when you export bookings to Apple Wallet / Passbook

·   We use Google Cloud (Google LLC) to store data

 

Hotel bookings and purchase of plane tickets (in-App service)  

Data

Purpose(s)

Source

Third parties

·    Type (Adult/Child/Infant)

·    Title (Mr/Mrs/Ms)

·    Full name

·    Gender

·    Birth date

·    Email

·    Phone

·    Frequent flyer number

·    Country of residence

·    International and/or national passport details (issuing country, issued and expiration date)

·    Visa number / alien registration number

·    Loyalty programme details (frequent flyer number)

·    Seating preferences

·    Preferred currency (from Profile)

·    To provide you with the opportunity to purchase plane tickets and book hotels in the App

When you enter them manually in the App or from auto-fill features you have at your device (e.g. KeyChain)

·   We share data with Booking.com B.V. and DHISCO, Inc. to book hotels

·   We share data with airlines to book plane tickets (e.g. United Airlines, Vueling, Lufthansa, American Airlines, WestJet, British Airways, Airfrance, S7, AirCanada)

·   We use Google Cloud (Google LLC) to store data

 

·    Bank card details

·    Preferred currency

·    To provide you with the opportunity to pay for services directly in the App using your bank card, Apple Pay or Google (Android) Pay

Data are automatically rerouted to Stripe Inc. We do not have access to them. We only receive API token assigned by Stripe Inc.

·   Stripe Inc. provides this service  

·    Data on whether an operation is successful or not

Automatically from Stripe Inc.

·   We receive payment data from Stripe Inc. to book hotels and plane tickets  

·   We use Google Cloud (Google LLC) to store data

 

 

Purchase of passenger insurance (available only to Russian users) (in-App service)  

Data

Purpose(s)

Source

Third parties

·    Full name

·    Birth date

·    Email

·    Flight details

·    Preferred currency (from Profile)

·    To provide you with the opportunity to purchase passenger insurance in the App

When you enter them manually in the App

·   We use Google Cloud (Google LLC) to store data

·   We share data with PJSC AlphaStrakhovanie to arrange purchase of passenger insurance

·    Bank card details

·    To provide you with the opportunity to pay for services directly in the App using your bank card, Apple Pay or Google (Android) Pay

Data are automatically rerouted to Stripe Inc. We do not have access to them. We only receive API token assigned by Stripe Inc.

·   Stripe Inc. provides this service  

·    Data on whether an operation is successful or not

Automatically from Stripe Inc.

·   We receive payment data from Stripe Inc. to arrange purchase of passenger insurance

·   We use Google Cloud (Google LLC) to store data

 


 

Tracking expenses

Data

Purpose(s)

Source

Third parties

·    Amount, type, date and time of expenses

·    To provide you with the possibility to see and track your expenses associated with the trips in the App

When you enter them manually in the App. For users from the United States – data may be automatically collected from Plaid Technologies, Inc.

·   We receive data on expenses sent to us by Plaid Technologies, Inc.

·   We use Google Cloud (Google LLC) to store data

·    Credit card details

Data are automatically rerouted to Plaid Technologies, Inc. We do not have access to them. We only receive API token assigned by Plaid Technologies, Inc.

·   Plaid Technologies, Inc provides this service

Showing nearest airports

Data

Purpose(s)

Source

Third parties

·    Geolocation data

·    To provide you with the opportunity to quickly choose the nearest airport when you manually add future flights in the App

Automatically from the device on which you use the App

·   We use Google Cloud (Google LLC) to store data

 

 

Storage of uploaded documents, checklists, photos, etc.

Data

Purpose(s)

Source

Third parties

·    Uploaded images, documents or other files

·    To allow you to store the necessary documents in the App.

When you upload them manually to the App

 All data are stored at your device

 

Technical support in the App

Data

Purpose(s)

Source

Third parties

·    Details of feedback requests you submitted in the App:

o  email

o  enquiry text

o  local App database file (trips data only) describing database state at the moment of request.

·    To resolve your technical or other issues that may arise while you using the App

Automatically when you send us feedback requests

·   We use Google Cloud (Google LLC) to store data

 

Monthly snapshots

Data

Purpose(s)

Source

Third parties

·    Details of trips completed within month:

o  carrier code, number

o  departure and arrival airports and dates

o  leaderboard status (place in friends’ and global leaderboard)

o  connected loyalty memberships balance

·    To provide you with an aggregated statistics on your flights and achievements in the App on a monthly basis

Automatically from your profile details

·   We use Google Cloud (Google LLC) to store data

 


 

Generating flights video

Data

Purpose(s)

Source

Third parties

·    Request creation date, internal request ID

·    Full name

·    User-picture

·    Subset of flights history

·    Posted image of the video (1st frame) and generated video file

·    To provide you with a possibility to create video files showing your flights throughout the year on the map, store these videos and access them at any time

Automatically from your profile details when you send us feedback requests

·   We use Google Cloud (Google LLC) to store data

 

Booking hotels, car rental, purchase of baggage insurance (third-party services)

Data

Purpose(s)

Source

Third parties

·    Data requested by a third-party service provider

·    To book hotels

Data are automatically rerouted to a service provider. We do not have access to them. We receive data from the service provider on what you have booked or purchased in order to aggregate data in the App (see this section)

·   Hotellook (Go Travel Un Limited) provides this service

·    To rent cars

·   Rentalcars (TravelJigsaw Limited) provides this service

·    To purchase baggage insurance

·   Blue Ribbon Bags, LLC provides this service