Privacy Policy

• ●Storage: Chat conversations are stored in Google Cloud Firestore, linked to your authenticated user account
• ●Processing: Your messages are sent to AI language model providers (such as Google Gemini) to generate responses. We send only the conversation context necessary for generating relevant responses
• ●Isolation: Each user's chat history is strictly isolated. You can only access your own conversations; no other user can view your chats
• ●Retention: Chat data is retained as long as your account exists, unless you manually clear your chat history or request deletion
• ●No Training: We do not use your personal chat data to train AI models. Conversations may be anonymized and aggregated for service improvement purposes only
• ●Sensitive Data: Do not share sensitive personal information (credit card numbers, passwords, government IDs) in AI chat conversations

We process your personal data for the following purposes:

• ●Service Delivery: Providing flight search results, price comparisons, redirecting to booking providers, and operating the FlyBot AI assistant
• ●Account Management: Creating and maintaining your account, authenticating your identity, and managing your subscription
• ●Personalization: Tailoring search results based on your location, currency preferences, search history, and past interactions
• ●Subscription Billing: Processing payments, managing subscription status, syncing entitlements across platforms (iOS, Android, web), and fraud prevention
• ●Communications: Sending transactional emails (subscription confirmations, receipts), service announcements, and with your consent, promotional materials
• ●Analytics & Improvement: Understanding usage patterns, improving features, optimizing the user experience, and developing new services
• ●Security & Fraud Prevention: Protecting against unauthorized access, detecting abuse, preventing fraud, and ensuring platform integrity
• ●Legal Compliance: Meeting regulatory obligations, responding to legal requests, and enforcing our Terms and Conditions
• ●Push Notifications: Sending price alerts, search result updates, and subscription reminders (iOS/Android, with your permission)

We process your personal data under the following legal bases:

• ●Contract Performance: Processing necessary to deliver the services you requested (flight search, account management, subscription features)
• ●Consent: Where required (e.g., push notifications, marketing emails, cookies), we obtain your explicit consent and you may withdraw it at any time
• ●Legitimate Interest: Improving our services, preventing fraud, ensuring security, and conducting analytics — balanced against your privacy rights
• ●Legal Obligation: Complying with applicable laws, regulations, court orders, or governmental requests

We do NOT sell, rent, or trade your personal data. We may share data with the following categories of recipients:

• ●Firebase / Google Cloud: Authentication, database (Firestore), analytics, crash reporting, push notifications (FCM), and hosting
• ●AI Providers: Chat messages are sent to AI model providers (e.g., Google Gemini) for generating responses. No personally identifiable information beyond conversation content is shared
• ●Payment Processors: Razorpay (web payments), Apple (App Store purchases), Google (Play Store purchases) — they process payments under their own privacy policies
• ●RevenueCat: Subscription management and cross-platform entitlement syncing (receives anonymized user IDs and subscription status)
• ●Flight Data Providers: We send anonymized search queries to aggregators (e.g., Travelpayouts) to fetch flight results. Your personal identity is not disclosed
• ●Legal Authorities: When required by law, court order, or governmental regulation; or to protect the rights, property, or safety of Appfide Private Limited, our users, or the public
• ●Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of the transaction with equivalent protections

We implement industry-standard security measures to protect your data:

• ✓Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.2+ (HTTPS)
• ✓Encryption at Rest: Data stored in Google Cloud Firestore is encrypted at rest using AES-256 encryption
• ✓Access Controls: Firebase Security Rules ensure users can only access their own data; administrative access is restricted
• ✓Authentication Security: Firebase Authentication with support for multi-factor authentication, secure session management
• ✓App Check: Firebase App Check verifies that incoming traffic originates from legitimate app instances
• ✓Rate Limiting: API rate limiting prevents abuse and brute-force attacks
• ✓Regular Audits: We conduct periodic security reviews and vulnerability assessments

We retain your personal data only for as long as necessary:

After the retention period, data is permanently deleted or anonymized so that it can no longer be associated with you.

Web Application:

• ●Essential Cookies: Required for authentication, session management, and security (cannot be disabled)
• ●Analytics Cookies: Firebase Analytics cookies for understanding usage patterns (can be opted out)
• ●Local Storage: Used to store user preferences (currency, language, theme) locally on your device

Mobile Applications (iOS & Android):

• ●Firebase Analytics SDK: Collects app usage data and events
• ●Firebase Crashlytics: Collects crash reports and diagnostic data
• ●Advertising Identifiers: IDFA (iOS) and GAID (Android) are not collected unless you provide consent via the App Tracking Transparency (ATT) prompt on iOS

You can manage cookie preferences through your browser settings. On iOS, you can control tracking via Settings → Privacy → Tracking. On Android, you can reset your advertising ID via Settings → Privacy.

Depending on your jurisdiction, you may have the following rights:

• ✓Right of Access: Request a copy of the personal data we hold about you
• ✓Right to Rectification: Request correction of inaccurate or incomplete personal data
• ✓Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal retention requirements
• ✓Right to Restriction: Request that we limit the processing of your personal data in certain circumstances
• ✓Right to Data Portability: Request your data in a structured, commonly used, machine-readable format
• ✓Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
• ✓Right to Withdraw Consent: Withdraw previously given consent at any time (does not affect prior processing)
• ✓Right to Non-Discrimination (CCPA): We will not discriminate against you for exercising your privacy rights
• ✓Right to Lodge a Complaint: You may file a complaint with the relevant data protection authority in your jurisdiction

You can delete your FlyTicket account at any time:

• ●Web: Navigate to Account Settings → Delete Account
• ●iOS/Android: Navigate to Profile → Settings → Delete Account
• ●Email: Send a deletion request to [email protected]

Upon account deletion:

• ●Your profile data, search history, and AI chat history are permanently deleted within 30 days
• ●Subscription billing records are retained for 7 years as required by tax/accounting regulations
• ●Anonymized analytics data may be retained as it cannot be linked back to you
• ●Active subscriptions are NOT automatically cancelled — you must cancel your subscription separately through the respective platform (App Store, Google Play, or web)

Appfide Private Limited is based in India. Your data may be transferred to and processed in countries other than your country of residence, including the United States (Google Cloud infrastructure) and other jurisdictions where our service providers operate.

• ●We ensure adequate safeguards are in place, including Standard Contractual Clauses (SCCs) where required
• ●Our cloud infrastructure providers (Google Cloud) maintain certifications including SOC 2 Type II and ISO 27001
• ●By using our services, you acknowledge that your data may be transferred internationally in accordance with this Policy

FlyTicket is not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.

• ●If we discover that a child under 16 has provided personal data, we will delete it promptly
• ●Parents or guardians who believe their child has provided personal data should contact us at [email protected]
• ●Users between 16-18 years of age should use the service only with parental or guardian consent

• ●Push Notifications: With your permission, we may send push notifications on iOS and Android for price alerts, search updates, and subscription reminders
• ●Opt-Out: You can disable push notifications at any time through your device settings (iOS: Settings → Notifications → FlyTicket; Android: Settings → Apps → FlyTicket → Notifications)
• ●Transactional Emails: Subscription confirmations, payment receipts, and account security alerts will still be sent even if you opt out of marketing communications
• ●Marketing Emails: You can unsubscribe from promotional emails via the unsubscribe link in any marketing email

FlyTicket contains links to third-party websites, including airlines and booking providers. When you click "Book" on a flight result, you leave FlyTicket and are redirected to the airline or provider's website.

• ●We are not responsible for the privacy practices of third-party websites
• ●We encourage you to read the privacy policies of any third-party service before providing your personal information
• ●Any data you provide to airlines or booking providers is governed by their privacy policies, not ours

Appfide Private Limited reserves the right to update this Privacy Policy at any time. Changes will be communicated through the following means:

• ●Updating the "Last Updated" date at the top of this page
• ●Posting a notice on our website and/or mobile app for material changes
• ●Sending email notification for significant changes affecting your rights
• ●In-app notification for mobile users when material changes occur

Your continued use of FlyTicket after any modifications to this Policy constitutes your acceptance of the updated terms. We encourage you to review this Policy periodically.