Privacy Policy

1. Introduction

Welcome to Traveliya. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and flight booking services.

Traveliya ("we," "our," or "us") operates a flight booking platform that connects travelers with airlines worldwide. This policy applies to all information collected through our website, mobile applications, and related services (collectively, the "Service").

By using Traveliya, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

We collect several types of information to provide and improve our flight booking services.

2.1 Information You Provide Directly

When you use our Service, you may provide us with:

2.2 Information Collected Automatically

When you access our Service, we automatically collect:

2.3 Information from Third Parties

We may receive information about you from:

• Airlines: Booking confirmations, flight status updates, schedule changes
• Payment processors: Transaction verification and fraud prevention data
• Travel partners: Loyalty program information (if linked)
• Public databases: Sanction lists for regulatory compliance

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing Our Services

• Process and confirm your flight bookings
• Issue e-tickets and booking confirmations
• Communicate flight updates, schedule changes, and delays
• Manage your account and booking history
• Provide customer support and respond to inquiries
• Process payments and refunds
• Fulfill special service requests (wheelchair assistance, dietary requirements)

3.2 Improving Our Services

• Analyze usage patterns to enhance user experience
• Develop new features and services
• Conduct research and analytics
• Test and troubleshoot technical issues
• Personalize content and recommendations

3.3 Communication

• Send booking confirmations and travel itineraries
• Provide flight status notifications
• Respond to customer service requests
• Send important service announcements
• Deliver marketing communications (with your consent)
• Conduct customer satisfaction surveys

3.4 Safety and Security

• Detect and prevent fraud
• Protect against unauthorized access
• Verify user identity
• Enforce our Terms and Conditions
• Maintain platform security

3.5 Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Fulfill airline and government reporting requirements
• Meet travel industry regulatory obligations

4. Legal Basis for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data based on the following legal grounds:

You have the right to withdraw consent at any time for processing based on consent, without affecting the lawfulness of processing before withdrawal.

5. Information Sharing and Disclosure

We share your information only in the following circumstances:

5.1 Airlines and Travel Service Providers

We share necessary booking information with airlines to:

• Complete your flight reservation
• Issue tickets and boarding passes
• Fulfill special service requests
• Comply with airline security and check-in requirements

This includes your name, contact details, passport information, and booking preferences as required by each airline.

5.2 Payment Processors

We use Stripe as our payment processor. When you make a payment, Stripe receives:

• Credit/debit card information
• Billing address
• Transaction amount

Stripe processes this information according to their Privacy Policy. Traveliya does not store your complete credit card details on our servers.

5.3 Service Providers

We work with trusted service providers who assist us in:

• Hosting and maintaining our website
• Sending emails and notifications
• Analyzing website usage
• Providing customer support tools
• Processing payments

These providers are contractually bound to protect your information and may only use it for the specific services they provide to us.

5.4 Legal Requirements

We may disclose your information when required by law or in response to:

• Court orders and subpoenas
• Government or regulatory requests
• Law enforcement investigations
• Legal proceedings

5.5 Protection of Rights

We may disclose information to:

• Protect our rights, privacy, safety, or property
• Enforce our Terms and Conditions
• Protect against legal liability
• Prevent fraud or other illegal activities

5.6 Business Transfers

If Traveliya is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

5.7 With Your Consent

We may share your information for other purposes with your explicit consent.

6. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses: EU-approved contractual terms for data transfers
• Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
• Data Processing Agreements: Contracts with service providers ensuring data protection

Airlines require passenger information for bookings, and this data is transferred according to international aviation regulations and bilateral agreements between countries.

7. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy:

After the retention period, data is securely deleted or anonymized.

8. Data Security

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

• Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL technology
• Secure Payment Processing: PCI-DSS compliant payment handling through Stripe
• Access Controls: Role-based access limiting who can view personal data
• Firewalls and Intrusion Detection: Network security monitoring
• Regular Security Audits: Periodic assessment of our security practices

Organizational Safeguards

• Employee training on data protection
• Confidentiality agreements with staff
• Incident response procedures
• Regular security policy reviews

Your Responsibilities

• Keep your account password secure and confidential
• Log out after using shared or public computers
• Notify us immediately of any unauthorized account access
• Use strong, unique passwords

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Your Privacy Rights

Depending on your location, you have various rights regarding your personal information:

9.1 Rights for All Users

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Marketing Opt-Out: Unsubscribe from marketing communications at any time

9.2 Additional Rights for EEA/UK Residents (GDPR)

• Data Portability: Receive your data in a structured, machine-readable format
• Restriction of Processing: Request limitation of how we use your data
• Object to Processing: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for consent-based processing
• Lodge a Complaint: File a complaint with your local data protection authority

9.3 Rights for California Residents (CCPA/CPRA)

• Right to Know: Request information about data collection practices
• Right to Delete: Request deletion of personal information
• Right to Correct: Request correction of inaccurate information
• Right to Opt-Out: Opt out of the sale or sharing of personal information
• Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise your rights, please contact us at privacy@traveliya.com or through our Customer Support page. We will respond within 30 days (or as required by applicable law).

We may need to verify your identity before processing your request to protect your privacy and security.

10. Marketing Communications

10.1 Types of Communications

With your consent, we may send you:

• Promotional offers and deals
• Travel tips and destination guides
• New feature announcements
• Surveys and feedback requests
• Partner offers (if you opt-in)

10.2 Opting Out

You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your preferences in your account settings
• Contacting our customer support

Please note that even if you opt out of marketing, we will still send you transactional communications related to your bookings (confirmations, flight updates, etc.).

11. Automated Decision-Making

We use automated systems to:

• Detect and prevent fraudulent transactions
• Verify payment information
• Display personalized flight recommendations
• Calculate pricing based on search criteria

These processes help us provide efficient service and protect against fraud. If you have concerns about automated decisions affecting you, please contact us.

12. Third-Party Links

Our website may contain links to third-party websites, including airlines, hotels, and travel resources. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

13. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@traveliya.com.

Minors traveling must have bookings made by a parent or legal guardian who accepts responsibility for providing the minor's information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post a notice on our website
• Send an email notification to registered users (for significant changes)

We encourage you to review this Privacy Policy periodically. Your continued use of our Service after changes constitutes acceptance of the updated policy.

15. Data Protection Officer

For EEA/UK users, our Data Protection Officer can be contacted at:

The DPO is responsible for overseeing our data protection strategy and ensuring compliance with applicable privacy laws.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all inquiries within 30 days.

17. Supervisory Authority

If you are located in the EEA or UK and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

A list of EU data protection authorities can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

18. Privacy Policy Summary