Privacy Policy

1. What we collect

We collect the minimum information needed to provide our service:

• Email address — to create your account and send price alerts.
• Password — stored as a bcrypt hash. We cannot read your password.
• Search parameters — airport codes, destinations, dates — stored only if you choose to save a search.
• Price alert settings — routes and target prices you configure.
• Anonymous click data — which partner link you clicked (airline or hotel name) and the route, without any personal identifier.

2. What we do not collect

We deliberately do not collect:

• Your name, phone number, or date of birth
• Nationality or passport information
• Payment or financial data
• IP address logs linked to your account
• Device fingerprints or behavioural tracking profiles

3. How we use your data

• To send you email verification and password reset links
• To send price drop alert emails you explicitly subscribed to
• To display your saved searches and alerts in your account

We do not send marketing emails. We do not sell or share your personal data with third parties for advertising purposes.

4. Third-party services

When you click a Book button, you leave Flyvori and visit a partner site (Kiwi, Booking.com, etc.). Their own privacy policies apply once you leave our site. We earn a small commission on completed bookings at no extra cost to you.

We use Google AdSense to display advertisements. Google may use cookies to personalise ads. You can opt out at adssettings.google.com.

5. Data retention

We keep your account data for as long as your account is active. If you request deletion, we will permanently remove your account and all associated data within 30 days.

6. Your rights

Under the EU General Data Protection Regulation (GDPR) and the Singapore Personal Data Protection Act (PDPA), you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your account and data
• Withdraw consent to processing at any time

To exercise any of these rights, email [email protected] and we will respond within 30 days.

7. Cookies

We use two first-party cookies:

• flyvori_sess — a non-sensitive login flag (readable by JS) that tells the page whether you are logged in. Expires in 30 days.
• flyvori_token — a secure, HttpOnly remember-me token. Expires in 30 days.

We also use localStorage to remember your preferred currency. No tracking cookies are set by Flyvori itself.

8. Contact

Flyvori
Email: [email protected]