Privacy policy

PLACEHOLDER — review with a lawyer before launch. Reflects what we actually collect and where it goes, but the legal phrasing should be tightened.

What we collect

• Your email (for receipts, magic-link sign-in)
• Search history (origin, destination, dates) — to power your account dashboard
• Passenger details for actual bookings: name, date of birth, gender, lead contact
• IP address (for rate limiting)
• Anonymous analytics (page views)

What we don't collect

• Payment card details — these go directly to our payment processor (Duffel)
• Passport / passenger ID numbers — not required for the bookings we currently support

How we store passenger data

Names, dates of birth, and gender are encrypted at rest (AES-256-GCM). The encryption key is stored separately from the database. Decryption only happens server-side at booking issuance time.

Sub-processors

• Duffel — flight booking + payment processing
• Stripe — subscription billing
• Resend — transactional email
• Neon — Postgres database
• Upstash — Redis (ephemeral state, no PII)
• Vercel — application hosting

Your rights

Email hello@aviator.app to request data export or deletion. We'll respond within 7 days.