Privacy Policy

Last Updated - April 14, 2025

🔒 Simple Summary 📝

You don't need to provide any personal information to use Flights25. If you choose to share personal details for certain features, we keep them safe and never sell them.

We only use anonymous data to make the app better.

Introduction

We want to be transparent about how we handle your data because that's what we expect from the services we use. We value your trust and treat your data with care and respect. By using our services, you agree to this privacy policy.

Using Flights25 doesn't require you to share private information. Most of the time, we don't know anything personal about you.

What We Collect

  • If you scan your boarding pass, camera access is required and will be used only for that purpose.
  • If you enable location access, we only use it to help locate you on the map or to provide better search suggestions with airports nearby. The location data is not retained and only remains for a session and is forgotten afterwards.
  • If you have Flights25 Premium and enable Live SMS Alerts, we will need to store the phone number you enter on our servers in order to send you SMS. The phone number is only stored until the live update expires (approx. 48 hours after flight landing) and will be deleted afterwards.
  • We use random alphanumeric tokens to keep you logged in and send you push notifications. Our server software stores basic technical information, such as your IP address.

Analytics

Flights25 gathers anonymous data, like how frequently certain features are used, to enhance the app.

Ads

We don't collect any data for ads or related purposes.

How Information is Used

We don't share personal data with third parties unless it's necessary to fulfill Flights25's functions.

We utilize the information we gather to run and improve our website, apps, and customer support.

Your information might be disclosed in response to legal requests like subpoenas or court orders; to assert our legal rights or defend against legal claims; to investigate, prevent, or act on illegal activities, suspected fraud, policy violations; or to protect our rights and property.

In the future, if we sell, buy, merge, or partner with other businesses, user information might be part of the transferred assets.

How We Protect Information

We use various security measures to keep your information safe. For example, all communication with the app and website is secured with HTTPS and certificate pinning.

Your Rights

You can access or delete your personal data anytime by emailing us at data@flights25.com.

Company Information

Flights25 is operated in Poland (European Union) by Rocketech Sp. z o.o. with a registered office in Cracow, Poland.

Registration Number (KRS): 0001113602

VAT Number: PL6793302838

Registered Address: UL. NA ZJEŹDZIE 11, 5th floor, 30-527 Kraków, Poland

Data Protection Contact: data@flights25.com

For any privacy-related inquiries, please contact us at data@flights25.com

Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Consent: When you explicitly agree to the processing of your data (e.g., for SMS alerts)
  • Contract: To fulfill our services to you, especially for Premium features
  • Legitimate Interests: For improving our services and ensuring security

Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise any of these rights, please contact us at data@flights25.com. We will respond to your request within 30 days.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically:

  • SMS alert phone numbers are deleted within 48 hours after flight landing
  • Location data is only stored for the duration of your session
  • Analytics data is anonymized and retained for 12 months

Data Transfers Outside the EEA

When we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses approved by the European Commission
  • Ensuring recipients are in countries with adequate data protection as determined by the European Commission
  • Implementing appropriate technical and organizational measures to protect your data

California Online Privacy Protection Act Compliance

We adhere to the California Online Privacy Protection Act, ensuring that we won't share your personal information with third parties without your permission.

Children's Online Privacy Protection Act Compliance

We do not knowingly gather or store information from individuals under 13 years old, and our website is not designed to attract children under this age.

International Transfers of Information

Your information might be processed, stored, and used outside your home country. Data privacy laws differ by region, and various laws may apply to your data based on where it is handled.

Future Changes

We may update our privacy policy in the future. Please check this page regularly to stay informed about the policy you agree to by using our services.