Your data, your control

Privacy Policy

Last updated April 20, 2026

Simple Summary

You don't need to provide any personal information to use Flights25. If you choose to sign in or connect optional services like Gmail or your Calendar, we use them only to find your flights and make your experience smoother.

If you choose to share personal details for certain features, we keep them safe and never sell them.

Introduction

We want to be transparent about how we handle your data because that's what we expect from the services we use. We value your trust and treat your data with care and respect. By using our services, you agree to this privacy policy.

Using Flights25 doesn't require you to share private information. Most of the time, we don't know anything personal about you.

What We Collect

  • If you scan your boarding pass, camera access is required and will be used only for that purpose.
  • If you enable location access, we only use it to help locate you on the map or to provide better search suggestions with airports nearby. The location data is not retained and only remains for a session and is forgotten afterwards.
  • If you have Flights25 Premium and enable Live SMS Alerts, we will need to store the phone number you enter on our servers in order to send you SMS. The phone number is only stored until the live update expires (approx. 48 hours after flight landing) and will be deleted afterwards.
  • We use random alphanumeric tokens to keep you logged in and send you push notifications. Our server software stores basic technical information, such as your IP address.

Account & Sign-In (Optional)

You can use most of Flights25 without creating an account. If you'd like to sync your flights across devices, you can sign in using:

  • Email Sign-In: We use a passwordless link sent to your email address. We only store your email address and a unique user ID to identify your account.
  • Google Sign-In: We receive your email address and basic profile information (name, profile picture) from Google to create your account. We don't get access to anything else in your Google account through sign-in alone.
  • Apple Sign-In: We receive your name and email address from Apple to create your account. If you choose Apple's "Hide My Email" option, we only ever see the relay address Apple provides — we never receive your real email. We don't get access to anything else in your Apple ID.

You can delete your account and associated data at any time from the app settings or by contacting us at data@flights25.com.

Email Forwarding & Gmail Sync (Optional)

If you choose to connect Gmail or forward your booking confirmations, Flights25 can automatically find your flight confirmations so you don't have to enter them manually. Your privacy is the priority here:

  • We pre-filter: We first check whether an email contains specific airline names or travel-related keywords (such as "boarding pass", "flight confirmation", or known carrier names). Emails that don't match are ignored.
  • AI extraction: Once an email passes the filter, the relevant content is parsed using Google's Gemini AI to accurately extract flight details (flight number, dates, times, airports, seat, etc.).
  • No retention of emails: Only the extracted flight details are saved to your account. We do not store the original email contents, and we never read or process non-flight emails (personal messages, newsletters, work email, etc.).
  • Disconnect anytime: You can revoke Gmail access from the app settings or directly from your Google account at any time.

Flights25's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Calendar Integration (Optional)

If you choose to connect your calendar, Flights25 can automatically detect flight events you've already added (for example, from a booking confirmation that created a calendar entry) and add or update flight events for you. We request read and write access for the following reasons:

  • Read access: To detect flights, we process calendar events that look like flights and contain a flight number. Events that don't match are ignored.
  • Write access: To keep events up to date, we can sync the flight details to your calendar when you add a flight to Flights25.
  • We only process flight details: Calendar contents are neither retained on our servers nor stored on your device. We only store the flight details that were extracted, just like with any other flight you add.

Analytics

Flights25 gathers anonymous data, like how frequently certain features are used, to enhance the app.

Ads

We don't collect any data for ads or related purposes. Flights25 does not show ads inside the app.

Marketing Measurement

We run marketing campaigns on platforms like Meta (Facebook and Instagram) to let new users discover Flights25. To understand whether those campaigns work, we include the Meta Ads SDK in the app. Its only purpose is to match conversion events (such as "app installed" or "signed up") back to the ad campaign that brought the user in, so we know which campaigns are worth running. This helps us spend our marketing budget responsibly instead of guessing.

For this matching, Meta receives limited technical signals (such as a temporary advertising identifier). We do not share your name, your flights, your email, or any other personal data with Meta.

How Information is Used

We don't share personal data with third parties unless it's necessary to fulfill Flights25's functions.

We utilize the information we gather to run and improve our website, apps, and customer support.

Your information might be disclosed in response to legal requests like subpoenas or court orders; to assert our legal rights or defend against legal claims; to investigate, prevent, or act on illegal activities, suspected fraud, policy violations; or to protect our rights and property.

In the future, if we sell, buy, merge, or partner with other businesses, user information might be part of the transferred assets.

How We Protect Information

We use various security measures to keep your information safe. For example, all communication with the app and website is secured with HTTPS and certificate pinning.

Your Rights

You can access or delete your personal data anytime by emailing us at data@flights25.com.

Company Information

Flights25 is operated in Poland (European Union) by Rocketech Sp. z o.o. with a registered office in Cracow, Poland.

  • Registration Number (KRS): 0001113602
  • VAT Number: PL6793302838
  • Registered Address: UL. NA ZJEŹDZIE 11, 5th floor, 30-527 Kraków, Poland
  • Data Protection Contact: data@flights25.com

Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Consent: When you explicitly agree to the processing of your data (e.g., for SMS alerts).
  • Contract: To fulfill our services to you, especially for Premium features.
  • Legitimate Interests: For improving our services and ensuring security.

Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise any of these rights, please contact us at data@flights25.com. We will respond to your request within 30 days.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically:

  • SMS alert phone numbers are deleted within 48 hours after flight landing
  • Location data is only stored for the duration of your session
  • Analytics data is anonymized and retained for 12 months
  • Gmail and calendar contents are processed in-memory only — we keep just the extracted flight details, never the original emails or calendar events
  • Account data (email, user ID, saved flights) is retained until you delete your account

Data Transfers Outside the EEA

When we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses approved by the European Commission
  • Ensuring recipients are in countries with adequate data protection as determined by the European Commission
  • Implementing appropriate technical and organizational measures to protect your data

California Online Privacy Protection Act Compliance

We adhere to the California Online Privacy Protection Act, ensuring that we won't share your personal information with third parties without your permission.

Children's Online Privacy Protection Act Compliance

We do not knowingly gather or store information from individuals under 13 years old, and our website is not designed to attract children under this age.

International Transfers of Information

Your information might be processed, stored, and used outside your home country. Data privacy laws differ by region, and various laws may apply to your data based on where it is handled.

Future Changes

We may update our privacy policy in the future. Please check this page regularly to stay informed about the policy you agree to by using our services.

Questions about your privacy?

We're here to help. Reach out anytime and we'll respond promptly.

data@flights25.com
Get it on Google Play Download on App Store
About the app
How it works
Features
Testimonials
FAQs
Company
Flighty Alternative
About us
Contact Us
Legal
Terms & Conditions
Privacy Policy
© Flights25. All rights reserved