Privacy Policy

Cookies we use

We use only essential, first-party cookies needed to keep you signed in and to protect forms:

• authjs.session-token (and the __Host- variant on HTTPS), your login session, httpOnly, not readable by JavaScript.
• authjs.csrf-token: CSRF/PKCE protection during sign-in, httpOnly, transient.

We set no analytics, advertising, or tracking cookies. Stripe may set cookies on its own domain during checkout. See Stripe's privacy policy.

Data we process

• Account: your name, email and profile image from Google sign-in (verified server-side; we never receive your Google password).
• Travel data: searches, trips, and bookings you make.
• Identity vault: passenger details and passport numbers you choose to store. Passport numbers are encrypted at rest (AES-256-GCM) and are never shown in full to your browser.
• Concierge: your messages, processed by our self-hosted AI (Ollama/Gemma) on our own server. We do not send them to third-party AI providers by default.
• Payments: handled by Stripe; we never see or store your full card number.

Where your data lives

Data is stored in our self-hosted PostgreSQL database. Flight inventory comes from Duffel; payments from Stripe. We minimize third-party processors in line with our local-first principle.

Your rights (GDPR)

• Access & portability: download all your data anytime from Account & settings → Download my data.
• Erasure: request account deletion from the same page. We schedule a 30-day grace period (you can cancel within it), then permanently erase your data and cancel any subscription.
• Rectification: edit or delete stored identities at any time in the Identity Vault.

Retention

We keep your data while your account is active. After deletion, personal data is erased; limited operational/audit records may be retained where required for security and financial compliance.

Contact

For any privacy request, email [email protected].