Popular Languages

English

Italiano

Deutsch

Shqip

ελληνικά

Select Language

English

Italiano

Deutsch

Shqip

ελληνικά

Check your claim

Privacy Policy Content

Privacy Policy

Updated on, 21.11.2024

At AioFlight, we regard data privacy as a cornerstone of our business operations. This Privacy Statement outlines our commitment to handling personal data responsibly, ensuring its confidentiality, integrity, and availability while adhering to applicable laws and regulations.

This Privacy Statement applies to www.aioflight.com, owned and managed by AioFlight Ltd, headquartered at 7 Bell Yard, London WC2A 2JR, United Kingdom. In this context, “AioFlight,” “we,” “us,” or “our” refers to the company as a whole or individual entities within the group, depending on the specific case.

Scope of This Privacy Statement

This Privacy Statement serves as the comprehensive online privacy policy for AioFlight’s operations. It explains:

  • How we collect and use your data.
  • When your data may be shared with others.
  • How long we retain your information.
  • Our approach to marketing communications.
  • Your rights regarding your personal data.
  • How cookies are used on our site.
  • Additional important considerations.
Data Protection Compliance

We process your personal data lawfully and in accordance with applicable data privacy and protection laws (“Data Protection Laws”). These laws may include:

  • General Data Protection Regulation (GDPR) (EU) 2016/679.
  • Brazilian General Data Protection Law (LGPD).
  • Any other applicable regulations implementing data protection standards.
Data Controller

AioFlight Ltd acts as the data controller, meaning we determine the purposes and methods of processing your personal data in connection with the services we provide.

By using our website and services, you consent to the practices described in this Privacy Statement. For further inquiries, please contact us via the information provided in the Contact Us section.

You can also reach our Data Protection Officer at: privacy@aioflight.com.

Data Processing through visits to our Website
1. Visitor Data Collection

When you visit our website for informational purposes only—without submitting requests, logging in, or providing personal details—we process specific data transmitted by your browser to our servers. This data is necessary for displaying our website and ensuring its stability and security. The visitor data we process includes:

  • IP address
  • Date and time of the request
  • Duration of the website visit
  • Time zone offset relative to Greenwich Mean Time (GMT)
  • Requested content (specific page)
  • Access status/HTTP status code
  • Data volume transferred
  • Referring webpage (the webpage from which the request originated)
  • Webpages accessed on our website
  • Internet service provider details
  • Browser type and version
  • Server log files
  • Operating system and interface details
  • Language and version of browser software
2. Legal Basis for Data Processing

The legal foundation for processing this data is grounded in the General Data Protection Regulation (GDPR). Our legitimate interest lies in presenting the website efficiently and securely. Specifically:

  • GDPR Art. 6 para. 1 s. 1 lit. f: Processing is necessary for the purposes of legitimate interests.
  • TTDSG §25 para. 2: Processing is allowed as it is essential for providing our services.
3. Anonymous User Profiles

We utilize anonymous user profiles generated from individual visit data. These profiles help us:

  • Continuously improve the structure, design, and functionality of our website.
  • Enhance user experience by adapting to visitor preferences and usage behavior.

No personal identification is possible through these anonymized profiles.

1. HOW WE USE YOUR PERSONAL DATA
1.1 Overview

This section explains:

  • The types of personal data we process.
  • The sources and categories of any data not directly obtained from you.
  • The purposes for which we process your personal data.
  • The legal grounds for processing your data.
1.2 Usage Data

We process data about your interactions with our website and services (“usage data”). This includes your IP address, geographical location, browser type and version, operating system, referral source, visit duration, page views, navigation paths, and details about how and when you use our services. We collect this data through cookies and similar technologies to better understand user behavior and improve our services. The legal basis for this processing is our legitimate interest in monitoring and enhancing our website and services.

1.3 Data from Advertising Campaigns

We collect personal data through Google and Facebook Lead Ads campaigns. This may include your name, email address, phone number, and travel-related details. This information is provided directly by you when interacting with these ads. We process this data to contact you, promote our services, and send other communications you have consented to. The legal basis for this processing is your consent.

1.4 Account Data

We process data associated with your account (“account data”), such as your name, email address, phone number, date of birth, and other information you provide during registration. This data is used to operate our website, deliver our services, ensure security, and maintain communication. The legal basis is the performance of a contract between you and us, as well as our legitimate interest in improving our website and services.

1.5 Service Provision Data

We process data related to the services we provide to you (“service provision data”). This includes your contact details, payment information, and any flight-related documents or communications necessary for claim processing. This data is used to deliver services and maintain accurate records. The legal basis is the performance of a contract and our legitimate interest in properly managing our business and website.

1.6 Messaging Data

We process data you provide for subscribing to email messages and newsletters (“messaging data”). This data is used to send you updates and relevant communications. The legal basis is your consent. Additionally, if you’ve previously used our services and have not opted out, we may send communications based on our legitimate interest in maintaining customer relationships.

1.7 Correspondence Data

We process any communication you send to us (“correspondence data”), including the content and associated metadata. For messages sent through our website, metadata is automatically generated. This data is used for communication and record-keeping. The legal basis is our legitimate interest in managing our business, ensuring high-quality customer interactions, and resolving disputes.

1.8 Legal Claims

We may process any of your personal data as necessary to establish, exercise, or defend legal claims in court or through other dispute resolution mechanisms. The legal basis is our legitimate interest in protecting and asserting our legal rights, as well as those of our users and partners.

1.9 Risk Management

We may process your personal data to obtain or maintain insurance coverage, manage risks, or seek professional advice. The legal basis for this is our legitimate interest in safeguarding our business from potential risks.

1.10 Compliance and Vital Interests

We may process any of your personal data to comply with legal obligations, protect vital interests, or safeguard the vital interests of another person.

2. WHEN DO WE SHARE YOUR PERSONAL DATA?
2.1 Sharing Within Our Corporate Group

We may share your personal data with members of our corporate group (including subsidiaries and our parent company) as needed to fulfill the purposes outlined in this policy.

2.2 Sharing with Insurers and Advisers

We may share your personal data with insurers and professional advisers when required for purposes such as obtaining or maintaining insurance coverage, risk management, seeking professional advice, or handling legal claims in court or through other resolution methods.

2.3 Sharing with Payment Service Providers

Your personal data may be shared with payment service providers as necessary to process payments, transfer funds, and address payment-related queries or complaints. Only the minimum required data will be shared for these purposes.

2.4 Sharing with Service Providers

We may disclose your personal data to third-party service providers to ensure the proper operation of our services. These providers may include website hosting services, courier companies, server maintenance teams, and email service providers. We require these providers to implement appropriate organizational and technical measures to safeguard your personal data.

2.5 Compliance with Legal Obligations

In addition to the disclosures described above, we may share your personal data to comply with legal obligations, protect your vital interests, or safeguard the vital interests of others.

2.6 Data Transfers Outside the EU/EEA

Some of the parties mentioned in this section may be located outside United Kingdom, the European Union (EU), or the European Economic Area (EEA). If we transfer your personal data to such entities, we will implement all legally required measures to ensure that your data remains secure and protected.

3. How Long We Store Your Data

3.1. We only retain your personal data for as long as is necessary to fulfill the purposes for which it was collected. Once it is no longer needed, we will securely dispose of it. The retention periods for different types of data are as follows:

  • Account Data: Retained for up to 5 years after the last update or 15 years after the completion of services, whichever is later.
  • Service Provision Data: Retained for no longer than 10 years after the provision of the service ends.
  • Messaging Data: Retained for 5 years after consent is provided or, if related to ongoing customer relations, up to 4 years following the completion of services.
  • Communication Data: Retained for a maximum of 2 years after the communication concludes.

3.2. In certain cases, it may not be possible to define a specific retention period in advance. For example, usage data will be retained for as long as it is necessary to fulfill the processing purposes.

3.3. Despite the general retention periods outlined above, we may retain your personal data longer if required to comply with legal obligations or to protect the vital interests of yourself or others.

4. Marketing Communications
4.1. Consent for Marketing

With your permission, we may send you marketing communications through mobile app notifications, email, and/or SMS to keep you informed about our latest updates, services, and offers.

4.2. Communications About Related Services

If we have previously provided services to you, and you have not opted out, we may share details about related products or services that may interest you.

4.3. Opting Out of Marketing Messages

You can choose to stop receiving marketing messages from us at any time.

4.4. How to Opt Out

You can opt out by:

  • Clicking the unsubscribe link included in any of our marketing communications.
  • Reaching out to us using the contact details provided in the “Contact Us” section.
4.5. Updating Your Preferences

Once you opt out, we will update your preferences to ensure you no longer receive marketing communications from us.

4.6. Processing Time for Opt-Out Requests

Please note that as we operate across multiple systems, there may be a brief delay in processing your request. During this time, you might still receive some marketing messages.

4.7. Service-Related Messages

Opting out of marketing communications will not affect messages related to the services you have requested or are currently receiving from us.

5. Your Rights

At AioFlight, we are committed to safeguarding your personal data and ensuring that you can exercise your rights under applicable data protection laws. Below, we outline your rights in a summarized manner. For a comprehensive understanding, we recommend consulting relevant laws or regulatory guidance.

5.1 Overview of Your Rights

You have the following rights under data protection laws:

  • Access: The right to request access to your personal data.
  • Rectification: The right to correct inaccurate or incomplete personal data.
  • Erasure: The right to request deletion of your data in certain circumstances.
  • Restriction: The right to limit processing of your data in specific situations.
  • Objection: The right to object to data processing based on legitimate interests or for direct marketing purposes.
  • Portability: The right to receive your data in a structured, machine-readable format.
  • Complaints: The right to file a complaint with a supervisory authority.
  • Withdraw Consent: The right to revoke consent at any time.
5.2 Right to Access

You can request confirmation on whether we process your personal data and, if so, access to it along with additional details such as processing purposes and recipient categories. A copy of your data will be provided free of charge initially, but further requests may incur a reasonable fee.

5.3 Right to Rectification

You can correct inaccurate personal data and complete incomplete information. Most updates can be made directly through your account on our website.

5.4 Right to Erasure

You may request the deletion of your personal data in cases such as:

  • The data is no longer necessary for the purposes it was collected.
  • You withdraw consent, and no other legal grounds exist for processing.
  • You object to processing, and no overriding legitimate grounds apply.
  • The data has been unlawfully processed.

However, exceptions may apply where data retention is necessary for legal obligations, freedom of expression, or legal claims.

5.5 Right to Restriction

You can request restricted processing of your data in the following scenarios:

  • You dispute the accuracy of your data.
  • The processing is unlawful, but you prefer restriction over deletion.
  • The data is no longer needed for processing, but you require it for legal claims.
  • You have objected to processing, pending verification of the objection.

During restriction, we may store your data but only process it under specific conditions, such as your consent or legal obligations.

5.6 Right to Object

You can object to data processing based on legitimate interests or public interest. We will cease processing unless we can demonstrate compelling legitimate grounds or the data is needed for legal claims.

You can also object to processing for direct marketing purposes or for scientific and statistical research.

5.7 Right to Data Portability

If processing is based on your consent or a contract, you have the right to request your data in a structured, commonly used, and machine-readable format. This right applies only where it does not infringe on the rights of others.

5.8 Right to Lodge a Complaint

If you believe your data has been processed unlawfully, you can lodge a complaint with the supervisory authority in your country. In the European Union, you may contact the supervisory authority of your habitual residence, workplace, or the place of the alleged infringement.

For EU processing, AioFlight’s data activities are supervised by the UK Information Commissioner’s Office (ICO).

5.9 Right to Withdraw Consent

Where processing is based on your consent, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before the withdrawal.

5.10 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact section of this Privacy Policy. We are committed to addressing your concerns promptly and ensuring the protection of your personal data.

6. About Cookies
6.1 What Are Cookies?

Cookies are small text files that a web server sends to your browser, which are then stored on your device. These files contain a unique identifier that allows the server to recognize your browser when you request a page from the website.

6.2 Do Cookies Contain Personal Data?

While cookies typically do not store information that directly identifies you, they may be linked to personal data we hold about you, enabling us to provide a more tailored user experience.

7. Types of Cookies We Use

We use three primary categories of cookies on the AioFlight website to ensure functionality, enhance user experience, and optimize our services:

7.1 Essential Cookies

These cookies are necessary for the website to function properly. They help with:

  • Securing your data and our website.
  • Providing reliable service functionality.
  • Ensuring a smooth account setup process.
7.2 Functional Cookies

Functional cookies improve your experience on our website. They allow us to:

  • Analyze how you interact with our services.
  • Identify areas for improvement in the system.
  • Deliver a more seamless and personalized experience.
7.3 Advertising Cookies

Advertising cookies help us understand your online behavior to:

  • Optimize our marketing campaigns.
  • Provide advertisements tailored to your preferences.
  • Measure the effectiveness of our promotional efforts.

You can manage or disable cookies through your browser settings, though doing so may impact your experience with our website and services.

8. Cookies Used by Our Service Providers
8.1 Our Use of Service Providers’ Cookies

Our website integrates cookies provided by third-party service providers. These cookies may be stored on your device when you visit our site.

8.2 Service Providers and Their Cookies

Here are the specific cookies used by our service providers and their purposes:

  1. Cloudflare:
    • Purpose: Identifies website visitors and customizes security settings.
    • Benefit: Protects the website and its users.
    • Cloudflare Privacy Policy.
  2. Google Analytics:
  3. Facebook (Login):
    • Purpose: Enables account creation via Facebook.
    • Benefit: Offers an alternative, seamless registration method.
    • Facebook Privacy Policy.
  4. Google (Login):
    • Purpose: Enables account creation via Google.
    • Benefit: Provides another easy registration option.
    • Google Privacy Policy.
  5. YouTube:
    • Purpose: Displays embedded video content on the website.
    • Benefit: Enhances dynamic and informative website features.
    • YouTube Privacy Policy.
  6. Google Maps:
  7. Google Tag Manager:
  8. LinkedIn:
  9. TikTok:
    • Purpose: Displays TikTok content on the website.
    • Benefit: Increases website interactivity and relevance.
    • TikTok Privacy Policy.
9. Managing Cookies
9.1 How to Manage Cookies

Most browsers allow you to block or delete cookies. The method for doing so depends on your browser and its version. You can find specific instructions on the official websites of browsers like:

9.2 Impact of Blocking Cookies

Disabling cookies may negatively affect your browsing experience, as some features and services on the website may not work as intended.

9.3 Limitations

While you can opt out of cookies, certain essential functionalities may remain cookie-dependent.

10. Third-Party Websites

Our website may contain links to external websites operated by partners, information providers, or related entities. Please note that these third-party websites have their own privacy policies, which may differ from ours. We are not responsible for the content or privacy practices of these external sites. We strongly recommend that you review their privacy policies before providing any personal data on those websites.

11. Children’s Personal Data

11.1. Our website and services are intended for individuals over the age of 16.

11.2. If we process personal data of individuals younger than this age, it will only be done with the consent of the parent or legal guardian.

11.3. If we discover that we have inadvertently collected personal data from someone under the age of 16 without proper parental consent, we will promptly remove that data from our records.

Updating Your Data

If the personal information we hold about you is incorrect or needs to be updated, please inform us so that we can make the necessary corrections.

Changes to this Privacy Policy

We may revise this Privacy Policy periodically to reflect changes in legal requirements, our organizational structure, or adjustments to our practices. Any significant updates will be communicated to you via email or a prominent notice on our website before they take effect. We recommend regularly reviewing this page to stay informed about how we protect your privacy.

Contact Information

AioFlight Ltd
7 Bell Yard,
London, WC2A 2JR,
United Kingdom

Email: privacy@aioflight.com
Last Updated: 21 November 2024

By clicking “Yes, I agree,” you consent to AioFlight’s Privacy Policy. This includes our use of cookies to enhance your browsing experience, personalize content, provide social media features, and analyze our website traffic. Additionally, we may share information with our advertising, analytics, and social media partners for their own purposes. You can manage your cookie preferences by clicking the “View Cookie Settings” button. For further details on how we handle your personal data, please refer to our Privacy Policy. Privacy Policy