Confidentiality Policy

General Information

Personal data is any information that relates to you as a user of the website which can be used to directly or indirectly identify you.

This website collects and processes personal data pursuant to the requirements of international laws and only for air transportation and provision of related services in accordance with the public agreement "Website Use Rules". We transfer personal data only to reliable partners via secure protocols (for example, to international booking systems). We restrict access to personal data through password authentication and secret codes. We store personal data in an encrypted form and only for the purpose of improving the usability of the service. At the same time, we allow the data owner to view, edit, and delete this data via their personal account.

You do not need to create an account in the system to purchase as an individual. In this case, access to your order will be limited by a secret access code (a set of numbers and letters) that will be displayed on the order page and repeated in a letter confirming booking. We store your cookies so you do not have to enter an access code every time the page is updated. If you have forgotten or lost the access code and changed the device, access to the order can be restored by entering its number and the surname of the first passenger. To ensure that the access code or the number and surname cannot be guessed manually, the system limits the number of sign-in attempts per unit of time.

If you create an account in our system, your orders will be linked to this account and listed in your personal account. We will also store data about the passengers you have entered so that you can reuse this information when creating new orders. Nobody except you has access to the passenger data saved in the personal account. You can delete your account using your personal account. In this case, all personal data related to your account, including orders, will be deleted from the system.

Personal data related to orders are stored encrypted. Only you and our employees will have access to this data. Our employees use your data only to analyze and solve technical problems (for example, an error when booking due to an unacceptable format or an entry that is too long). Use for other purposes is prohibited by the non-disclosure agreement signed by each of our employees. The personal data in the orders will be deleted after the end of the service provision period, after the end of the acceptable periods for exchanges and refunds for the service, and after the end of the reporting period.

We send emails and SMS only:

  • regarding the current status of your orders
  • to confirm your email address during registration
  • to change the password after registration

During registration, you can also subscribe to receive news about the company, attractive promotions, and special offers. You can unsubscribe from this newsletter at any time by clicking the "unsubscribe" link in the email.

Our system does not receive or store bank card information. All payments go through reliable and certified bank systems or payment gateways. We only receive and process the successful or unsuccessful result of your payment.

 

Rights of Personal Data Subject

Personal data are processed in accordance with the website use rules and in compliance with this Confidentiality Policy.

You have the right to receive, edit, or completely delete your personal data.

You have the right to request by email or phone:

  • one copy of your personal data for free
  • detailed information about the companies (about reservation systems) and the country of their location, where your personal data was or will be transferred
  • any information related to the purposes and periods of processing, and to the sources of your personal data (if it does not contradict legal requirements)

The system does not process personal data for the purpose of making automated decisions affecting the cost of an order or decisions restricting the rights of the personal data subject.

Information Collected and Processed By Our System

We receive the following information from you:

Data type

How it is used

Where it is transferred

How long it is stored

Browser language

To determine the language version of the website

Not transferred

Not stored

Browser type

To determine specific parameters to correctly display the website

Transferred to booking systems if this is a required parameter

Stored in logs for up to 3 years (only to investigate and solve technical problems)

Internet Protocol address (IP)

To determine the departure airport nearest to the user. To limit the number of attempts critical to an operation`s security (protection against attacks)

Transferred to booking systems if this is a required parameter

Stored in logs for up to 3 years (only to investigate and solve technical problems)

Search query parameters

To pre-fill the search form after updating the page or returning to the website

Transferred to booking systems to receive offers (search results)

Not more than a week on the server, 1 year in the client`s browser

Data on passengers (upon purchase)

To book and issue tickets

Booking systems and airlines

3 months after completion of the service (encrypted)

Data on passengers (in the personal account)

To fill in data in new orders

Not transferred

Unlimited in encrypted form (before deletion by the user)

User`s email address (upon purchase)

To book and issue tickets. To send e-tickets and emails about the order status

Booking systems and airlines

3 months after completion of the service (encrypted)

 

User`s phone number (upon purchase)

To book and issue tickets. To send SMS about the order status

Booking systems and airlines

3 months after completion of the service (encrypted)

 

User`s email address (upon registration)

To identify the user. Password recovery.

Newsletter management system in case of direct user`s consent

Unlimited (before deletion by the user)

User`s password

To verify identity

Not transferred

Unlimited (before deletion by the user) as a hash sum.

 Cookie Policy

Cookies are files with data relating to our system that are stored on your device.

You manage the stored data yourself and you can delete them at any time. It is not recommended to completely disable cookies, since it can adversely affect the available functionality of our system.

We use the data from these files only:

To ensure safety:

We specifically identify your device and restrict unauthorized access to your personal data from other devices. As a result, you can purchase tickets without creating an account.

During authentication (entering a user name and password), we remember you via a unique session identifier stored in the cookie. This allows you to not re-enter your user name and password for each operation that requires identification.

To improve system quality:

We save the website settings that are helpful to you, for example, the language or the currency.

We save the last entered search parameters so you do not have to fill out the form again.

To collect analytical data:

We strive to improve our service and make it faster, more stable, and more convenient. To identify problematic and non-optimal pages, we use cookies to collect anonymous analytical information in the Yandex.Metrika and Google Analytics systems.

For effective and useful advertising.

We use ad serving systems (for example, Google AdWords, Yandex.Direct) to promote our product.

These systems collect anonymous statistical information about you for an effective and unobtrusive advertising campaign.

Data Storage Policy

1. Security of access to personal data is provided by authentication and authorization.

2. Security of access to personal data of unregistered buyers is provided via unique access codes or identification of the buyer`s device (using cookies).

3. Employees of companies who have access to personal data sign a non-disclosure agreement and go through two-factor authentication.

4. Personal data is encrypted during transfer and storage (including backups), and the integrity of the encrypted data is verified by checksums. Encryption algorithm: symmetric with 256-bit key and random vector.

5. Secure storage of passwords (via hash sums without the ability to restore the user`s original password).

6. Passwords and access codes to personal data are protected from brute force selection.

7. Protection against data loss is arranged through a real-time replication system and daily backups.

8. All operations for accessing personal data are logged.

Changes to Confidentiality Policy

The requirements of international laws and agreements on personal data change and we must comply with them. Moreover, we are constantly improving our system and adding new functions and new booking systems. We are continuously improving the mechanisms for protecting personal data. All this requires changes to this Confidentiality Policy. The new document will be effective from the date of publication.

Contact Information

Date of publication: 05/25/2018