Privacy Policy

Last Updated: February 4, 2025

1. Introduction

This Privacy Policy explains how Vladislav Smolentsev e.U. ("we", "us", "our") processes your personal data when you use our flight deal notification service. This policy applies to all users of our website, mobile applications, and browser extensions.

For any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer at support@tripwingz.com or:

Vladislav Smolentsev e.U.
GLN Number: 9110033207190
Am Kahlenberg 1
1190, Vienna
Austria

2. How Tripwingz Works

Tripwingz is a flight deal notification service that helps you find and track the best flight deals. Here's how our service works:

  • We monitor flight prices from your selected home airport
  • We analyze price patterns and identify exceptional deals
  • We send notifications through your preferred channels when we find deals matching your criteria
  • We provide a personalized dashboard to manage your preferences and view deals

To provide these services, we need to collect and process certain personal data as detailed in this policy.

3. Categories of Personal Data We Process

3.1 Data You Provide Directly

  • Account Information:
    • Email address
    • Name (optional)
    • Password (encrypted)
  • Travel Preferences:
    • Home airport
    • Preferred destinations
    • Price alert thresholds
    • Travel dates flexibility
  • Communication Preferences:
    • Notification channels (email/push/SMS)
    • Frequency preferences
    • Marketing preferences

3.2 Data We Collect Automatically

  • Technical Data:
    • IP address
    • Browser type and version
    • Device information
    • Operating system
    • Time zone setting
  • Usage Data:
    • Pages viewed
    • Features used
    • Search history
    • Click patterns
    • Session duration
  • Location Data:
    • Approximate location (IP-based)
    • Selected home airport location

4. How We Use Your Data

We use your personal information to provide the Tripwingz service to you, to improve our platform, and to protect our legal rights. We limit the collection of personal information to that which is relevant for these purposes.

4.1 Essential Service Provision

  • Process your subscription and payments: We use your payment information to process your subscription payments through our payment processor, Stripe. We do not store complete credit card information on our servers.
  • Provide flight deals: To send you personalized flight deals based on your preferences and search history.
  • Account management: To create and manage your account, authenticate your access, and maintain your preferences.
  • Communication: To send you service-related communications, including deal alerts, account updates, and responses to your inquiries.
  • Security: To detect and prevent fraud, unauthorized access, and other security incidents.

4.2 Service Improvement and Analytics

  • Performance monitoring: To analyze how our services are used and improve their functionality.
  • Deal accuracy: To enhance the relevance and accuracy of flight deals we send you.
  • User experience: To improve our interface and service based on user feedback and behavior.
  • Technical optimization: To debug issues and optimize service performance.

4.3 Marketing and Communication

  • Promotional communications: To send you information about new features or services that may interest you (with your consent).
  • Customer feedback: To request feedback and improve our services.
  • Market research: To conduct analysis and research to improve our services.

4.4 Legal and Regulatory Compliance

  • Legal obligations: To comply with applicable laws and regulations.
  • Fraud prevention: To protect against fraudulent transactions and abuse of our services.
  • Legal rights: To establish, exercise, or defend our legal rights when necessary.
  • Contractual obligations: To fulfill our contractual obligations to you and our partners.

4.3 Communication

  • To send deal notifications
  • To provide service updates
  • To respond to your inquiries
  • To send marketing communications (with consent)

5. Legal Bases for Processing

We process your personal data on the following legal bases:

  • Contract Performance (Art. 6(1)(b) GDPR)
    • Account management
    • Service provision
    • Customer support
  • Legitimate Interests (Art. 6(1)(f) GDPR)
    • Service improvement
    • Security measures
    • Analytics
  • Consent (Art. 6(1)(a) GDPR)
    • Marketing communications
    • Cookie usage
    • Location data
  • Legal Obligation (Art. 6(1)(c) GDPR)
    • Tax requirements
    • Data protection requirements
    • Other legal compliance

6. Data Sharing and Recipients

6.1 Service Providers

We share data with:

  • Cloud hosting providers
  • Email service providers
  • Analytics providers
  • Customer support platforms
  • Payment processors

6.2 Legal Requirements

We may share data when:

  • Required by law
  • Enforcing our terms
  • Protecting our rights
  • Preventing fraud

7. International Transfers

When we transfer data outside the EEA, we ensure adequate protection through:

  • EU Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • EU-US Privacy Shield (where applicable)

8. Data Retention

We retain different types of data for different periods:

  • Account data: Duration of account + 30 days
  • Transaction records: 7 years (legal requirement)
  • Marketing preferences: Until consent withdrawal
  • Technical logs: 26 months
  • Usage analytics: 14 months

9. Your Privacy Rights

Under GDPR, you have the following rights:

  • Access (Art. 15): Request a copy of your data
  • Rectification (Art. 16): Correct inaccurate data
  • Erasure (Art. 17): Request data deletion
  • Restriction (Art. 18): Limit processing
  • Portability (Art. 20): Receive/transfer your data
  • Objection (Art. 21): Object to processing
  • Automated Decisions (Art. 22): Human intervention

To exercise these rights, contact our Data Protection Officer at support@tripwingz.com. We'll respond within 30 days.

10. Security Measures

We implement appropriate technical and organizational measures:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training
  • Incident response procedures
  • Backup and recovery systems

11. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential functionality
  • Performance monitoring
  • User experience improvement
  • Marketing (with consent)

Manage your preferences through our cookie banner powered by Usercentrics.

12. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect data from children under 16. If you become aware that a child has provided us with personal data, please contact us.

13. Changes to This Policy

We may update this policy periodically. We will notify you of any material changes by:

  • Posting a notice on our website
  • Sending an email to registered users
  • Updating the "Last Updated" date

14. Complaints

You have the right to lodge a complaint with a supervisory authority. In Austria, contact:

Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
Austria
Email: dsb@dsb.gv.at