Legal

Privacy Policy

Effective date: March 29, 2026 · Last updated: March 29, 2026

Summary: We collect the bare minimum — your email and departure airport. Payments go through Stripe; we never see your card. We don't sell your data. Ever.

1. Who We Are

Fly Alerts LLC ("FlyAlerts," "we," "us," or "our") is the data controller responsible for your personal information. We are a Wyoming limited liability company located at 75 E 3rd St, Ste 7, Sheridan, WY 82801. For privacy inquiries, contact us at support@flyalerts.com.

FlyAlerts is an independent company and is not affiliated with, endorsed by, or associated with any airline or travel provider.

2. Information We Collect

2.1 Information You Provide

Account data: Email address, departure airport (IATA code), and a cryptographically hashed password
Support communications: Content of messages you send to our support team

2.2 Information Collected Automatically

Usage data: Pages visited, alert open rates, click-through rates, device type, browser type, operating system, and IP address
Cookies and similar technologies: See our Cookie Policy for full details

2.3 Information We Do NOT Collect

Full credit or debit card numbers, CVV codes, or billing addresses (these are handled exclusively by Stripe)
Social Security numbers or government-issued identification
Travel itineraries, booking details, or flight reservations
Precise geolocation data

3. How We Use Your Information

Purpose	Legal Basis
Deliver fare alerts to your email	Performance of contract
Process your payment via Stripe	Performance of contract
Send service-related communications (account confirmations, policy updates, service changes)	Performance of contract / Legitimate interest
Respond to support requests	Performance of contract
Improve our Service and develop features	Legitimate interest
Detect and prevent fraud or abuse	Legitimate interest
Comply with legal obligations	Legal obligation

We do not sell, rent, lease, or trade your personal information to third parties for marketing purposes. We have never done so and have no plans to do so.

4. Data Sharing

We share your data only with the following categories of service providers, and only to the extent necessary:

Stripe, Inc. — Payment processing and fraud prevention. Stripe is PCI-DSS Level 1 certified. Stripe Privacy Policy
Email delivery providers — To send fare alerts and transactional emails. These providers process your email address under strict data processing agreements.
Analytics providers — To understand aggregate website usage patterns. Data is anonymized or pseudonymized where possible.
Legal authorities — If required by law, regulation, subpoena, court order, or valid legal process

We do not share your data with airlines, travel agencies, data brokers, or advertisers.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. After your subscription expires, we retain your data for up to 12 additional months to facilitate potential re-subscription, after which it is automatically deleted. If you request deletion, we will remove your personal information within 30 days, except where we are legally required to retain it (e.g., tax and financial records, which may be retained for up to 7 years).

6. Data Security

We implement industry-standard security measures including:

Encryption in transit (TLS 1.2+/SSL) for all data transmission
Cryptographic password hashing (bcrypt) — we never store plaintext passwords
Restricted access controls with the principle of least privilege
Regular security reviews of our infrastructure

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security and are not liable for breaches caused by factors beyond our reasonable control.

7. Your Rights

Depending on your state of residence, you may have the following rights:

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal information
Portability: Request your data in a structured, machine-readable format
Opt-out: Opt out of non-essential communications and analytics tracking
Non-discrimination: Exercise your privacy rights without discriminatory treatment

To exercise any of these rights, email support@flyalerts.com. We will verify your identity and respond within 45 days (or as required by applicable law).

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to know: What personal information we collect, use, and disclose
Right to delete: Request deletion of your personal information
Right to opt out: Opt out of the "sale" or "sharing" of personal information. We do not sell or share your personal information as defined by the CCPA/CPRA.
Right to correct: Request correction of inaccurate information
Right to limit: Limit the use of sensitive personal information. We do not collect sensitive personal information as defined by the CPRA.

You may exercise these rights by contacting support@flyalerts.com or calling +1 (307) 317-7301. We will not discriminate against you for exercising your rights. See our Do Not Sell or Share page for more information.

9. Other State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with consumer privacy laws may have similar rights to access, correct, delete, and opt out. Contact us at support@flyalerts.com to exercise your rights under applicable state law.

10. Children's Privacy

FlyAlerts is not directed at individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected data from a minor, we will promptly delete it. If you believe a child has provided us with personal data, contact us immediately at support@flyalerts.com.

11. International Data

FlyAlerts is based in the United States and processes all data within the US. Our Service is currently available only to US residents. If you access our website from outside the US, be aware that your data will be transferred to and processed in the United States.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and/or by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance. We encourage you to review this page periodically.

13. Contact

For privacy questions, data requests, or complaints:

Fly Alerts LLC
75 E 3rd St, Ste 7, Sheridan, WY 82801, United States
Email: support@flyalerts.com
Phone: +1 (307) 317-7301