Last updated: 6 June 2026
FlyLoft (“the application”, “we”) respects its users' privacy and processes personal data in accordance with Regulation (EU) 2016/679 (GDPR). This document explains what data we collect, for what purpose, and what your rights are.
The data controller is the administrator of the FlyLoft application. For any request regarding your data, contact us at noreply.flyloft@gmail.com.
We use only strictly necessary cookies: a session cookie, a “remember me” cookie and a cookie for your chosen language. On your first visit, the interface language may be detected from your browser settings or, as a fallback, from the country approximated from your IP address — processed locally, with no transfer to third parties. We do not use advertising or tracking cookies.
Data is stored on secure servers and kept for as long as your account is active. When you delete your account, the associated data is removed, except where the law requires retention.
We do not sell or rent your data. For sending transactional emails we use an email service provider, which processes data strictly on our behalf.
You have the right of access, rectification, erasure, restriction, portability and objection, as well as the right to lodge a complaint with the competent supervisory authority. You can delete your account directly from the app's settings.
We apply measures such as password hashing, CSRF protection, security headers (CSP, HSTS), rate limiting and per-user data isolation.
We may update this policy. The current version is always available at this address.