Privacy Policy

Your privacy is important to us. This policy outlines how we handle your data under GDPR and CCPA.

Last updated: 3/2/2026

1. Information We Collect

To provide our travel services, Jetsera collects the following categories of data:

  • Identity Data: Name, profile picture, and your unique Google UID.
  • Contact Data: Email address.
  • Booking Data: History of tours booked, including dates and locations.
  • Preference Data: Your travel interests, wishlists, and saved itineraries.
  • Technical Data: IP address, browser type, and usage patterns.

2. Legal Basis for Processing

Under GDPR, we process your data under the following legal bases:

  • Contractual Necessity: To manage your bookings and account.
  • Consent: For marketing and non-essential cookies.
  • Legitimate Interests: To improve our platform security and user experience.

3. Information Sharing & Third Parties

We do not sell your data. However, we share information with:

Important: To facilitate "Cash on Arrival" bookings, we must share your identity data with local providers.

  • Tour Providers: To verify your booking for payment at the start of the activity.
  • Infrastructure Providers: Supabase (Database) and Firebase/Google (Auth & Analytics).
  • Legal Obligations: If required by law enforcement or government authorities.

4. Cookies & Tracking Disclosure

We use cookies and similar tracking technologies to analyze our Service.

ToolPurposeDurationType
Firebase AnalyticsPlatform performancePersistentAnalytics
Google Tag ManagerScript managementPersistentTechnical
Firebase AuthUser sessionPersistentEssential

5. Data Security

We implement technical and organizational measures to protect your data.

Data Breach: We will notify authorities within 72 hours of a breach.

6. International Data Transfers

Your data may be processed in countries outside the EEA, such as the US.

7. Children's Privacy

Jetsera does not knowingly collect data from anyone under the age of 16.

8. Third-Party Links

Our Service contains links to other sites. We are not responsible for their privacy practices.

9. US Privacy Rights (CCPA/CPRA)

California residents have specific rights regarding their personal information.

10. Your GDPR Rights

Under GDPR, you have the following rights:

Access:

Request a copy of your personal data.

Erasure:

Request deletion of your account/data.

Rectification:

Correct any inaccurate information.

Portability:

Request data in machine-readable format.

Objection:

Object to processing of your data.

Restriction:

Request temporary stop of processing.

11. Data Retention

We retain your information as long as your account is active.

12. Amendments to this Policy

We may update our Privacy Policy from time to time.

13. Data Privacy Inquiries

For any data-related queries, please contact us at legal@jetsera.com.

Email: privacy@jetsera.com

Note: You can also file a complaint with your local Data Protection Authority.

Return to Home