In this Privacy Policy, we explain how we handle your personal data when you contact us or use one of our services. In particular, we will tell you: Why we may process your personal data, for what purpose we process your personal data, whether you are required to provide us with certain information, how long we will store your personal data whether there are other recipients of your personal data, whether we intend to transfer your personal data to another country; and whether we use automated decision-making or profiling.
In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular Estonia's Personal Data Protection Act (Isikuandmete kaitse seadus), the EU's General Data Protection Regulation (GDPR), and only as described in this Privacy Policy.
Unless otherwise stated, ManySignals OÜ of Sepapaja tn 6, 15551 Tallinn, Estonia is the controller for all processing of personal data. There are many ways to contact us, including by e-mail or social media ( Facebook, Twitter, Telegram, Instagram ).
Every data subject has:
Furthermore, you can revoke consent, in principle with effect for the future.
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach a data protection supervisory authority.
Finally, you also have a right to object. This applies, on grounds relating to data processing on the basis of our legitimate interest and also to profiling. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
You may also withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the Purposes by submitting your request to us in writing. Should you withdraw your consent to the collection, use or disclosure of your Personal Data, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.
For the most part, we process personal data that has been provided to us directly by you. This can happen for various reasons:
If you contact us, we process the following data from you for the purpose of processing and handling your enquiry: Name, contact details -if provided by you- and your message. The legal basis of the data processing is our obligation to fulfil the contract and/or to fulfil our pre-contractual obligations and/or our legitimate interest in processing your enquiry.
You can register and log in to Manyflights.io. Here, too, we store data in order to create an account for you: E-mail address, chosen password. We store this data as long as you are registered with us. If you delete your account, we will delete your data unless there is a legal retention period on our part. In this case, we must store your data for longer.
The provision of bank details is subject to our payment processor Paddle. We do not collect or store payment information or bank details ourselves but receive payment confirmation statements. For further information, please refer to Paddle`s Privacy Policy by clicking on the above link. The legal basis for the data processing is the fulfilment of our contractual obligations and the fulfilment of our legal obligations.
By using our services, you are giving your consent to receiving notifications and messages per email. Those typically include flight information in relation to the airport you have selected, and about Manyflights.io. We use a third-party provider Twilio SendGrid to do so, and the system notifications are designed to enhance your experience. You can of course opt out from receiving notifications by following the unsubscribe instructions at the bottom of every notification e-mail sent by us. The legal bases are to provide you with our services and your consent as well as our legitimate interest.
In principle, you can use our website for purely informational purposes without disclosing your identity. However, our website collects a series of general data and information with each visit and this data is temporarily stored in log file. A log file is created in the course of an automatic protocol of the processing computer system. The following can be recorded: host name of the accessing end device, IP address, Date and time of the server request, Time sone difference to Greenwich Mean Time (GMT).
The temporary processing of the IP address by the system is necessary to technically enable delivery of the website to your computer. Processing your IP address for the duration of the session is necessary for this. The legal basis for this processing is our legitimate interest.
We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.
We process personal and non-personal data such as your IP address, when you wish to book flights and you will be redirected to Skyscanner. We have no influence or control over the data collected and processed by Skyscanner when you are being redirected and you can learn more about data processing in Skyscanner 's Privacy Policy linked above.
Automated decision making within the meaning of the Law No. 2997-VI and GDPR is not used at Manyflights.io.
No special categories of data are processed at Manyflights.io.
We are present on Facebook, Twitter, Telegram and Instagram on the basis of our legitimate interest. If you contact us via those social media platforms, you should note that the chat history can neither be deleted by us nor by you. And that, in accordance with the Law No. 2997-VI and the GDPR, the relevant social media platform and we are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. A Joint Controller Agreement itself if very legalistic and lengthy, but in a nutshell, it clarifies how the jointly responsible parties will fulfil the obligations arising from data protection laws that are applicable to them. The legal basis for the use of the relevant social media platform is our legitimate interest, your consent or, in the case of a (pre) contractual relationship with us, the initiation of a contractual service.
Within the scope of our business relationship, you are only required to provide personal data that is necessary for the establishment, implementation, and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it.
We secure our website and other systems through appropriate technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. However, and despite regular checks, complete protection against all dangers is not possible.
Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display.
Your personal data will only be passed on to third parties,
Your data will be stored by us for as long as it is needed for the respective purposes underlying the processing. Beyond that, we only store data insofar as we are legally obligated to do so, e.g., due to statutory retention obligations.
Within our website, we use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services (hereinafter uniformly referred to as "content"). This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content.
Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as being linked to such information from other sources.
The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any:
Insofar as you have also given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or contractual relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or contractual relationship with us
Direct Marketing generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us, or by our contracted service providers. Every directly addressed marketing sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.
This privacy and cookie policy is valid as of Tuesday, 11 April 2023. It is the current and valid version of our privacy policy. However, we point out that from time to time due to actual or legal changes a revision to this privacy and cookie policy may be necessary.
If you have any data protection questions, please feel free to contact us using the details provided above.