Introduction
We are committed to collecting, using, processing, and sharing personal data responsibly, in compliance with applicable privacy laws, to protect your data rights. We use technical and organizational measures to ensure compliance with data protection, privacy, and security legislation in the regions where we operate, including the General Data Protection Regulation (GDPR) and the Digital Services Act (DSA). This Privacy Policy describes the key principles governing our handling of your personal data and explains our responsibilities in ensuring your information is protected.
Contact Information
Terms Used as Legal Guidelines
We process your personal data based on specific legal grounds, including consent and legitimate interests. Consent is your explicit permission for data processing for a particular purpose, while legitimate interests justify processing where it's necessary, provided it respects your rights. Additionally, some laws, such as the Digital Services Act, may impose specific legal obligations that require us to process certain data. We comply with all such legal grounds as required.
Consent and Other Legal Bases
If you provide consent, you may withdraw it at any time by contacting us via the appropriate channels listed on our 'Contact Us' page. Upon withdrawal, we will stop processing your data unless another legal basis (e.g., legal obligation, legitimate interest, or contract) justifies its continued use, in line with your rights.
Our Responsibilities
We comply with all applicable privacy laws, including the GDPR and the DSA, when processing personal data, acting as either a data controller or a data processor, as the situation requires.
Your Responsibilities
Please review this Privacy Policy thoroughly to understand your rights. Maintain the confidentiality and security of your personal data. If you provide personal information about others, ensure that you have the proper authorization to do so.
Processed Data
We collect personal data when you use our Platform (https://BestFlightsPrices.com/), including browsing, subscribing, communicating, using services, receiving notifications, or when required by law. This data may include your browsing history, demographic details, email, and information related to how you use our Platform.
Please note that BestFlightsPrices.com functions as a travel aggregator and does not host user-generated content such as reviews, comments, or personal profiles. Data processed related to user interactions is primarily for service provision, platform functionality, and compliance.
Recipients of Your Data
Your data may be accessed by authorized personnel within our company, including management, technical, and customer support teams, strictly on a need-to-know basis.
In specific circumstances, and when legally required or permitted, your data may also be disclosed to:
• Third-party service providers and partners: As detailed in the 'Data Location and Third-Party Services' section.
• Public authorities and regulatory bodies: This includes EU Member States' authorities, the European Commission, and the European Board for Digital Services, when we are subject to a legal obligation to respond to legitimate requests, orders for information, or other legal processes as mandated by laws such as the Digital Services Act.
• Our Legal Representative in the EU: For the purpose of receiving and forwarding official communications as required by Article 13 of the DSA.
Purpose and Legal Basis for Data Processing
We process your data for the following purposes and under the following legal bases:
• Providing Services: To operate and maintain our Platform, provide you with flight deals, and manage your subscriptions (Legal Basis: Contract).
• Sending Newsletters or Offers: To send you promotional communications based on your preferences (Legal Basis: Consent or Legitimate Interest, where applicable).
• Maintaining the Platform: For technical operation, troubleshooting, and ensuring the security and stability of our services (Legal Basis: Legitimate Interests).
• Preventing Fraud and Misuse: To protect our services and users from fraudulent or malicious activities (Legal Basis: Legitimate Interests, Legal Obligation).
• Improving Our Services: To analyze usage patterns and gather feedback to enhance Platform functionality and user experience (Legal Basis: Legitimate Interests).
• Offering Customer Support: To respond to your inquiries and provide assistance (Legal Basis: Contract, Legitimate Interests).
• Compliance with Legal Obligations (including DSA): To comply with applicable laws and regulations, such as responding to valid legal orders or notifications from authorities under the Digital Services Act (e.g., regarding illegal content reports, information requests), and maintaining records of such interactions (Legal Basis: Legal Obligation).
Your Data Subject Rights
You have several rights regarding your personal data under the GDPR, including the right to:
- Access the information we hold about you.
- Correct inaccurate data.
- Object to processing (including profiling) in certain circumstances.
- Request data portability.
- Request erasure of your data (the right to be forgotten).
- File a complaint with a supervisory authority regarding data processing.
- We strive to respond to all legitimate requests within one month, with possible extensions as allowed by law. To exercise these rights, please contact us via the dedicated user contact channels specified on our 'Contact Us' page.
Data Security
We take appropriate technical and organizational measures to ensure the security of your personal data. However, by using the Platform, you acknowledge that no data transmission over the internet can be guaranteed as 100% secure. You are responsible for keeping your login details (if any) confidential. Please report any privacy concerns or breaches to us immediately via our general user support channels.
Data Location and Third-Party Services
We are based in Israel, with servers hosted by Google Cloud in the USA, certified under the EU-U.S. Privacy Shield Framework. We may link to third-party websites, but our Privacy Policy does not apply to them—please review those sites' policies before sharing your data. Our third-party partners include:
- Travel and flight websites (for aggregation and linking).
- Analytics providers: Google Analytics, Hotjar.
- Marketing platforms: Google AdSense, AdWords, Remarketing, Bing, Gemini, Facebook, X (formerly Twitter).
- Payment processors (not for the general public)
Data Retention Policy
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including for the provision of services, compliance with legal obligations (e.g., tax, anti-fraud, and DSA record-keeping requirements), resolution of disputes, and enforcement of our agreements.
Specifically, data related to DSA compliance (e.g., records of illegal content notices, statements of reasons, and appeals) may be retained for specific periods as mandated by the DSA or relevant national laws. Generally, personal data is retained for 18 months, but specific data types may be retained for longer or shorter periods based on type, legal requirements, litigation, intellectual property, contracts, and operational needs.
Cookie Policy
We use cookies and similar tracking technologies to enhance Platform functionality and efficiency. You can manage your cookie preferences in your browser settings.
Transfer of Personal Data
If you reside in the EU/EEA, your data is processed in Israel and stored on Google Cloud servers in the USA. These international transfers are lawful under GDPR Article 45 (link) and conducted through the EU-U.S. Data Privacy Framework (DPF). These safeguards are in place to ensure that your data remains protected to GDPR standards when transferred outside the EU/EEA.