Company Name: M/S Fly Fares International Services
Office Address: Near Canara Bank, College Road, Faridkot, Punjab, India, 151203
Email: info@flyfares.net
Phone: +91 77173 59400 | +91 62836 59400
Website: www.flyfares.net
Effective Date: July 2025

M/S Fly Fares International Services (“Fly Fares,” “we,” “our,” or “us”) respects the privacy of all clients and complies with major international data protection laws, including:

• PIPEDA (Personal Information Protection and Electronic Documents Act – Canada)
• CCPA/CPRA (California Consumer Privacy Act & California Privacy Rights Act – USA)
• GDPR (General Data Protection Regulation – European Union)

This policy outlines how we process, store, and protect personal information of our users globally.

🇨🇦 1. PIPEDA Compliance Policy (Canada)

1.1 Purpose

Fly Fares complies with Canada’s PIPEDA to ensure personal information is collected, used, and disclosed responsibly when offering travel-related services to Canadian residents or processing data from Canada.

1.2 Accountability

We have designated a Data Protection Officer (DPO) responsible for ensuring our compliance with PIPEDA and maintaining data-handling records.

Contact: info@flyfares.net

1.3 Principles of PIPEDA Compliance

Fly Fares adheres to the 10 PIPEDA Fair Information Principles:

1. Accountability: Fly Fares is responsible for protecting all personal data in its custody.
2. Identifying Purposes: We clearly state why data is being collected before or at the time of collection.
3. Consent: We only collect, use, or disclose information with informed and explicit customer consent.
4. Limiting Collection: We collect only necessary data for legitimate business and travel service purposes.
5. Limiting Use, Disclosure, and Retention: Data is used only for its intended purpose and deleted when no longer needed.
6. Accuracy: Personal data is kept as accurate and up-to-date as possible.
7. Safeguards: Data is protected with strong encryption, secure servers, and restricted access.
8. Openness: Customers can request details about our data practices at any time.
9. Individual Access: Clients may request access to their data or corrections to any inaccuracies.
10. Challenging Compliance: Individuals may challenge compliance concerns by contacting our Data Protection Officer.

1.4 Data Access Requests

Canadian residents can request access to their personal information or correction of inaccuracies by emailing info@flyfares.net.
We will respond within 30 business days.

🇺🇸 2. CCPA/CPRA Compliance Policy (California, USA)

2.1 Overview

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), Fly Fares provides specific rights and transparency to residents of California whose personal data we may process in connection with travel services.

2.2 Categories of Data Collected

• Personal identifiers (name, phone number, email, etc.)
• Travel details (destinations, flight info, visa data)
• Payment and transaction data (processed securely via gateways)
• Device and website usage information (cookies, IP, browser type)

2.3 Consumer Rights under CCPA/CPRA

California residents have the right to:

1. Know what personal information Fly Fares collects and why.
2. Access a copy of their personal data in a portable format.
3. Request Deletion of personal information, except when needed for business/legal obligations.
4. Opt-Out of data selling or sharing (Fly Fares does not sell personal data to third parties).
5. Correct inaccurate or outdated personal data.
6. Limit Use of Sensitive Data, such as passport or government ID numbers.

2.4 Exercising Your Rights

To make a privacy request under CCPA/CPRA, email us at info@flyfares.net with the subject line “CCPA Request.”
We will verify your identity before processing your request.

2.5 Data Sharing

We only share personal information with trusted travel partners (airlines, hotels, consulates) to process travel bookings. We never sell customer data.

2.6 Non-Discrimination

Fly Fares will not deny services, charge higher fees, or offer lower quality service to users who exercise their CCPA/CPRA rights.

🇪🇺 3. GDPR Compliance Policy (European Union)

3.1 Scope

This GDPR statement applies to all customers and partners in the European Economic Area (EEA) whose data is collected or processed by Fly Fares, either directly or through affiliated travel partners.

3.2 Legal Basis for Processing

We process data only under one or more of the following lawful bases:

• Contractual necessity – to provide travel services or booking assistance.
• Consent – for marketing or data storage beyond the transaction period.
• Legal obligation – to comply with tax, immigration, or travel laws.
• Legitimate interests – to improve our services and prevent fraud.

3.3 Data Subject Rights under GDPR

You have the following rights under the EU General Data Protection Regulation:

1. Right of Access: Request a copy of your data.
2. Right to Rectification: Correct inaccurate or incomplete data.
3. Right to Erasure (Right to be Forgotten): Request deletion of your personal data when no longer necessary.
4. Right to Restriction of Processing: Limit data processing under certain conditions.
5. Right to Data Portability: Request transfer of your data to another controller.
6. Right to Object: Object to data processing for direct marketing or profiling purposes.
7. Right to Withdraw Consent: You may withdraw consent at any time by emailing info@flyfares.net.
8. Right to Lodge a Complaint: You may file a complaint with your local EU Data Protection Authority.

3.4 Data Transfers

When transferring data outside the EU (e.g., to India, Canada, or UAE), Fly Fares ensures:

• Transfers are done under Standard Contractual Clauses (SCCs) or other approved safeguards.
• Partners are required to maintain GDPR-equivalent protection standards.

3.5 Data Retention

We retain personal data only for as long as needed for legal, accounting, and travel-related purposes. Data is securely deleted thereafter.

3.6 Data Security

• SSL encryption for online transactions
• Secure cloud-based storage with access control
• Regular audits to ensure compliance

🧾 4. Data Breach Policy

In case of a data breach:

• Fly Fares will notify affected individuals and relevant authorities within 72 hours (for GDPR cases) or as required by applicable law.
• The notification will include the nature of the breach, affected data types, and remedial measures taken.

📧 5. Contact Information

For all data privacy inquiries or complaints related to PIPEDA, CCPA/CPRA, or GDPR compliance, please contact:

M/S Fly Fares International Services
Data Protection Officer
📍 Near Canara Bank, College Road, Faridkot, Punjab, India, 151203
📧 Email: info@flyfares.net
📞 Phone: +91 77173 59400 | +91 62836 59400
🌐 Website: www.flyfares.net

🕒 6. Policy Updates

We may revise this policy periodically to reflect regulatory or operational changes.
Any updated versions will be published on our website with a new “Effective Date.” Continued use of our services indicates acceptance of the latest version.