Auronex Fly is operated by AURONEX SAS (RCS Lyon 101 130 235), the data controller, whose registered office is in the Lyon metropolitan area, France. This Privacy Policy explains what personal data we collect as a travel metasearch and comparison service, how we use it, and the rights you have under the EU General Data Protection Regulation (GDPR) and the French Loi Informatique et Libertés.
1. Introduction
This Privacy Policy applies to all users of Auronex Fly — our website, mobile applications, and related services (the “Service”).
By using the Service, you acknowledge that you have read and understood this policy. If you do not agree, please do not use the Service.
2. Data We Collect
Because Auronex Fly is a metasearch service, we collect much less data than a traditional travel agent. We do not receive your payment card number, date of birth, passport number, or any other traveller document — those are collected by the booking partner on their own platform once you click through.
a) Data you provide directly to Auronex Fly:
- Email address (for optional account creation, magic-link login, price alerts, newsletter)
- Search preferences you choose to save (saved trips, favourite destinations, price-alert thresholds)
- Messages you send us via the contact form, WhatsApp or email
- Optional corporate-travel enquiry details (company, phone, travel needs)
b) Data collected automatically when you browse:
- IP address and approximate geolocation (country / city)
- Device information (browser, operating system, screen size)
- Usage data (pages viewed, searches made, outbound clicks to partners)
- Referring URL and UTM parameters
- Cookies and similar technologies (see Section 6)
c) Data we receive from third parties:
- Live flight, hotel, car, transfer, activity, eSIM and insurance availability and pricing from our distribution partners (Travelpayouts / Aviasales / Hotellook, Duffel, GetYourGuide, Viator, EKTA, Discover Cars, Airalo, and similar).
- Affiliate-click confirmations (did the click result in a booking? what was the commissionable amount?) — we receive the aggregate, not your payment details.
- Aggregated/anonymised analytics from partners.
Important: Once you click through to a booking partner, the data you provide there (name, passport, card, billing address, traveller details) is collected and controlled by that partner, under their privacy policy. Auronex Fly does not receive that data.
3. How We Use Your Data
We process your personal data to:
- provide and personalize the Service (show relevant flights, hotels, deals);
- process bookings and payments;
- send transactional emails (confirmations, magic links, price alerts);
- operate the loyalty and referral programs;
- provide customer support via email, WhatsApp, or phone;
- prevent fraud, abuse, and security incidents;
- comply with legal obligations (tax, anti-money laundering);
- analyze usage and improve our products;
- send marketing emails — only with your consent (easy to unsubscribe).
4. Legal Basis (GDPR)
We rely on the following lawful bases under GDPR Article 6:
- Contract: Processing necessary to fulfill bookings.
- Consent: Marketing emails, non-essential cookies, push notifications.
- Legitimate interest: Fraud prevention, service improvement, security.
- Legal obligation: Tax records, law enforcement requests.
7. Your Rights
Under GDPR and similar laws, you have the right to:
- Access — request a copy of the personal data we hold about you;
- Rectification — correct inaccurate or incomplete data;
- Erasure — request deletion of your account and associated data;
- Restriction — limit how we process your data;
- Portability — receive your data in a machine-readable format;
- Objection — object to processing based on legitimate interest;
- Withdraw consent — at any time for consent-based processing;
- Lodge a complaint — with your national data protection authority (e.g., CNIL in France).
To exercise your rights, email support@auronexfly.com. We will respond within 30 days.
8. Data Retention
We retain personal data for as long as necessary for the purposes described:
- Account data: Until you delete your account.
- Booking records: At least 10 years (legal tax requirement).
- Marketing data: Until you unsubscribe or withdraw consent.
- Cookies: Up to 2 years, depending on type.
- Logs: Up to 12 months for security and fraud prevention.
9. Security
We implement technical and organizational measures to protect your data, including:
- HTTPS / TLS 1.2+ encryption for all data in transit;
- Encrypted storage for sensitive fields at rest;
- Regular security reviews, dependency scanning, and monitoring;
- Access controls limiting internal data access to strictly authorized personnel;
- No direct collection of payment cards, passports or ID documents — minimising the blast radius of any incident.
However, no system is 100% secure. If we become aware of a data breach that affects your personal data, we will notify you and the CNIL without undue delay, as required by Article 33 GDPR.
10. International Transfers
Some of our service providers may process data outside the European Economic Area (EEA). When this occurs, we rely on:
- European Commission adequacy decisions;
- Standard Contractual Clauses (SCCs);
- Supplementary safeguards as required.
11. Children's Privacy
The Service is not intended for children under 18. We do not knowingly collect data from minors. If you believe we have collected data from a child, please contact us immediately for deletion.
12. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on the Service at least 30 days before taking effect.
13. Contact Us
For any questions about this policy or your personal data:
- Email: support@auronexfly.com
- WhatsApp: +33759940932
- Data Protection Officer: dpo@auronexfly.com
If you are in the EU and believe your rights have been violated, you may also lodge a complaint with your local data protection authority.
See also: Terms of Service