← Naviby

Privacy Policy

Last updated: 2026-05-24 · Naviby is operated from Canada and complies with PIPEDA, GDPR (EU/UK visitors), and CCPA (California visitors).

What we collect

  • Account email (Supabase Auth).
  • Self-declared eligibility: employer carrier, travel-access presets (e.g. Star Alliance / ZED), flexibility days, party members. No passwords or staff-travel credentials are ever stored.
  • Trips you create (origin, destination, date) and outcomes you submit (got on / didn't, optional notes/rating).
  • Community observations you choose to share (cabin fullness bucket, standby counts, source affirmation). Aggregated and anonymized before any other user sees them — never tied to your account on public surfaces.
  • Nav Points balance and referral activity (your referral code, who you invited, completion status).
  • Web Push subscription endpoint (when you opt in to alerts) so we can deliver notifications. Stored only while alerts are enabled.
  • Hashed IP address on important actions (trip create, observation submit, share-link access) for abuse prevention. Raw IPs are never stored.

Payment data

Payments are processed by Stripe. Naviby never sees or stores your full card number, CVV, or bank details. We store your Stripe customer id and subscription/payment status so we can grant or revoke Premium access, and a receipt history is available via the Stripe Customer Portal.

What we DO NOT collect

  • Your airline employer credentials.
  • Data from FlyZED, MyIDTravel, ResWeb, NetEx, ID90, or any other proprietary carrier system. Submitting such data is forbidden by our Terms.
  • Real-time location, contacts, device identifiers, advertising identifiers, or any data not needed for decision support.
  • Cross-site tracking. No ad pixels, no fingerprinting.

How we use your data

  • Compute recovery recommendations specific to your trip and self-declared eligibility.
  • Notify you about plan-affecting events (delays, new options, listing-window reopens) — only when you opt in to alerts.
  • Improve community signals using de-identified, aggregated contributions — not individual records. Aggregates surface only after at least three independent reports converge.
  • Award Nav Points and process referral payouts (each side of a referral earns 100 NP when the invitee makes their first contribution).
  • Process payments via Stripe and grant Premium access.

Sub-processors

Naviby uses the following third parties to deliver the service. Each receives only the data needed for its role.

  • Supabase — primary database, authentication, file storage. Row-level security restricts access to the owner of each row.
  • Vercel — application hosting, edge network, web analytics (page-view counts only — no fingerprinting, no cross-site identifiers).
  • Stripe — payment processing, hosted checkout, Customer Portal, subscription management.
  • FlightAware AeroAPI — flight schedule, status, and historical on-time lookups. We send only public flight identifiers (carrier code, flight number, route, date). No personal data is shared.
  • Email delivery (transactional) — Supabase Auth delivery providers for magic-link sign-in. No marketing email is sent without separate opt-in.

Who we share with

Nobody outside the sub-processors above. Aggregated, de-identified statistics may inform future partner relationships; individual records are never shared, sold, or used to train third-party AI systems.

Your rights

  • Access — request a copy of your data anytime at privacy@naviby.com.
  • Deletion — delete your account directly at /app/account/delete. Full purge within 30 days (GDPR Article 17).
  • Portability — request a JSON export of your trips, observations, NP ledger, and profile.
  • Withdraw consent for aggregation, push alerts, or marketing without losing service access.
  • Object / complain — EU/UK users may contact your local data protection authority. California users may exercise CCPA rights via the same privacy email.

Retention

  • Active trips and profile: kept while you have an account.
  • Completed trips + outcomes: retained 24 months unless you delete sooner.
  • Community observations: kept indefinitely (anonymized).
  • Stripe payment records: retained per Stripe's and our tax obligations (typically 7 years).
  • Audit logs: 12 months.
  • Account deletion purges trip + profile data within 30 days.

Security

Encrypted in transit (TLS 1.3) and at rest. Row-level security in the database means even a server-side bug can't accidentally return another user's rows. Webhook signatures on payment events. Service-role secrets rotated on incident.

Contact

Privacy questions: privacy@naviby.com. We respond within 5 business days.

Disclaimer

Naviby is a decision-support tool. Always verify listing, check-in, visa, entry, and staff-travel rules with your airline or official source. Naviby does not guarantee boarding.

PrivacyTermsCookies© Naviby