Privacy Policy

Last updated: August 11, 2025

Summary

Privacy is a fundamental human right. At Valisa, we are committed to protecting your personal information and will never sell your data. Our business model is built on providing paid services directly to customers, which allows us to maintain a healthy relationship with your data while respecting your privacy.

Ectoflow OÜ (registry code: 14963434) is dedicated to protecting your privacy. We are committed to complying with applicable data protection laws and safeguarding your rights. This Privacy Policy explains what information we collect, how we use it, and how we protect it.

What Data We Collect

We collect data that you voluntarily provide while using our Services, including:

  • Account Information: Email address and/or name during sign-up and login
  • Trip Data: Information you save in our trip planner
  • Payment Information: Details required to process payments for our services
  • Search Queries: Your flight and destination searches
  • Technical Information: Connection details, IP address, user agent, and timestamps
  • Logs and Telemetry: System logs and performance data

Why We Collect Data

We collect your data for the following purposes:

  • To enable you to use our Services
  • To process payments and transactions
  • To facilitate your search queries and provide relevant results
  • To improve and optimize our Services
  • To prevent, detect, and investigate malfunctions, incidents, or illegal activities
  • To ensure network and information security

How We Protect Your Data

Valisa protects your data through multiple security measures:

  • Secure Communication: We use encrypted communication protocols
  • Encrypted Storage: Your data is stored on encrypted storage systems
  • Continuous Monitoring: We constantly monitor and upgrade our security software
  • Minimal Data Collection: We collect only the minimum information necessary
  • Passwordless Authentication: We’ve integrated secure passwordless authentication
  • Security Standards: We follow OWASP Top 10 guidelines to minimize security risks

Data Retention

We retain your data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Your personal data may be deleted when:

  • The purpose for collection and use has been achieved
  • We discontinue the services we provide
  • You delete your user account
  • You request data deletion by contacting us directly

Cookies

Valisa uses Clerk for user authentication. Clerk integration loads a script on every page and sets strictly necessary cookies required for sign-in and registration.

These cookies do not store any personally identifiable information. We have tried to customize our authentication to prevent setting cookies on public pages. However, automatic session refresh requires the official Clerk integration.

Essential Cookies:

For more information about Clerk cookies, visit: https://clerk.com/docs/how-clerk-works/cookies

Local Storage

To improve your user experience, we may store certain information in your browser’s Local Storage (if supported). This includes:

  • Your last search origins and destinations to pre-fill fields when you return
  • Other feature preferences to enhance your experience

Local Storage information is kept only on your device and is not transmitted to our servers.

Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to our processing of your data
  • Request data portability

To exercise these rights, please contact us using the information below.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Ectoflow OÜ
Telliskivi 57
Tallinn 10412
Estonia

contact@valisa.io