Skip to content

Privacy Policy

Last updated: April 21, 2026

1. Data controller

Francesco Antonio Sessa
Milan (MI) — Italy
VAT: IT 11722650964
Email: privacy@flightguard.app

2. Data collected

2.1 Data provided by the user

2.2 Data collected automatically

3. Purposes of processing

4. Legal basis

Processing is based on the user's consent (art. 6.1.a GDPR) for the alert subscription and the sending of emails, and on legitimate interest (art. 6.1.f GDPR) for rate limiting, security of the service and aggregated analytics.

5. Data retention

6. Sharing with third parties

Data is not sold and we do not share your email address or other contact data with third parties for direct marketing purposes. To provide the service we use the following data processors (art. 28 GDPR):

ProviderPurposeLocation / Transfer
Cloudflare, Inc. Hosting, CDN, database (D1), key-value store (KV) EU (WEUR region)
Resend (Resend Technologies, Inc.) Sending of alert emails (receives your email address and the content of the email) United States — transfer covered by EU Standard Contractual Clauses
Anthropic PBC Generation of the natural-language explanation of the risk score (receives flight number, date, score and aggregated data on the risk signals — not the email address) United States — transfer covered by EU Standard Contractual Clauses
Umami Analytics (self-hosted) Anonymous traffic analysis, without cookies or persistent user identifiers EU (servers managed directly by the controller)
Expo (650 Industries, Inc.) Push notification service (receives your device token, the iOS/Android platform, and the text of the notification — not the email address). The token is an anonymous device identifier. United States — transfer covered by EU Standard Contractual Clauses
Apple Inc. (APNs) and Google LLC (FCM) Native OS channels for delivering push notifications: Expo forwards the already-prepared content to the respective system channel. They do not introduce new processors beyond those already covered by the use of iOS/Android. United States — covered by the iOS/Android terms

FlightAware is used as a public source of flight information (flight number, schedules, status): it receives no personal data of the user.

With your consent to marketing cookies, the affiliate partner Travelpayouts (independent data controller) may collect data via third-party cookies for affiliate conversion attribution and remarketing. This processing takes place only with prior consent and is governed by the Travelpayouts privacy policy; see also the Cookie Policy.

7. Tracking of alert emails

The alert emails sent by FlightGuard contain:

To disable tracking you can delete the alert (see section 8): the deletion also removes all the associated click history.

8. User rights

Pursuant to articles 15-22 of the GDPR you have the right to:

Deletion via the "cancel alert" link present in every email, or via the DELETE /api/alerts/:id endpoint, immediately removes the email, the alert record and the associated click history from all our archives (KV and D1). For any other request, write to privacy@flightguard.app: we respond within 30 days.

9. Cookies

See our Cookie Policy for information on the cookies used.

10. Changes

We publish changes to this policy on this page by updating the date at the top. For substantial changes, we will inform subscribed users by email.