Privacy Policy

Flynd.org ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your personal data.

By using the Platform, you consent to the data practices described in this policy. If you do not agree, please do not use the Platform.

2.1 Information you provide directly:

• Account information: Name, email address, and password when you create an account
• Profile information: Profile photo, biography, and any other details you choose to add
• Campaign content: Trip descriptions, destination details, photos, videos, flight information, and other content you submit
• Mission content: Mission titles, descriptions, categories, proof photos and videos
• Communications: Messages, support requests, and other communications you send us

2.2 Payment information:

We use Stripe, Inc. to process all payments. When you make a donation or receive funds, Stripe collects and processes your payment card details directly. Flynd does not store, see, or have access to your full card number, CVV, or bank account credentials. We receive only transaction identifiers and amounts from Stripe. Please review Stripe's Privacy Policy for details on how they handle your payment data.

2.3 Automatically collected information:

• Usage data: Pages visited, features used, clicks, and time spent on the Platform
• Device and browser information: IP address, browser type, operating system, and device identifiers
• Log data: Server logs, error reports, and performance data
• Cookies and similar technologies: Session tokens, authentication cookies, and preference cookies (see Section 8)

We use the information we collect to:

• Provide, operate, and improve the Platform
• Authenticate your identity and maintain your account
• Process donations and campaign fund disbursements
• Verify flight bookings and travel claims
• Send transactional emails (account confirmation, payment receipts, campaign updates)
• Detect and prevent fraud, abuse, and violations of our Terms of Service
• Respond to your support requests and communications
• Analyze usage patterns to improve Platform features
• Comply with legal obligations

We do not use your personal data to serve third-party advertisements on the Platform.

We share data with the following third-party service providers to operate the Platform:

• Stripe, Inc. — Payment processing. Stripe processes all donations and payouts. Privacy Policy
• Supabase, Inc. — Database, authentication, and file storage. Your account data, campaign data, and uploaded media are stored in Supabase. Privacy Policy
• Mux, Inc. — Video hosting and streaming. Videos you upload for missions or campaigns are processed and hosted by Mux. Privacy Policy
• Resend, Inc. — Transactional email delivery. We use Resend to send account and notification emails. Privacy Policy
• Vercel, Inc. — Platform hosting and content delivery. The Platform is hosted on Vercel's infrastructure. Privacy Policy

We do not sell your personal data to third parties. We do not share your data with third parties for their own marketing purposes.

Campaigns and missions you create are publicly visible on the Platform, including your display name, campaign title, description, destination, photos, and videos you choose to share. Completed mission proof media and traveler updates are publicly visible to all Platform users.

If you choose to donate anonymously, your name will not be displayed publicly. Your email address is never displayed publicly.

We retain your personal data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account data: Retained while your account is active. Deleted within 90 days of account deletion request, except where required by law
• Transaction records: Retained for 7 years to comply with financial regulations
• Uploaded media: Retained while your account is active; you may delete your own content at any time
• Log data: Retained for 90 days for security and debugging purposes

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Portability: Request your data in a machine-readable format
• Objection: Object to certain processing of your data
• Restriction: Request that we limit how we use your data in certain circumstances

To exercise any of these rights, contact us at legal@flynd.org. We will respond within 30 days. For EU/EEA residents, you also have the right to lodge a complaint with your local data protection authority.

We use the following types of cookies:

• Essential cookies: Required for authentication and core Platform functionality. These cannot be disabled.
• Preference cookies: Remember your settings and preferences across sessions.
• Analytics cookies: Help us understand how the Platform is used so we can improve it.

You can control non-essential cookies through your browser settings. Disabling cookies may affect some Platform functionality.

We implement industry-standard security measures including HTTPS encryption, secure authentication via Supabase, and row-level security on our database. Payment data is handled exclusively by Stripe, which maintains PCI DSS compliance.

No method of transmission over the internet is 100% secure. While we take data security seriously, we cannot guarantee absolute security of your data.

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a minor has provided us with personal data, please contact us at legal@flynd.org and we will delete that information promptly.

Your data may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. These countries may have different data protection laws. We ensure that such transfers are made with appropriate safeguards in place.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on the Platform. Your continued use of the Platform after changes take effect constitutes acceptance of the revised policy.

For privacy-related questions, data requests, or concerns:

Email: legal@flynd.org
Website: flynd.org