Introduction
At goFLY Limited, accessible from https://goflybd.com, protecting your privacy is one of our highest priorities. We are committed to being transparent about how we collect, use, store, and protect your personal information.
- Our website https://goflybd.com
- All services provided by goFLY Limited
- Communications via phone, email, WhatsApp, in-person
- Third-party websites we link to
- Services provided directly by our partners (airlines, hotels, embassies)
This Privacy Policy should be read together with our Terms and Conditions, Refund Policy, and Disclaimer.
Consent
1.1 Your Consent
By using our website or services, you hereby consent to this Privacy Policy and agree to its terms.
1.2 Withdrawing Consent
You may withdraw your consent at any time by:
- Contacting us at support@goflybd.com
- Unsubscribing from marketing emails
- Adjusting cookie preferences in your browser
Note: Withdrawing consent may affect our ability to provide certain services to you.
1.3 Consent for Minors
If you are under 18 years of age, you must have consent from a parent or guardian to use our services and share personal information with us.
Information We Collect
We collect different types of information depending on how you interact with us:
2.1 Personal Information
| Category | Data Types | Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, gender, nationality, passport details, national ID | Booking flights, visa applications, tour packages |
| Contact Data | Email address, phone number, postal address, WhatsApp number | Communication, booking confirmations, updates |
| Financial Data | Payment card details, bank account information, billing address | Processing payments |
| Travel Data | Travel history, passport copies, visa copies, frequent flyer numbers, travel preferences | Providing travel services, visa applications |
| Booking Data | Booking references, itineraries, service preferences, special requests | Managing your bookings |
2.2 Technical Information
| Category | Data Types | Purpose |
|---|---|---|
| Device Data | IP address, browser type and version, operating system, device type | Website functionality, security |
| Usage Data | Pages visited, time spent, click patterns, referring website | Website improvement, analytics |
| Location Data | General geographic location (from IP address) | Content localization, fraud prevention |
2.3 Communication Data
| Category | Data Types | Purpose |
|---|---|---|
| Correspondence | Emails, chat logs, phone call notes, WhatsApp messages | Customer support, record keeping |
| Feedback | Reviews, survey responses, complaints | Service improvement |
2.4 Sensitive Information
For visa applications and certain travel services, we may collect sensitive information such as:
- Passport biodata pages
- Photographs
- Employment information
- Financial statements
- Medical information (if relevant to travel)
- Criminal record declarations (if required by embassies)
Important: We collect sensitive information only when necessary for the specific service requested, and with your explicit consent.
How We Collect Information
3.1 Information You Provide Directly
| Source | Examples |
|---|---|
| Website forms | Booking forms, contact forms, inquiry forms |
| Account registration | When you create an account on our website |
| Direct communication | Phone calls, emails, WhatsApp messages, office visits |
| Document submission | Passport copies, bank statements, photos for visa applications |
| Surveys and feedback | Voluntary responses to our surveys |
3.2 Information Collected Automatically
| Source | Examples |
|---|---|
| Website usage | Pages visited, links clicked, time spent |
| Cookies | Preferences, session information |
| Log files | IP address, browser type, access times |
| Analytics tools | Aggregated usage statistics |
3.3 Information from Third Parties
| Source | Examples |
|---|---|
| Partner airlines | Booking confirmations, schedule changes |
| Payment processors | Transaction confirmations |
| Embassies/visa centers | Visa status updates |
| Social media | If you connect via social login |
How We Use Your Information
4.1 Service Delivery
| Purpose | Description |
|---|---|
| Booking processing | To complete flight, hotel, tour, and visa bookings |
| Visa applications | To submit and manage visa applications on your behalf |
| Travel documentation | To issue tickets, vouchers, and confirmations |
| Customer support | To respond to inquiries and resolve issues |
| Special requests | To accommodate dietary, mobility, or other needs |
4.2 Communication
| Purpose | Description |
|---|---|
| Transactional messages | Booking confirmations, payment receipts, itineraries |
| Service updates | Schedule changes, visa status, important notices |
| Customer support | Responses to your questions and requests |
| Marketing | Promotional offers, newsletters (with your consent) |
4.3 Business Operations
| Purpose | Description |
|---|---|
| Website maintenance | To operate, maintain, and improve our website |
| Analytics | To understand how users interact with our services |
| Product development | To develop new features and services |
| Quality assurance | To monitor and improve service quality |
4.4 Legal and Security
| Purpose | Description |
|---|---|
| Fraud prevention | To detect and prevent fraudulent activities |
| Legal compliance | To comply with laws and regulations |
| Dispute resolution | To resolve complaints and disputes |
| Record keeping | To maintain records for legal and tax purposes |
Information Sharing and Disclosure
5.1 Service Providers (Necessary Sharing)
| Partner Type | Information Shared | Purpose |
|---|---|---|
| Airlines | Name, passport details, contact info, frequent flyer numbers | Flight bookings, ticketing |
| Hotels | Name, contact info, arrival/departure dates, special requests | Reservations |
| Embassies/Visa Centers | Full visa application data including passport, photos, financials | Visa processing |
| Tour operators | Name, contact info, dietary/mobility requirements | Tour arrangements |
| Insurance providers | Name, DOB, passport details, travel dates | Travel insurance |
| Ground transport | Name, contact info, flight details | Airport transfers |
| Payment processors | Payment details, billing address | Transaction processing |
goFLY Limited does NOT sell, rent, or trade your personal information to any third party for marketing or advertising purposes.
5.3 Other Disclosures
| Circumstance | Details |
|---|---|
| Legal requirements | When required by law, court order, or government request |
| Safety concerns | To protect life, safety, or security of individuals |
| Fraud prevention | To investigate or prevent illegal activities |
| Business transfers | In case of merger, acquisition, or asset sale (with notice) |
| With your consent | When you explicitly authorize sharing |
Data Storage and Security
6.1 Where We Store Your Data
- On secure servers in Bangladesh
- With cloud service providers who maintain data centers globally
- In encrypted formats where applicable
6.2 Security Measures
Technical
SSL/TLS encryption, firewalls, intrusion detection, secure payment processing (PCI-DSS compliant)
Administrative
Access controls, employee training, confidentiality agreements, regular security audits
Physical
Secure office premises, locked storage for physical documents
6.3 Payment Security
- All online payments processed through SSLCOMMERZ (PCI-DSS compliant)
- We do NOT store full credit card numbers on our servers
- Payment pages are encrypted with SSL technology
Security Limitations: While we take reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
6.5 Data Breach Response
- We will investigate and contain the breach promptly
- We will notify affected users within 72 hours when required by law
- We will cooperate with relevant authorities
- We will take steps to prevent future incidents
Data Retention
7.1 Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Booking records | 7 years | Legal, tax, and audit requirements |
| Visa application documents | 3 years after application | Reference for future applications, disputes |
| Payment records | 7 years | Financial regulations |
| Communication records | 3 years | Customer service, dispute resolution |
| Marketing preferences | Until you opt out | To respect your preferences |
| Website analytics | 26 months | Standard analytics retention |
| Account data | Until account deletion requested | Account management |
7.2 Data Deletion
After the retention period expires, we will:
- Securely delete or anonymize your personal data
- Remove identifying information from records
- Destroy physical documents securely
7.3 Requesting Early Deletion
You may request deletion of your data before the retention period ends. However, we may retain certain data if required by law, needed for ongoing legal matters, or necessary for legitimate business purposes.
Cookies and Tracking Technologies
8.1 What Are Cookies?
Cookies are small text files stored on your device when you visit our website. They help us provide a better user experience.
8.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Website functionality, security, login sessions | Session / Short-term |
| Preference Cookies | Remember your settings (language, currency) | 1 year |
| Analytics Cookies | Understand how visitors use our website | 26 months |
| Marketing Cookies | Deliver relevant content (if enabled in future) | Variable |
8.3 Specific Cookies
| Cookie Name | Provider | Purpose |
|---|---|---|
| Session ID | goFLY | Maintain your session while browsing |
| Language preference | goFLY | Remember your language choice |
| Currency preference | goFLY | Remember your currency selection |
| Google Analytics (_ga, _gid) | Website analytics |
8.4 Third-Party Cookies
Currently, goFLY Limited does NOT use:
- Google Ads cookies
- Facebook Pixel
- Other advertising tracking cookies
8.5 Managing Cookies
Third-Party Services
9.1 Services We Use
| Service | Provider | Purpose | Privacy Policy |
|---|---|---|---|
| Payment Processing | SSLCOMMERZ | Secure payments | View Policy |
| Analytics | Google Analytics | Website statistics | View Policy |
9.2 Third-Party Links
We are not responsible for the privacy practices of third-party websites. We encourage you to read their privacy policies before providing any personal information.
9.3 Social Media
Your interactions on these platforms are subject to those platforms' own privacy policies.
Your Privacy Rights
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Request correction of inaccurate or incomplete data
Right to Erasure
Request deletion of your data (subject to legal requirements)
Right to Restrict
Request limitation of how we use your data
Right to Object
Object to certain types of processing (e.g., marketing)
Right to Portability
Request transfer of your data in a machine-readable format
Withdraw Consent
Withdraw consent for processing based on consent
Right to Complain
Lodge a complaint with a supervisory authority
10.2 How to Exercise Your Rights
We will respond to your request within 30 days.
Most requests are processed free of charge. A reasonable fee may apply for excessive or repetitive requests.
GDPR Rights (European Users)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).
11.1 Legal Basis for Processing
| Processing Activity | Legal Basis |
|---|---|
| Service delivery | Contract performance |
| Visa applications | Contract performance, legal obligation |
| Marketing communications | Consent |
| Website analytics | Legitimate interest |
| Fraud prevention | Legitimate interest, legal obligation |
| Legal compliance | Legal obligation |
11.2 Your GDPR Rights
| Right | Description |
|---|---|
| Right to Access | Request copies of your personal data. A small fee may apply. |
| Right to Rectification | Request correction of inaccurate information. |
| Right to Erasure | Request deletion under certain conditions. |
| Right to Restrict Processing | Request limitation of processing under certain conditions. |
| Right to Object | Object to processing based on legitimate interests. |
| Right to Data Portability | Request transfer of data to another controller. |
| Automated Decision-Making | Not to be subject to purely automated decisions with legal effects. |
CCPA Rights (California Users)
12.1 Your CCPA Rights
| Right | Description |
|---|---|
| Right to Know | Request disclosure of categories and specific pieces of personal data collected about you |
| Right to Delete | Request deletion of personal data collected from you |
| Right to Opt-Out | Opt out of the sale of personal data |
| Right to Non-Discrimination | Not be discriminated against for exercising your rights |
goFLY Limited does NOT sell personal information. We do not sell, rent, or trade your personal data to third parties for monetary or other valuable consideration.
12.3 Categories of Information Collected
| Category | Examples | Collected? |
|---|---|---|
| Identifiers | Name, email, phone, passport | ✅ Yes |
| Personal Information (CA Civil Code) | Name, address, payment info | ✅ Yes |
| Commercial Information | Booking history, transaction records | ✅ Yes |
| Internet/Network Activity | Browsing history, search history on our site | ✅ Yes |
| Geolocation Data | General location from IP | ✅ Yes |
| Professional/Employment Info | Employment details for visa applications | ✅ Yes (when provided) |
| Sensitive Personal Information | Passport, financial data | ✅ Yes (for services) |
To exercise your CCPA rights, email support@goflybd.com with subject: "CCPA Request – [Your Name]". We will respond within 45 days (extendable to 90 days if needed).
Children's Privacy
13.1 Age Restrictions
goFLY Limited services are intended for users 18 years of age and older. We do not knowingly collect personal information from children under:
- 13 years of age (general policy)
- 16 years of age (for GDPR-covered regions)
13.2 Minor Travelers
When booking travel for minors (under 18), the parent or legal guardian is responsible for providing the minor's information, consenting to data processing on behalf of the minor, and ensuring accuracy of information provided.
If you believe we have inadvertently collected information from a child under 13, please contact us immediately at support@goflybd.com. We will take prompt action to delete such information.
International Data Transfers
14.1 Where Your Data May Be Transferred
| Destination | Purpose |
|---|---|
| Airlines | Flight bookings (data centers globally) |
| Hotels | Reservations (destination countries) |
| Embassies | Visa applications (destination countries) |
| Payment processors | Transaction processing |
| Cloud providers | Data storage and processing |
14.2 Safeguards for International Transfers
- Standard contractual clauses
- Data processing agreements with recipients
- Encryption during transfer
- Limiting data shared to what's necessary
14.3 EEA Transfers
For transfers from the EEA to countries without adequate data protection laws, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, Binding Corporate Rules (where applicable), and your explicit consent (for specific transfers).
Changes to This Policy
15.1 Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, new services or features, legal or regulatory requirements, and industry best practices.
15.2 Notification
- We will update the "Last Updated" date at the top
- For material changes, we may notify you via email or website notice
- Continued use after changes constitutes acceptance
15.3 Version History
| Version | Date | Summary |
|---|---|---|
| 1.0 | January 2017 | Initial release |
| 2.0 | December 17, 2025 | Comprehensive update: GDPR, CCPA, expanded rights |
Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
goFLY Limited
1 Shukrabad Road Motiur Nibash
Beside New Model Degree College
Opposite of Metro Shopping Mall
Dhaka – 1207, Bangladesh
| Channel | Details | Best For |
|---|---|---|
| support@goflybd.com | Privacy requests, formal inquiries | |
| 📞 Hotline | +880 9639-203090 | General inquiries |
| +880 1713-289178 | Quick questions | |
| 🌐 Website | goflybd.com/contact-us | Contact form |
Business Hours
- Access Request
- Deletion Request
- Correction Request
- Opt-Out Request
- General Inquiry