Privacy Policy

FlyEthio (Ethio Travel Services LLC) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website (flyethio.com), mobile application, and related services. By using our platform or making a booking, you consent to the data practices described in this policy. If you do not agree with these practices, please do not use our services. This policy applies to residents of the United States and international users and is designed to comply with applicable data protection laws including the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), and international standards.

2.1 Information You Provide When you register, search, or book through FlyEthio, we collect: • Identity Information: Full name, date of birth, gender, nationality • Contact Information: Email address, phone number, mailing address • Travel Documents: Passport number, passport expiry date, issuing country • Payment Information: Credit/debit card details (processed securely; we do not store full card numbers), billing address • Travel Preferences: Cabin class preference, meal preferences, frequent flyer numbers • Account Credentials: Username and password (stored in hashed form) 2.2 Information Collected Automatically When you visit flyethio.com, we automatically collect: • Device information (browser type, operating system, device ID) • IP address and approximate geographic location • Pages visited, links clicked, and search queries • Cookies and tracking technologies (see Section 7) • Referring website or source 2.3 Information from Third Parties We may receive information about you from: • Airlines and the Amadeus Global Distribution System (GDS) for booking confirmations • Payment processors for fraud prevention • Social media platforms if you connect your account • Publicly available sources for fraud prevention and security

We use the information we collect for the following purposes: 3.1 Providing Services • Processing flight bookings, modifications, and cancellations • Issuing e-tickets and booking confirmations • Communicating with airlines and service providers on your behalf • Providing customer support 3.2 Communications • Sending booking confirmations, e-tickets, and travel reminders • Notifying you of flight schedule changes or disruptions • Sending promotional offers, travel deals, and newsletters (only with your consent; you may unsubscribe at any time) • Responding to your inquiries and support requests 3.3 Improving Our Services • Analyzing usage patterns to improve website functionality • Personalizing your experience and displaying relevant content • Conducting market research and user surveys 3.4 Legal & Security • Verifying your identity and preventing fraud • Complying with legal obligations and regulatory requirements • Enforcing our Terms & Conditions • Protecting the rights, property, and safety of FlyEthio, our users, and the public

We do not sell your personal information. We share your data only in the following circumstances: 4.1 Travel Service Providers Your booking information (name, passport details, contact info) is shared with airlines, the Amadeus GDS, and other travel suppliers as required to complete your booking. These parties have their own privacy policies and are bound by their own data protection obligations. 4.2 Payment Processors Payment information is shared with our PCI-DSS compliant payment processors solely for the purpose of processing transactions. FlyEthio does not store complete credit card numbers. 4.3 Service Providers We work with trusted third-party vendors who assist us with website hosting, analytics, email delivery, and customer support. These vendors are contractually obligated to keep your information confidential and use it only for the services they provide to us. 4.4 Legal Requirements We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of FlyEthio, our users, or others. 4.5 Business Transfers In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website.

We retain your personal information for as long as necessary to: • Maintain your account and provide our services • Comply with legal and regulatory requirements (typically 7 years for financial records) • Resolve disputes and enforce agreements Booking records are retained for a minimum of 3 years from the travel date for accounting and compliance purposes. If you request account deletion, we will remove your personal data within 30 days, subject to legal retention requirements.

FlyEthio implements industry-standard security measures to protect your personal information: • SSL/TLS encryption for all data transmitted to and from our website • Secure server infrastructure with access controls and monitoring • Password hashing using bcrypt or equivalent algorithms • Regular security audits and vulnerability assessments • Limited employee access to personal data on a need-to-know basis However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

We use cookies and similar tracking technologies to enhance your browsing experience: • Essential Cookies: Required for website functionality (session management, security). Cannot be disabled. • Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics). You may opt out via your browser settings. • Preference Cookies: Remember your settings and preferences (currency, language, saved searches). • Marketing Cookies: Used to deliver relevant advertisements. You can opt out via industry opt-out tools. You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality. We honor browser "Do Not Track" signals where technically feasible.

Depending on your location, you may have the following rights regarding your personal data: • Right to Access: Request a copy of the personal information we hold about you • Right to Correction: Request correction of inaccurate or incomplete information • Right to Deletion: Request deletion of your personal information (subject to legal retention requirements) • Right to Portability: Receive your data in a structured, machine-readable format • Right to Opt-Out: Opt out of marketing communications at any time • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights California residents have additional rights under the CCPA, including the right to know what personal information is sold or disclosed (we do not sell your data). To exercise any of these rights, contact us at privacy@flyethio.com or info@flyethio.com. We will respond within 30 days.

FlyEthio's services are not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@flyethio.com and we will delete such information promptly.

FlyEthio is based in the United States. If you access our services from outside the US, your information may be transferred to and processed in the United States and other countries where our service providers operate. When we transfer personal data internationally, we implement appropriate safeguards including standard contractual clauses or rely on adequacy decisions. By using our services, you consent to such transfers.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page with a revised "Last Updated" date. For material changes, we will notify you via email or a prominent notice on our website at least 14 days before the change takes effect.

For privacy-related questions, concerns, or to exercise your rights, contact us: FlyEthio — Privacy Team Email: info@flyethio.com Phone (US): 703-997-9644 Phone (Ethiopia): +251 911 062 651 We aim to respond to all privacy inquiries within 30 days.