Privacy Policy

1. Introduction

TIKKET PLC, trading as Gooso Travel / Gooso (“Gooso,” “we,” “us,” or “our”) operates the Gooso mobile application for iOS and Android (the “App”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App to search for, book, and manage flight reservations.

By accessing or using the App, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

2. Information We Collect

2.1 Information You Provide

When you book a flight, you provide passenger details through the booking form. We collect:

• All passengers: given name, surname, date of birth, and gender
• Adult passengers: title (Mr, Mrs, Ms, Dr, or Prof)
• Primary passenger: email address and phone number (including country code)
• International flights: passport number, passport expiry date, and passport issuing country. Passport issuing country may also be used as nationality where required by the airline reservation system.
• Optional: loyalty or frequent-flyer programme number

You may also optionally save passenger profiles on your device for convenience when making future bookings. These profiles are stored locally and can be individually deleted at any time.

2.2 Information Collected Automatically

When you use the App, the following information may be collected automatically:

• Analytics events: anonymised usage events such as searches submitted, flights selected, and payment outcomes. Event properties include airport codes, cabin class, trip type, passenger counts (numbers only, no names), payment method, currency, and price. Your internal user ID is used for analytics identification — no email, name, phone, or other personal information is sent to our analytics provider.
• Crash and error reports: error stack traces, navigation breadcrumbs, and your internal user ID. No screenshots are attached to error reports.
• Search queries: airport codes and city names you type when selecting flight origin and destination.
• Bot-protection signals: browser fingerprint and device behaviour patterns processed by Cloudflare’s invisible challenge during sign-in.

All automatically collected data is sanitised before leaving your device. Fields matching sensitive patterns (email, phone, name, passport, booking reference, account credentials) are automatically stripped from analytics and crash data.

2.3 Information Stored Locally on Your Device

The App stores limited data on your device using platform-level encryption (MMKV) to speed up your experience. This data never leaves your device unless you initiate a booking:

• Auth session tokens — to keep you signed in
• Saved passenger profiles — for convenience when booking again (you can delete these individually at any time)
• Last flight search — to pre-fill the search form on your next visit
• Analytics opt-out preference — to respect your analytics choice

All locally stored data is cleared when you delete your account.

2.4 Information We Do Not Collect

We want to be clear about data we do not collect:

• Precise or coarse device location
• Contacts, calendar, photos, camera, or microphone access
• Advertising identifiers (IDFA or GAID)
• IP-based geolocation (explicitly disabled in our analytics configuration)
• Browsing history
• Keystroke patterns or interaction timing
• Device screenshots

3. How We Use Your Information

We use the information we collect for the following purposes:

• Flight booking: to search for flights, create bookings, issue tickets, and send booking confirmations using your passenger details, email, and phone number
• Payment processing: to redirect you to a third-party hosted checkout page with the minimum data required to complete your transaction (booking reference, email, phone, amount, currency, and payment method)
• Authentication: to verify that sign-in requests come from real users via an invisible CAPTCHA challenge, without requiring passwords or social logins
• Product improvement: to understand how the App is used through anonymised analytics, so we can improve the experience
• Stability: to detect, diagnose, and fix crashes and errors using sanitised error reports
• Search: to power airport and city autocomplete when you enter flight origin and destination
• Legal compliance: to comply with applicable laws, regulations, and legal processes

4. Third-Party Services

We use the following third-party services to operate the App. Each service receives only the minimum data necessary for its purpose.

4.1 Supabase (Backend Infrastructure)

Purpose: user authentication, storing booking and passenger records, and coordinating payment processing.

Data received: Supabase Auth user and session data, all passenger fields listed in Section 2.1, booking details, payment method selection, email, and phone number. Authentication uses Supabase sessions and protected sign-in flows verified with a Cloudflare Turnstile token where configured.

Supabase Privacy Policy

4.2 PostHog (Product Analytics)

Purpose: understanding how users interact with the App to improve the experience.

Data received: anonymised usage events (search submitted, flight selected, payment initiated/completed/failed, support contacted). Event properties include origin/destination airport codes, cabin class, trip type, passenger counts (numbers only, no names), payment method, currency, and price.

User identification: internal user ID only. No email, name, phone, or other personally identifiable information is sent to PostHog. All fields matching sensitive patterns are automatically stripped before any data leaves the device. IP-based geolocation is explicitly disabled. Advertising identifiers (IDFA/GAID) are not collected.

User control: you can opt out of analytics entirely via Settings > Analytics in the App.

PostHog Privacy Policy

4.3 Sentry (Error and Crash Monitoring)

Purpose: detecting and diagnosing app crashes and errors to maintain stability.

Data received: crash reports, error stack traces, and navigation breadcrumbs. User context is limited to your internal user ID — no email, name, or phone number is sent. Screenshots are not attached to error reports. All breadcrumb and event data is sanitised using the same PII redaction used for analytics.

Data hosting: Sentry data is hosted in the European Union (de.sentry.io).

Sentry Privacy Policy

4.4 Algolia (Search Infrastructure)

Purpose: airport and city search autocomplete when you enter flight origin and destination.

Data received: search queries (airport codes and city names as you type). No user identification is sent to Algolia — queries are completely anonymous.

Algolia Privacy Policy

4.5 Firebase Cloud Messaging by Google (Push Notifications)

Purpose: sending booking updates and travel notifications (planned for a future release).

Current status: push notifications are not yet enabled. No Firebase Cloud Messaging (FCM) tokens are collected or transmitted. When this feature is activated in a future update, you will be asked for explicit notification permission before any data is shared with Firebase.

Firebase Privacy Policy

4.6 Cloudflare Turnstile (Bot Protection)

Purpose: verifying that sign-in requests come from real users, not automated bots.

Data received: browser fingerprint and device behaviour patterns, processed by Cloudflare’s invisible challenge. The challenge runs automatically during sign-in — no user interaction is required. The resulting verification token is forwarded to our backend. Cloudflare does not receive any data you enter in the App.

Cloudflare Privacy Policy

4.7 Travelport, Hayaan, Airlines, and Ticketing Partners (Reservation and Ticketing)

Purpose: searching flight availability, creating reservations, issuing tickets, retrieving booking status, and processing cancellations or refunds.

Data shared: itinerary details, passenger names, passenger type, date of birth, gender, contact details for the primary passenger, passport details for international travel where required, loyalty number if provided, booking references, ticket references, and payment status needed to complete ticketing. We share only the data required by the reservation, airline, or ticketing workflow.

4.8 Chapa, Ebirr, and SahayPay (Payment Processing)

Purpose: processing flight ticket payments via hosted checkout.

Data passed to checkout: booking reference, email, phone number, payment method, amount, and currency. The App redirects you to the payment processor’s hosted checkout page. No card numbers, bank credentials, or financial account details ever pass through or are stored by the Gooso App.

Data received back: transaction reference and payment status (success or failure) only.

5. Data Sharing

We do not sell your personal information. We share data only as follows:

• Passenger and booking data is shared with our backend infrastructure (Supabase), reservation and ticketing providers, airlines, and payment processors (Chapa, Ebirr, or SahayPay) solely to fulfil your booking, issue tickets, manage cancellations/refunds, and process payment.
• Anonymised analytics data is shared with PostHog and Sentry in sanitised form, with all personally identifiable information stripped before transmission.
• Anonymous search queries are shared with Algolia to provide airport and city autocomplete.
• Bot-protection signals are processed by Cloudflare Turnstile during sign-in.
• Legal authorities — we may disclose information when required by law, court order, or to protect our legal rights.

6. Data Storage and Security

We implement appropriate technical and organisational measures to protect your information:

• Transit encryption: all data transmitted between the App and our servers uses HTTPS (TLS) encryption exclusively.
• Local encryption: data stored on your device (session tokens, saved passenger profiles, search history, and preferences) is protected by platform-level encryption via MMKV.
• Error data hosting: crash and error data processed by Sentry is hosted in the European Union (de.sentry.io).
• Access controls: access to personal data is restricted to authorised personnel and systems on a need-to-know basis.

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

7. Data Retention

We retain different categories of data for different periods:

• Supabase Auth and profile data: retained while your account is active. When account deletion completes, refresh tokens are revoked, your Auth user/profile is deleted, and retained booking records are detached from your user ID.
• Booking, passenger, ticket, and payment records:retained for up to seven years where required for tax, fraud prevention, payment disputes, aviation, ticketing, refund, or legal obligations. During account deletion, these records are retained only for those purposes and are no longer linked to an active user account.
• Search metadata: searches that are not attached to a booking are deleted during account deletion. Search records linked to a retained booking may be kept for booking context, but passenger search payloads are removed.
• Payment checkout data: transaction references, provider status, amount, currency, wallet type, and payment method may be retained with the payment record. Active checkout URLs are removed during account deletion.
• Support and notification records: user-scoped support/profile notification data is deleted or redacted during account deletion. Operational notification queue records tied to retained bookings may be kept in redacted form for auditability.
• Analytics data: anonymised usage events are retained in accordance with our analytics provider’s retention policies. Because this data is anonymised, it cannot be linked back to you.
• Crash and error reports: retained for up to 90 days to allow for diagnosis and resolution.
• Server, edge-function, webhook, and trace logs:retained for operational debugging, security monitoring, payment reconciliation, and fraud prevention. We minimise PII in logs and use support trace IDs instead of exposing sensitive payloads in user-facing responses.
• Locally stored data: remains on your device until you delete it manually or delete your account, at which point all local data is cleared.

When you delete your account (Settings > Delete Account), we delete or anonymise your personal data from our systems, revoke active refresh tokens, and return a confirmation showing any retained record categories and retention reasons, subject to legal retention obligations.

8. Your Rights and Controls

8.1 In-App Controls

You can exercise the following controls directly within the App:

• Opt out of analytics: go to Settings > Analytics to disable all analytics data collection.
• Delete saved passengers: remove any saved passenger profile from the App at any time.
• Delete your account: go to Settings > Delete Account to permanently delete your account and all associated data.

8.2 Your Data Protection Rights

Depending on your jurisdiction (including under the GDPR), you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate or incomplete data
• Erasure — request deletion of your personal data, subject to legal retention requirements
• Data portability — request your data in a structured, commonly used, machine-readable format
• Restriction of processing — request that we limit how we process your data in certain circumstances
• Objection — object to the processing of your personal data in certain circumstances

To exercise any of these rights, please contact us at the address provided in Section 11. We will respond to your request within 30 days.

9. Children’s Privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at the address in Section 11 and we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the App and updating the “Last updated” date at the top of this page. Your continued use of the App after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, our data practices, or wish to exercise your data protection rights, please contact us at: