privacy policy

Information You Provide Directly

• Account Information: When you create an account, we collect your email address, name, and password. If you sign in via Google OAuth, we receive your name, email address, and profile picture from Google.
• Travel Preferences: Home airport code, preferred cabin class, seat preference, and default budget that you voluntarily provide.
• Communications: Chat conversations with our AI assistant, including event searches, travel inquiries, and trip planning details.
• Trip Information: Saved trips, including event details, flight preferences, hotel preferences, and booking information.
• Support Inquiries: Information you provide when contacting us for customer support.

Information Collected Automatically

• Device Information: Device type, operating system, browser type, and unique device identifiers.
• Log Data: IP address, access times, pages viewed, and the page you visited before navigating to our Service.
• Usage Information: Features used, actions taken, and interaction patterns within the Service.
• Location Information: General location based on IP address (we do not collect precise GPS location).

We use the information we collect for the following purposes:

• Provide the Service: To operate, maintain, and deliver the features and functionality of the Service, including searching for events, flights, and accommodations.
• Personalization: To remember your preferences and provide personalized recommendations.
• Communication: To send you service-related notices, updates, security alerts, and administrative messages.
• Improvement: To analyze usage patterns, diagnose technical issues, and improve the Service.
• Safety and Security: To detect, prevent, and address fraud, abuse, and security issues.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom (UK), we process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to provide the Service you requested.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the Service and ensuring security.
• Consent: Processing based on your consent, which you may withdraw at any time.
• Legal Obligation: Processing necessary to comply with legal requirements.

We may share your information with the following categories of third parties:

Service Providers

• Supabase: Database hosting and user authentication services.
• Anthropic (Claude): AI language model powering our chat assistant.
• Google (Gemini): AI services for web research on venues and accommodations.
• Ticketmaster: Event information and ticket availability data.
• Amadeus: Flight search and pricing information.
• Vercel: Website hosting and deployment.

Other Disclosures

• Legal Requirements: When required by law, regulation, or legal process.
• Protection of Rights: To protect the rights, property, or safety of Seira, our users, or others.
• Business Transfers: In connection with a merger, acquisition, or sale of assets.
• With Consent: With your consent or at your direction.

We do not sell your personal information. We do not share your personal information with third parties for their direct marketing purposes.

We implement appropriate technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of data at rest
• Row-level security ensuring users can only access their own data
• Regular security assessments and updates
• Access controls limiting employee access to personal information

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

We retain your personal information for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account Information: Retained until you delete your account.
• Conversation History: Retained until you delete conversations or your account.
• Trip Information: Retained until you delete trips or your account.
• Log Data: Retained for up to 90 days for security and debugging purposes.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain certain information for legal or legitimate business purposes.

Rights for All Users

Regardless of your location, you may:

• Access and update your account information through Settings
• Delete your conversations and saved trips at any time
• Delete your account and all associated data
• Contact us to request information about your data

Additional Rights for EEA/UK Residents (GDPR)

If you are located in the European Economic Area or United Kingdom, you have the following additional rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal information we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal information.
• Right to Erasure: Request deletion of your personal information ("right to be forgotten").
• Right to Restriction: Request restriction of processing of your personal information.
• Right to Data Portability: Request transfer of your personal information in a structured, machine-readable format.
• Right to Object: Object to processing of your personal information for certain purposes.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

You also have the right to lodge a complaint with a supervisory authority in your country of residence.

Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collection, and the categories of third parties with whom we share personal information.
• Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: We do not use or disclose sensitive personal information for purposes other than those permitted under CCPA.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at support@seira.global. We will respond to verifiable requests within the timeframes required by applicable law (generally 30 days for GDPR requests and 45 days for CCPA requests).

We use cookies and similar tracking technologies to operate and improve the Service:

Essential Cookies

Required for the Service to function properly:

• Authentication cookies to keep you signed in
• Session cookies to maintain your session state
• Security cookies to prevent fraud and protect the Service

Functional Cookies

Used to remember your preferences:

• Theme preference (light/dark mode)
• Sidebar state (expanded/collapsed)

We do not use advertising or third-party tracking cookies. We do not engage in cross-site tracking or targeted advertising.

Most web browsers allow you to control cookies through their settings. Note that disabling essential cookies may prevent you from using certain features of the Service.

The Service is not intended for children under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children under these ages. If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@seira.global.

Seira LLC is based in the United States. If you access the Service from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers of personal information from the EEA or UK to countries not deemed to provide an adequate level of data protection, we rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your personal information is protected in accordance with this Privacy Policy.

Some web browsers have a "Do Not Track" (DNT) feature that sends a signal to websites you visit indicating you do not want to be tracked. Because there is no common understanding of how to interpret DNT signals, the Service does not currently respond to DNT browser signals. However, as stated above, we do not engage in cross-site tracking or targeted advertising.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify you by email or through a prominent notice within the Service
• Where required by law, obtain your consent to the changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, you may also contact our designated representative for data protection matters at the email address above.