When you make a booking, we collect:
Your data is used exclusively to:
Passport data (encrypted passport numbers, passport photos, selfies) is automatically purged 30 days after the flight date to minimise data exposure risk.
Blockchain transaction records are retained indefinitely as they are publicly available on-chain and serve as proof of payment.
Booking records (name, contact, flight) are retained for up to 12 months for support and dispute resolution, then anonymised.
Passport numbers are encrypted using AES-256-GCM with a unique IV per entry. Decryption is only performed on-demand by authorised admin personnel, and every decryption event is logged in an immutable audit trail including timestamp, admin identity, and IP address.
Images are stored in encrypted-at-rest blob storage and served via time-limited signed URLs.
If you choose to accept analytics on our site, we use our first-party FastTrack Analytics service to help us understand how pages are used (for example session replay and usage patterns). Analytics runs only after you grant consent via the in-app banner; without consent we do not collect usage data or session replay on your device. Data is processed under our control and is described in this policy. For architecture, retention defaults, and what we do not do with analytics, see our 我们如何处理您的数据 page.
We share the minimum necessary information with our airport partner operator to deliver the fast-track service. We do not sell, rent, or share your personal data with any other third party.
You may request access to, correction, or deletion of your personal data at any time by contacting us. Deletion requests will be honoured within 30 days, subject to legal retention requirements.