Privacy Policy
How AirPass Brasil collects, uses, and protects your personal data under LGPD.
Last updated: April 17, 2026
1. Introduction
AirPass Brasil ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and safeguard information when you use our online travel agency services, in compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13.709/2018).
2. Data We Collect
We collect the following categories of personal data:
- Identification data: full name, date of birth, CPF/passport number, nationality.
- Contact data: email address, phone number, postal address.
- Payment data: card details (tokenized), billing address.
- Travel data: itinerary, passenger preferences, loyalty programs, frequent flyer numbers.
- Technical data: IP address, device identifiers, browser type, usage logs.
3. How We Use Your Data
We use your personal data to:
- Process and fulfill bookings with airlines, hotels, and other travel suppliers.
- Issue tickets, vouchers, and confirmations.
- Communicate with you about your booking, changes, and customer support.
- Comply with legal and regulatory obligations (fiscal, aviation, consumer protection).
- Improve our services and personalize your experience.
- With your consent, send marketing communications.
4. Sharing with Third Parties
To provide the service, we share your data with:
- Airlines and hotels whose services you book (via Sabre GDS).
- Payment processors and anti-fraud providers.
- Cloud infrastructure providers (data processors).
- Public authorities when legally required.
5. International Data Transfers
Some suppliers and processors may be located outside Brazil. We ensure transfers occur under appropriate safeguards (contractual clauses, adequacy decisions) in accordance with LGPD articles 33 to 36.
6. Your Rights (LGPD)
You have the right to:
- Confirm the existence of processing and access your data.
- Correct incomplete or outdated data.
- Request anonymization, blocking, or deletion of unnecessary data.
- Request portability to another service provider.
- Revoke consent previously given.
- File a complaint with the Brazilian Data Protection Authority (ANPD).
To exercise these rights, contact [email protected].
7. Data Retention
We retain personal data only for the period necessary to fulfill the purposes described, including legal, fiscal, and contractual obligations (typically 5 years after the last interaction, aligned with Brazilian consumer law).
8. Security
We implement technical and organizational measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews to protect your data against unauthorized access, loss, or alteration.
9. Cookies
We use first-party and third-party cookies to operate the site, remember preferences, and measure performance. You can manage cookie preferences in your browser settings.
10. Children's Privacy
Our services are not directed to children under 18. If you believe we have collected data from a minor without consent, contact us for removal.
11. Changes to this Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email or a prominent notice on the Service.
12. Contact
Data Protection Officer (DPO): [email protected].