JetBack logo Privacy Policy

Privacy Policy

This Privacy Policy describes how JetBack Flight Tracking, LLC (“JetBack,” “we,” “us,” or “our”) collects, processes, shares, and retains personal data in connection with your use of JetBack’s mobile applications, website, and related flight monitoring services (collectively, the “Services”).

By using JetBack, including forwarding airline confirmation emails to us or accessing any portion of our Services, you acknowledge that you have read and understood this Privacy Policy, and you agree to the practices described herein.

1. Information We Collect

1.1 Information You Provide to Us

We may collect personal information that you voluntarily provide when using the Services, including:

  • • Your name and email address;
  • • Content of airline confirmation emails you forward to us;
  • • Booking and reservation identifiers, including PNR numbers, travel dates, and flight segments;
  • • Communications with our support team or staff;
  • • Any preferences, settings, or feedback you enter within the app or through direct correspondence.

This information is used solely to deliver, maintain, and enhance the Services, fulfill your requests, and monitor fare changes associated with your bookings.

By forwarding airline confirmation emails to JetBack, you explicitly authorize us to process, parse, extract, and analyze the information contained in those emails (including, where applicable, personal travel details and passenger data) for the purpose of detecting eligible fare reductions, initiating refund or eCredit claims, and performing related Services on your behalf. You acknowledge that such emails may contain sensitive personal data and consent to JetBack's use of this content exclusively in the context of its Services.

1.2 Sign in with Google and Gmail Inbox Access

JetBack uses Google's official OAuth authorization flow for two separate, independently opt-in features, and you can use one without the other: (a) Sign in with Google, which lets you create and log in to your JetBack account using your Google identity, and (b) Gmail inbox access, which lets JetBack automatically find and monitor travel bookings in your Gmail. This section describes both, and our compliance with the Google API Services User Data Policy, including the Limited Use requirements for restricted scopes.

Sign in with Google

When you choose “Sign in with Google” to create or log in to your JetBack account, Google shares a limited set of profile information with JetBack: your Google account email address, name, profile picture, and unique Google account identifier. We use this solely to create your JetBack account, authenticate you on return visits, and personalize parts of the app (such as showing your name and picture).

Signing in with Google does not by itself give JetBack any access to your Gmail inbox, Google Drive, Calendar, Contacts, or any other Google service. If you sign in with Google and never enable Gmail inbox access, JetBack will never read your email.

Gmail Inbox Access

Gmail inbox access is a separate feature that you must explicitly enable. When you choose to connect your Gmail inbox, we initiate a new Google OAuth consent flow and request the restricted scope https://www.googleapis.com/auth/gmail.readonly. This is a read-only permission; JetBack does not send, modify, or delete messages in your Gmail inbox.

With your authorization, JetBack will:

  • • Scan your Gmail inbox (including past and future messages across folders and labels) to identify travel-related correspondence such as airline confirmations, itinerary updates, cancellation notices, fare receipts, boarding passes, and loyalty program communications;
  • • Read the content of travel-related messages (headers, body, and relevant attachments) to extract booking data such as passenger names, confirmation numbers, flight segments, travel dates, fare amounts, and seat assignments;
  • • Store travel-related messages, extracted booking data, and OAuth tokens (we never see or store your email password) so we can continue monitoring your trips over time, even if the original email is deleted from your inbox;
  • • Periodically re-scan your inbox to detect new or updated travel emails so new bookings are picked up automatically.
Non-Travel Emails

Our automated systems are designed to focus exclusively on travel content. In the process of identifying travel emails, other messages may be briefly processed by our automated filters, but we do not store, retain, or use the content of non-travel emails. They are filtered out and discarded.

Travel Companions

Your travel confirmation emails may include names or details of other passengers (for example, family members or travel companions). By enabling Gmail inbox access, you confirm that you are comfortable with JetBack processing this information as part of your booking data, or that you have the authority to allow it.

Limited Use Compliance

JetBack's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • User-facing features only. We use Google user data exclusively to provide and improve user-facing features that are prominent in the JetBack application, primarily automatic trip detection, fare monitoring, and refund processing.
  • No advertising. We do not use Google user data, including Gmail content, for serving advertisements of any kind, including personalized, retargeted, or interest-based advertising.
  • No sale or unauthorized transfer. We do not sell Google user data, and we do not transfer it to third parties except: (i) as necessary to provide or improve user-facing features, with your consent; (ii) for security purposes, such as investigating abuse; (iii) to comply with applicable laws; or (iv) as part of a merger, acquisition, or sale of assets, where the receiving party will honor this Privacy Policy.
Security of Google User Data

JetBack stores Google user data, including Gmail content obtained via restricted scopes, on secured infrastructure. Access within JetBack is restricted to authorized personnel and systems that need it to operate the Services, and is subject to the Limited Use restrictions above.

Your Control

Sign in with Google and Gmail inbox access are managed independently. You may revoke Gmail inbox access only (and keep using Sign in with Google to log in) by disconnecting your inbox from within the JetBack app, or by removing the Gmail permission at myaccount.google.com/permissions; JetBack will immediately stop reading your Gmail, while your JetBack account and existing travel data remain intact. You may revoke Sign in with Google entirely (which also revokes any Gmail access) by removing JetBack at myaccount.google.com/permissions. In either case, travel data previously extracted from your inbox will remain in your JetBack account unless you also request deletion by contacting support@getjetback.com.

For more information about how Google handles your data, please review the Google Privacy Policy.

1.3 OTP Proxying and Verification Code Handling

To complete actions on your behalf with airlines and travel providers, JetBack offers optional “Proxy Channels” that route one-time passcodes, verification codes, magic links, and similar security messages (“Verification Messages”) to JetBack. Proxy Channels may take the form of a JetBack-issued proxy phone number, a JetBack-issued proxy email address, or email forwarding rules you configure on your own account. Use of Proxy Channels is entirely optional and entirely under your control.

What We Collect When You Use a Proxy Channel

  • Verification Messages routed to JetBack: The content of SMS messages, emails, or forwarded messages delivered to a Proxy Channel, including verification codes, magic links, tokens, sender identifiers, and timestamps.
  • Routing metadata: Which Proxy Channel received the message, which airline or provider it appears to come from, and the outcome of any automated parsing or use of the code.
  • Configuration data: The Proxy Channels you have enabled, the providers you have associated them with (where you tell us), and any forwarding rules you have set up at our suggestion.
How We Use It

Verification Messages are used solely to authenticate into airline, loyalty, payment, and related travel-provider accounts on your behalf, and otherwise to perform the Services described in our Terms and Conditions. We may also retain Verification Messages and metadata for a commercially reasonable period for security monitoring, troubleshooting, audit, and fraud prevention.

What We Don't Do

We do not use Verification Messages or Proxy Channel content for advertising, marketing, profiling, or sale to third parties. We do not intentionally use Proxy Channels to receive personal correspondence, and any non-verification content that happens to arrive is filtered out by our automated systems and is not used to provide Services.

You're in Full Control

You decide whether to enable a Proxy Channel, which providers it connects to, and when to disable it. You may revoke a Proxy Channel at any time through your JetBack account settings, by removing the proxy contact from the relevant provider, by deleting any forwarding rules you set up, or by contacting support@getjetback.com. After revocation, JetBack will stop using that Proxy Channel; previously received Verification Message data may be retained for the limited security and compliance purposes described above, and you may request deletion of that data at any time.

Proxy Channels are designed to be reliable and secure, and we treat verification codes as sensitive data. As with any phone number or email address, the underlying carriers and providers are outside our control, so JetBack's responsibility for Verification Messages is limited as described in the Terms and Conditions.

2. Automatically Collected Information

When you access or use the Services, we may automatically collect technical and usage data, which may include, but is not limited to:

  • • Device type, operating system, and device identifiers;
  • • IP address and general location metadata;
  • • Time-stamped logs of feature usage, in-app activity, and transaction events;
  • • Crash reports and performance diagnostics.

This information is used to analyze performance, detect issues, enhance functionality, and protect against fraud or misuse.

3. Location Data

JetBack does not access or collect precise device GPS location by default. If a future feature requests access to your device’s location (for example, to trigger contextual notifications near an airport), that access will be clearly disclosed in-app and subject to your explicit permission.

4. How We Share Your Information

We do not sell or rent your personal information. However, we may share it under the following conditions:

4.1 Service Providers and Infrastructure Partners

We may share your information with trusted third-party vendors and infrastructure partners who help us run the Services, for example cloud hosting, email processing, and customer support systems. When you connect your email account, travel data obtained through inbox syncing may be shared with these providers, but only to the extent necessary to deliver the Services. All service providers are bound by confidentiality and data processing agreements, and none are permitted to use your data for their own purposes.

You may request a list of the categories of subprocessors we use by contacting support@getjetback.com.

4.2 Airline Interaction on Your Behalf

When JetBack submits refund or credit claims to airlines, we may share relevant booking information (such as your name, reservation code, and flight details) directly with the airline through secure automated systems or web interfaces. Once submitted, this data is governed by the airline’s own privacy policies and practices. JetBack is not responsible for how airlines store, secure, or use the information we provide in order to fulfill your requested service.

4.3 Legal Compliance and Safety

We may disclose your data if required to do so by law, regulation, subpoena, or legal process. We may also disclose your information when we believe it is necessary to:

  • • Protect the rights, property, or safety of JetBack, our users, or the public;
  • • Enforce our Terms of Service;
  • • Detect, prevent, or investigate suspected fraud, abuse, or security incidents.

4.4 Corporate Transactions

In the event of a business transaction, such as a merger, acquisition, asset sale, or corporate restructuring, your information may be transferred to a successor entity. Such transfers will be handled in accordance with this Privacy Policy.

5. Automated Data Processing and AI Usage

JetBack processes user data using a combination of automated systems, technical tools, and, where applicable, human review. These systems analyze and extract information from airline confirmation emails, connected email inboxes, and other inputs in order to organize travel-related data, facilitate operational workflows, and support the functionality of the Services.

When you connect your email account for inbox syncing, automated systems scan and classify your emails to find travel content, then extract booking data from those emails. This processing uses pattern recognition and data extraction techniques, for example identifying a confirmation number or flight date within an email body. This is how JetBack automatically detects your trips and monitors fares without manual input from you.

Data processing may include the use of internal logic, third-party technologies, machine-assisted tools, artificial intelligence, or machine learning models, depending on the specific feature or task. JetBack may adapt or refine these processes over time to improve the accuracy and reliability of trip detection, fare monitoring, and other Services.

Processing is conducted in support of service delivery and internal product improvement. JetBack may use extracted travel data to improve the accuracy of our booking detection, fare monitoring, and refund systems. This processing is limited to purposes related to the functioning and improvement of the Services. We do not use your data for advertising, profiling, or any purpose unrelated to helping you save money on travel.

6. Data Retention and Deletion

JetBack retains your information for as long as reasonably necessary to:

  • • Deliver and operate the Services;
  • • Complete refund or credit processes;
  • • Satisfy legal, accounting, and regulatory obligations;
  • • Maintain accurate business and audit records;
  • • Prevent fraud and ensure service integrity.

If you choose to delete your account or disconnect your email account, you may request deletion by contacting support@getjetback.com. Here's how it works:

  • Disconnecting your email stops all future inbox scanning immediately. Your existing trip data and any savings already captured are preserved so you don't lose progress on active bookings.
  • Requesting data deletion will remove your personal and booking data from our active systems. Some data may be retained in anonymized or aggregated form, or where required for legal, accounting, or fraud prevention purposes.
  • • If you'd like both (disconnection and full deletion), simply let us know at support@getjetback.com and we'll handle both together.

You acknowledge that some limited data retention may be necessary for legal compliance, completing in-progress refund claims, or preventing fraud, even after deletion is requested.

7. User Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • • Request access to your personal data;
  • • Correct inaccurate or outdated information;
  • • Object to certain types of data processing;
  • • Request deletion of your information;
  • • Withdraw consent where applicable;
  • • Disconnect your email account and revoke inbox syncing access at any time.

You may revoke JetBack's access to your email inbox at any time by removing JetBack from your email provider's authorized applications (e.g., Google Account security settings) or by contacting us at support@getjetback.com. We will stop accessing your inbox immediately. If you'd also like us to delete the travel data we've already collected, just let us know in the same request and we'll take care of it.

To exercise any of these rights, contact support@getjetback.com. We may require verification of identity before processing your request. We will respond within a reasonable timeframe consistent with applicable privacy laws.

8. Security

JetBack employs industry-standard safeguards to protect your information from unauthorized access, use, or disclosure. These measures include encryption in transit, access control restrictions, and monitoring systems.

However, no system is infallible. You acknowledge that you use the Services at your own risk and that JetBack is not liable for any loss or exposure of personal data resulting from circumstances beyond our reasonable control.

In the event of a data breach involving your personal information, we will notify you promptly as required by applicable law using your registered email or other available contact methods.

9. International Data Transfers

JetBack operates primarily within the United States, but may use infrastructure providers in other countries. By using the Services, you acknowledge and agree that your personal data may be processed and stored in countries that may have different data protection laws than your country of residence. We take appropriate steps to ensure compliance with applicable legal requirements when transferring data internationally.

10. Arbitration and Limitation of Liability

Any dispute or claim arising from or related to this Privacy Policy shall be resolved through final and binding individual arbitration, and not through jury trial or class action. You waive the right to participate in any collective or representative proceeding.

To the fullest extent permitted by law, JetBack disclaims liability for indirect, incidental, punitive, or consequential damages arising from the use of or inability to use your data in connection with the Services.

12. Updates to This Policy

JetBack may revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. The most current version will always be available at https://getjetback.com/privacy.

You are responsible for reviewing this page periodically. Continued use of the Services indicates your acceptance of the current version of the Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our handling of your data, please contact us at support@getjetback.com.