Privacy Policy

Flyback.ai — Effective: April 5, 2026

1. Overview

Flyback.ai (“the Service”) is a non-commercial watch market intelligence platform. This policy describes what data we collect, how we use it, and your rights. By using the Service you agree to this policy.

2. Data We Collect

Account Data

If you create an account via Google Sign-In or email, we collect:

  • Your email address and display name (from your Google account or email input)
  • A unique user ID generated by Firebase Authentication

We do not have access to your Google account password.

Preferences and Usage Data

If you use personalization features, we store in your account:

  • Wrist size and budget preferences you enter
  • Watch brands, styles, and movement types you select
  • Listings you bookmark (your watchlist)
  • Price alert preferences

Guest preferences (no account) are stored only in your browser’s local storage and are never transmitted to our servers.

Technical Data

Like all web services, our servers automatically receive your IP address and browser information when you make requests. We do not store or log this data beyond standard Cloud Run infrastructure logs, which are retained for 30 days.

3. How We Use Your Data

  • Authentication: To identify your account and protect it from unauthorized access
  • Personalization: To filter and rank listings based on your wrist size, budget, and preferences
  • Watchlist & Alerts: To save listings you bookmark and send price drop notifications you opt into
  • Service improvement: Aggregate, anonymized usage patterns may be reviewed to improve the platform

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Services

The Service uses the following third-party infrastructure:

  • Firebase (Google): Authentication and user profile storage. Governed by Google’s Privacy Policy.
  • Google Cloud Platform: Hosting, database, and compute infrastructure.
  • Cloudflare: DNS, CDN, and DDoS protection. Cloudflare may log request metadata per their privacy policy.

5. Push Notifications

If you enable price alerts, we use Firebase Cloud Messaging (FCM) to send push notifications to your device. You can disable notifications at any time in your browser or device settings, or by turning off all alerts in your Flyback profile.

6. Data Retention

  • Account data: Retained until you delete your account
  • Watchlist and preferences: Retained until you delete your account or remove them manually
  • Infrastructure logs: Automatically deleted after 30 days

7. Your Rights

You may request deletion of your account and all associated data at any time by emailing [email protected]. We will process deletion requests within 30 days. Note that aggregated, anonymized data (not linked to your identity) may be retained.

If you are in the European Economic Area (EEA) or United Kingdom, you have additional rights under GDPR including the right to access, rectify, or port your data. Contact us at the email above to exercise these rights.

8. Cookies

The Service uses minimal cookies required for authentication (Firebase session tokens). We do not use advertising cookies or third-party tracking pixels.

9. Children

The Service is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be noted by updating the effective date above. Continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact

For privacy-related questions or requests: [email protected]