Legal
Effective: January 1, 2026 · Last updated: May 2026
Compliant with the Philippine Data Privacy Act of 2012 (RA 10173)
Skyvia Travel ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website (skyviatravel.com) and travel booking services. By using our services, you consent to the practices described in this policy. This policy is compliant with the Philippine Data Privacy Act of 2012 (Republic Act 10173) and its Implementing Rules and Regulations.
We collect the following categories of personal information: • Identity & Contact Information: Full name, email address, phone number, and home address provided during registration or booking. • Passenger Information: Passport or government ID number, date of birth, nationality, and travel document details needed to process flight and accommodation bookings. • Payment Information: Billing details processed through PayMongo. We do not store card numbers, CVV codes, or full bank account details. Only transaction references and masked payment confirmations are retained. • Usage & Technical Data: IP address, browser type, device identifiers, pages visited, and interaction events collected through analytics tools to improve our website performance. • Communications: Records of emails, messages, and support requests exchanged between you and Skyvia.
We use your personal information for the following purposes: • To process and confirm travel bookings, issue payment links, and coordinate with airlines, hotels, and other suppliers on your behalf. • To send booking confirmations, travel itineraries, payment receipts, and service updates via email or SMS. • To respond to your inquiries, complaints, and customer support requests. • To comply with legal obligations including tax reporting, fraud prevention, and anti-money laundering requirements. • To send marketing communications about relevant travel offers and promotions — only with your explicit consent. You may opt out at any time. • To analyze usage patterns and improve the features, design, and performance of our website.
Under the Data Privacy Act of 2012, we process your personal information on the following legal bases: • Contract Performance: Processing necessary to fulfill a booking or service agreement you have entered into with us. • Legal Obligation: Processing required by Philippine law, including tax compliance, reporting obligations, and anti-fraud measures. • Legitimate Interests: Processing to improve our services, prevent fraud, and maintain the security of our systems, balanced against your rights and freedoms. • Consent: For marketing communications and optional data collection. You have the right to withdraw consent at any time without affecting the lawfulness of prior processing.
We share your personal information only in the following circumstances: • Travel Suppliers: Airlines, hotels, tour operators, and ground transport providers that must receive your details to fulfill your booking. • Payment Processors: PayMongo processes all card and digital wallet payments. Their privacy practices are governed by their own privacy policy. • Service Providers: Third-party vendors (cloud hosting, email delivery, analytics) who process data on our behalf under strict data processing agreements. • Legal Requirements: When required by law, court order, or government authority, including the National Privacy Commission. • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections. We do not sell, rent, or trade your personal information to any third party for their own marketing purposes.
We retain your personal information for as long as necessary to provide our services and fulfill legal obligations: • Booking records and passenger information: 5 years from the date of the booking, for tax and legal compliance. • Payment transaction records: 5 years, in compliance with Philippine tax and accounting regulations. • Marketing consent records: Until you withdraw consent or request deletion. • Support and communication records: 2 years from the date of last interaction. • Website analytics data: 13 months in aggregated, anonymized form. Upon expiry of the retention period, we securely delete or anonymize your data.
As a data subject under RA 10173, you have the following rights: • Right to be Informed: Know how and why we collect and process your data. • Right of Access: Request a copy of the personal data we hold about you. • Right to Rectification: Request correction of inaccurate or incomplete data. • Right to Erasure (Right to be Forgotten): Request deletion of your data, subject to legal retention obligations. • Right to Restrict Processing: Request that we limit how we use your data in certain circumstances. • Right to Data Portability: Receive your data in a structured, machine-readable format. • Right to Object: Object to processing based on legitimate interests, including direct marketing. • Right to Withdraw Consent: Withdraw consent for consent-based processing at any time. To exercise any of these rights, email our Data Protection Officer at privacy@skyviatravel.com with your full name, contact information, and a description of your request. We will respond within 15 business days.
We use cookies and similar tracking technologies to: • Maintain session state so you stay logged in during a browsing session (strictly necessary). • Remember your preferences such as currency, search filters, and notification settings (functional). • Measure website traffic, feature usage, and user behavior through analytics tools (analytical). You can control cookies through your browser settings. Disabling strictly necessary cookies may prevent the website from functioning properly. You can opt out of analytical cookies by adjusting your browser or using browser extensions that block tracking scripts.
We implement industry-standard technical and organizational security measures to protect your personal information: • All data transmitted between your browser and our servers is encrypted using TLS (HTTPS). • Database access is restricted to authorized personnel only, with role-based access controls. • Passwords are hashed using bcrypt and are never stored in plaintext. • Payment data is handled exclusively by PayMongo under PCI-DSS compliance standards. • Regular security scans and vulnerability assessments are conducted on our systems. Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly notifying affected users and the National Privacy Commission in the event of a data breach.
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children without verifiable parental consent. If we discover that we have collected personal data from a child without appropriate consent, we will delete it promptly. If you believe we have inadvertently collected information from a child, please contact us at privacy@skyviatravel.com.
Your personal data may be processed by our service providers in jurisdictions outside the Philippines, including cloud infrastructure providers with servers in Singapore, the United States, or the European Union. When we transfer data internationally, we ensure appropriate safeguards are in place, including contractual clauses that require the recipient to protect your data to a standard equivalent to RA 10173.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on this page with a revised effective date. For significant changes, we will send a notification to the email address associated with your account. Your continued use of our services after any update constitutes acceptance of the revised policy.
Skyvia has designated a Data Protection Officer (DPO) in compliance with RA 10173. For privacy inquiries, data subject requests, or concerns: Data Protection Officer Skyvia Travel Email: privacy@skyviatravel.com If you believe your privacy rights have been violated and your concerns have not been adequately addressed by us, you have the right to lodge a complaint with the National Privacy Commission of the Philippines at privacy.gov.ph.
Questions about this policy? Email our Data Protection Officer at privacy@skyviatravel.com. For complaints, contact the National Privacy Commission.