Privacy Policy

Privacy Policy

Last updated on 01 Oct 2025

This Privacy Policy explains how Etera Technologies FZCO (“Etera,” “we,” “our,” or “us”) collects, uses, shares, and protects your personal data when you use our mobile application, website, and related services (collectively, the “Platform”).

By using Etera, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Platform.


1. Introduction

  1. Scope of this Policy

  1. Data We Collect

  1. Purpose and Legal Basis of Processing

  1. How We Share Data

  1. International Data Transfers

  1. Data Retention

  1. User Rights (Global Framework)

  1. Cookies and Tracking Technologies

  1. Data Security

  2. Children’s Data

  3. Changes to This Policy

  4. Contact and Complaints

  5. Region-Specific Addenda


  1. Introduction

Etera Technologies FZCO is a company registered in the United Arab Emirates, with its registered office in Dubai Internet City, UAE.

Etera acts as the data controller for all personal data collected through the Platform.


We process your information in compliance with:

  • UAE Federal Decree-Law No. 45 of 2021 (Personal Data Protection Law – PDPL),

  • EU General Data Protection Regulation (GDPR),

  • UK GDPR and Data Protection Act 2018, and

  • California Consumer Privacy Act (CCPA/CPRA) where applicable.

For any inquiries about this Policy or your personal data, you may contact: privacy@etera.tech

  1. Scope
    This Policy applies to:

  • All services offered through the Etera mobile and web applications, including account creation, bookings, payments, and customer support.

  • All users worldwide who access, register, or transact on the Platform.

This Policy does not apply to third-party websites, applications, or services linked from Etera that are not controlled by us.

  1. Data We Collect


3.1. Information You Provide

  • Account Data: full name, email, phone number, password.

  • Booking Data: travel dates, destination, preferences, passenger information, special requests.

  • Payment Data: payment card details (processed securely via Stripe), billing address, transaction records.

  • Support Data: correspondence with customer service, feedback, or complaints.

  • Marketing Preferences: consent to receive updates or offers.

3.2. Information Collected Automatically

  • Device identifiers (IP address, operating system, device type).

  • Browser type, language, time zone, and session duration.

  • App and web usage data (clicks, viewed pages, navigation history).

  • Cookies, analytics SDKs, and crash logs.

  • Location data when permission is granted.

3.3. Information from Third Parties

  • Authentication providers (Google, Apple, etc., if used for login).

  • Vendors or partners providing booking confirmations, changes, or cancellations.

  • Fraud-prevention and KYC services

  1. Purpose and Legal Basis of Processing

We process your personal data for the following purposes, in accordance with the lawful bases defined under the GDPR, UAE PDPL, and other applicable privacy laws:


  • To process and manage bookings: We use your data to confirm, modify, or cancel reservations. This processing is necessary to perform our contract with you.

  • To collect payments and issue invoices: We process payment details and billing information to complete transactions and comply with financial and tax regulations. This is required by contract and by law.

  • To provide customer support: We use your information to respond to inquiries, resolve issues, and manage refunds or complaints. This processing is based on our legitimate interest in delivering reliable service.

  • To personalize offers and recommendations: With your consent (or where legally permitted under legitimate interest), we use data to suggest relevant destinations, experiences, or services.

  • To prevent fraud and ensure platform security: We monitor accounts and transactions to detect suspicious activity, under our legitimate interest and, where applicable, legal obligation to maintain security and prevent misuse.

  • To comply with tax and accounting requirements: We retain and process transaction records as required by law for audit, VAT, and compliance purposes.

  • To send marketing communications: We send newsletters, offers, or updates only with your explicit consent.
    You may withdraw this consent at any time through your account settings or by contacting us at privacy@etera.tech

5. How We Share Your Data

We do not sell or rent your personal data. We only share it as described below:

5.1. Service Providers

We may share your data with trusted service providers that help us operate our business, including:

  • Payment processors (e.g., Stripe, Checkout.com).

  • Cloud hosting providers (e.g., AWS, Supabase).

  • Analytics and marketing tools (e.g., Google Analytics, Meta).

  • Customer service tools and email systems.

All service providers are bound by confidentiality and data-processing agreements ensuring compliance with GDPR and PDPL standards.


5.2. Vendors and Fulfillment Partners

For bookings, limited information is shared with the vendor or service provider (hotel, airline, tour operator, or transport provider) solely to fulfill your reservation.


5.3. Legal and Regulatory Authorities

We may disclose data when required by law, for example to comply with tax, accounting, AML, or court orders.

5.4. Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same protections.

6. International Data Transfers

Etera operates globally and may transfer your data to countries outside your jurisdiction, including the United Arab Emirates, European Union, United Kingdom, and United States.

When we transfer personal data internationally, we ensure:

  • Compliance with Standard Contractual Clauses (SCCs) for EU/UK users.

  • Compliance with UAE PDPL for international data transfers.

  • Technical and organizational safeguards (encryption, limited access, auditing).

By using our services, you consent to such transfers.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law.

  • Booking and payment records: retained for 7 years to meet legal and tax obligations.

  • Account data: stored until you delete your account or after 24 months of inactivity.

  • Support communications: kept for 3 years to ensure service quality and dispute resolution.

  • Marketing data: retained until you withdraw your consent.

  • Anonymized analytics data: may be stored indefinitely, as it no longer identifies you.

After the applicable retention period, all personal data is securely deleted or permanently anonymized.

8. User Rights

Depending on your location, you may have the following rights:

  • Access: Obtain a copy of your data.

  • Correction: Request correction of inaccurate information.

  • Deletion: Request deletion of personal data (subject to legal retention).

  • Restriction: Limit processing in certain cases.

  • Portability: Receive data in a portable format.

  • Objection: Object to processing for legitimate interest or marketing.

  • Withdraw consent: Revoke consent at any time.

To exercise these rights, contact privacy@etera.tech
We will respond within 30 days, in accordance with applicable law.

If you believe your rights have been violated, you may lodge a complaint with:

  • The UAE Data Office (for UAE users),

  • Your local EU/UK Data Protection Authority, or

  • The California Privacy Protection Agency (for U.S. users).

9. Cookies and Tracking Technologies

Etera uses cookies and SDKs to:

  • Enable essential functions (login, session management).

  • Collect anonymous analytics data.

  • Deliver personalized offers and improve services.

You may manage cookie preferences in your browser or in-app settings. Disabling essential cookies may affect platform functionality.

10. Data Security

We apply advanced security measures to protect personal data from loss, misuse, or unauthorized access:

  • Encryption: TLS and AES-256 encryption for data in transit and at rest.

  • Access Controls: Restricted access to authorized personnel only.

  • Monitoring: Continuous intrusion detection and activity logging.

  • Audits: Regular security and compliance audits.

While no system is fully immune to risks, we maintain industry-standard measures to minimize any exposure.

11. Children’s Data

Etera does not knowingly collect or process personal data from children under 18 years of age.
If we become aware that we have inadvertently collected such data, we will delete it immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal or operational changes.

All updates will be posted on our website and app, with the “Last Updated” date revised.
Substantial changes will be notified directly via email or in-app notification.

13. Contact and Data Protection Officer

If you have any questions or concerns regarding your personal data, please contact our Data Protection Officer (DPO):

Etera Technologies FZCO
98 Sheikh Zayed Road, Dubai, United Arab Emirates
Email: privacy@etera.tech

We will respond to all verified requests within the legally required time frame.

14. Region-Specific Addenda

EU/UK Addendum

For users in the European Union and United Kingdom, Etera complies with the GDPR (EU 2016/679) and the UK Data Protection Act 2018.
You may contact our EU representative at: privacy@etera.tech

UAE Addendum

For UAE users, Etera adheres to the UAE PDPL and Data Office guidelines.
Data is stored within the UAE or transferred under adequate safeguards.

California Addendum

For California residents, you have the right to know what personal data we collect, request deletion, and opt out of “sale” or “sharing” of personal data (we do not sell data).

Requests may be submitted via privacy@etera.tech.