Website: https://click-fly.com
Last Updated: March 26, 2026
Welcome to Clickandfly OÜ. We are a travel agency registered in Estonia and committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you visit our website https://click-fly.com or book travel services through our platform.
Our data practices comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable Estonian data protection legislation.
By using our website or booking travel services with us, you acknowledge that you have read and understood the practices described in this Policy. If you do not agree, please refrain from using our services.
Depending on the service you use, Clickandfly OÜ may act in different capacities:
You are encouraged to review the privacy policies of any third-party provider before completing a booking or submitting documents on their platforms.
The entity responsible for processing your personal data is:
Clickandfly OÜ
Registry Code: 16028377
Harju maakond, Tallinn, Kesklinna linnaosa
Juhkentali tn 8, 10132, Estonia
Privacy Email: [email protected]
Customer Support (WhatsApp): +372 8801828
Please note: contacting us via WhatsApp involves the use of a Meta platform, which processes data under its own privacy policy. For all formal data protection requests, please use our privacy email address.
Clickandfly OÜ has assessed its processing activities and determined that the appointment of a Data Protection Officer (DPO) is not mandatory at this stage. All data protection enquiries are handled directly through our privacy contact above.
To provide travel bookings and related services, and to maintain a secure website, we may collect the following categories of information:
When you use our visa assistance service, we may collect additional documentation and information required to prepare your application file. This may include:
Visa-related documents are collected solely for the purpose of facilitating your visa application and are not used for any other purpose.
Payments are processed through secure third-party payment providers. We do not store full credit card or payment card numbers on our servers. We may retain transaction references, amounts, and dates as required for accounting and legal compliance.
When you visit our website, certain technical data may be collected automatically, including:
This data is collected via cookies and similar technologies. Please refer to our Cookie Policy for full details.
To issue flight tickets, confirm hotel reservations, arrange tour bookings, manage itinerary changes, and communicate all travel-related updates to you.
To collect, review, and prepare the documentation required for visa applications on your behalf, and to communicate updates regarding the status of your application.
To respond to enquiries, resolve booking issues, process complaints, and provide assistance throughout your travel experience.
To comply with applicable legal obligations, including invoicing, tax reporting, financial record-keeping, and regulatory requirements.
To analyse website usage patterns and improve functionality, performance, accessibility, and overall user experience.
If you subscribe to our newsletter or explicitly provide your consent, we may send travel offers, promotions, or service updates. You may withdraw your consent and unsubscribe at any time by using the unsubscribe link in any communication or by contacting [email protected].
To detect, prevent, and investigate fraudulent transactions, unauthorised access, and security incidents affecting our platform or our customers.
Under the GDPR, we rely on the following legal bases to process your personal data:
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised.
To deliver our travel services, we may share necessary personal data with trusted partners. These partners may act as independent data controllers or as data processors on our behalf, and may include:
When you are redirected to a third-party platform to complete a booking, that provider processes your data under its own privacy policy. We recommend reviewing their policies before proceeding.
We ensure appropriate contractual safeguards are in place with all data processors. We do not sell, rent, or trade personal data to third parties for commercial purposes.
Travel services inherently require the sharing of personal data across international borders. When transferring personal data outside the European Economic Area (EEA), we apply appropriate safeguards, which may include:
Further information about the safeguards applied to specific international transfers is available upon request at [email protected].
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:
While we take all reasonable steps to protect your data, no system can guarantee absolute security. In the event of a personal data breach that is likely to result in risk to your rights and freedoms, we will notify you and the Estonian Data Protection Inspectorate in accordance with our legal obligations.
We use cookies and similar tracking technologies to improve website functionality and analyse usage. The types of cookies we use are:
Non-essential cookies are only used with your prior consent, which you can manage or withdraw at any time via our cookie consent tool or your browser settings.
For full details on the cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.
We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals within the meaning of Article 22 of the GDPR.
Under the GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, please contact us at [email protected]. We will respond within one month of receiving your request. This period may be extended by a further two months in cases of complexity.
We will not charge a fee for processing your request unless it is manifestly unfounded or excessive.
Our services are intended for individuals aged 18 or older who are capable of entering into binding contracts. The account holder and the person making a booking must be at least 18 years of age.
Where a booking includes minor passengers as part of a family or group reservation, limited passenger data for those individuals (such as name, date of birth, and passport details) may be collected solely to fulfil the travel reservation and is not used for any other purpose.
We do not knowingly collect personal data from individuals under 18 for account creation or independent bookings. If we become aware that such data has been collected without appropriate consent, we will take steps to delete it promptly.
We may update this Privacy Policy periodically to reflect changes in our services, legal requirements, or data practices. The current version is always indicated by the “Last Updated” date at the top of this document.
Where changes are material, we will notify you by email or by a prominent notice on our website prior to the changes taking effect. Continued use of our services following notification of changes constitutes acceptance of the updated Policy.
For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Clickandfly OÜ
Harju maakond, Tallinn, Kesklinna linnaosa
Juhkentali tn 8, 10132, Estonia
Email: [email protected]
WhatsApp: +372 8801828