CovaSky

Privacy Policy

Last updated: 5 July 2026

This policy explains what data CovaSky collects, why, and what we do with it — written in plain language, because a privacy policy you can't understand protects no one.

1. Who we are

CovaSky is operated by Saas Tech DOOEL, which acts as the data controller for any personal data processed through this website. You can reach us at contact@covasky.com.

2. What we collect

We collect only what we need to run and improve a search tool:

2a. AI & Automated Processing

Route suggestions, stopover detection, midpoint calculations, and group meetup optimization are generated using automated AI algorithms. No human reviews individual search results. This automated processing does not produce legal effects or significantly affect you — it is informational route discovery only. GDPR Article 22's right to human review of automated decisions applies only to decisions with legal or similarly significant effects; travel inspiration search does not meet that threshold.

3. What we do not collect

We do not process payments, so we never see or store payment data — no card numbers, no billing addresses. We do not require accounts in the current version, so we hold no passwords or profiles. We do not collect passport or travel document details.

4. Cookies and localStorage

We use two types of browser storage:

Cookies: We set minimal functional cookies only — no tracking, no advertising, no cross-site data sharing.

localStorage: We store your search preferences locally (origin, destination, currency, mode). This data never leaves your device.

We do not use:

We use Cloudflare Web Analytics which is privacy-first — no cookies, no personal data, no cross-site tracking, GDPR-compliant by design. See: cloudflare.com/privacypolicy. You can clear all browser storage at any time via your browser settings. The site works without any stored preferences.

5. We do not sell your data

We do not sell, rent, or trade personal data to anyone. Our revenue comes from affiliate commissions when you book on partner sites — not from your data.

5a. Third Party Processors

We work with the following processors:

All processors are bound by GDPR-compliant data processing agreements.

5b. Newsletter (if you subscribe)

Our newsletter sign-up is optional. If you enter your email address in the newsletter form and submit it, we collect that address to send you occasional product updates and travel ideas.

6. Partner sites and their cookies

When you click through to a partner website — an airline, booking platform, or ground transport provider — you leave CovaSky. Affiliate partners may set their own cookies at that point, typically to attribute the referral. From that moment, the partner's privacy policy applies, not ours. We encourage you to review it.

7. How long we keep data

Search queries and analytics are kept in aggregated form for product improvement. Server logs are rotated on a short cycle. Preferences stored in your browser stay on your device until you clear them — we don't control those.

7a. GDPR Legal Basis

For each processing activity our legal basis is:

8. Your rights

Depending on where you live, you may have the right to access, correct, or delete personal data we hold about you, and to object to or restrict certain processing. Because we hold very little identifiable data, most requests are simple to fulfil.

Your GDPR rights include:

To exercise any right email contact@covasky.com. We respond within 30 days. You also have the right to lodge a complaint with the Personal Data Protection Agency of North Macedonia (PDPA): website dzlp.mk, email info@dzlp.mk; or with your local EU data protection authority if you reside in an EU member state.

9. Security

We use standard technical measures — encrypted connections, access controls, and minimal data retention — to protect what little data we process. The best security practice we follow is simply not collecting data we don't need.

10. Changes to this policy

If we change how we handle data, we will update this page and revise the date at the top. Material changes will be flagged clearly on the site.

11. Contact

Questions, concerns, or data requests: email contact@covasky.com. Data controller: Saas Tech DOOEL.