We (hereafter “MisterFly”) are working each day to help our customers to travel more intelligently. And just like you, your data travels, according to your destination and the providers (airlines, hotels, car hire companies etc.) with whom you travel. We act as an intermediary with the providers and you authorise us to make a reservation. In this context, we collect personal data that you send to us in order to make the reservation.


Processing your personal data in line with our values

When you contact us or visit our websites, you entrust us with your personal data. This privacy policy aims to explain to you with complete transparency what data we collect, the reasons why we collect it and what we do with your data. This policy is important and a little long, but we hope that you will take the time to read it carefully. If you are reading this privacy policy, it is because we are in charge of processing the data that we collect. This status of data controller means that we control the purposes and way in which your personal data is used.

This privacy policy explains:

  • What data we collect and why we collect it;
  • How we collect your data;
  • How you can access your data.


Personal data that we collect

When you browse our website or mobile application or use our online chat, we collect:

  • Your recent searches and reservations;
  • Information about your browsing behaviour on our website;
  • Information about how you access our digital services, including the operating system, IP address and browser details.


When you purchase our products online, we collect:

  • The personal information (surname, first name, date of birth, gender, postal address, email address, telephone number, payment method) of the payer and of the traveller collected as part of the reservation;
  • All personal data that you enter when making the reservation. When you book a trip for other people, you declare that you have obtained the prior consent of the travellers whose personal data is entered when making the reservation. Entering this personal data is required for going ahead with the trip;
  • The travel insurance details that you select when making your reservation on the website;
  • The personal data allowing for the operational processing of your special dietary, religious or justified disability/health-related requests with respect to the service purchased;
  • Information relating to your reservations made on the website, including the file number, the services ordered and the payment method. Please be advised that your credit card information will be collected and processed directly by our payment provider without ever passing through our system. Payment providers are required to comply with the PCI-DSS security standard, guaranteeing security for bank card transactions;
  • Information about your browsing behaviour on our website and mobile application from the devices that you use to access our services (computers, mobile phones by way of cookies and other network monitoring software);
  • Information about the times when you click on one of our ads, including those published on the websites of other companies;
  • Information about how you access our digital services, including the operating system, IP address and browser details.


When you communicate by telephone with us,

Incoming and outgoing calls to and by MisterFly’s customer service may be recorded or listened to for the purposes of quality control, staff training and any requests relating to a reservation (whether before any reservation or during the course of the trip). Any personal data obtained from you during this call will be processed in accordance with the provisions of the privacy policy.


When you contact us using our form, by email or post, or via online chat, for any reason whatsoever, we collect all the personal data that you provide.


Other personal data sources

MisterFly is present on social networks. We notably have our Facebook, Twitter, YouTube, Instagram, etc. web pages whether they are fan pages or dedicated applications. We remind you that access to these social networks requires your acceptance of their contractual conditions comprising provisions relating to personal data regulations for the processing of data carried out by them. To know more about the protection of your personal data whilst browsing these social networks, we ask you to consult their own privacy policies.


Data relating to minors below the age of 18

Any person purchasing a trip, stay or any other service on the MisterFly website must be at least 18 years of age and be legally able to enter into a contract/agreement. Reservations for minors must be made by the legal representative or by any adult person with the authority to do so. The personal data of minors is imperative for carrying out the trip.


Use of your personal data

Your personal data will be collected for the processing of your reservation and in accordance with the legal framework. We use your personal data:


To make your reservation

We process your personal data in order to manage your reservation, find the products and services that you wish to reserve or such as you have reserved and assist you as part of any reservation, complaint or reimbursement that you may request. This includes the management of non-payments, disputes and anti-fraud provisions.


To offer you assistance in exercising your rights in accordance with European Regulation n°261/2004

We send the personal data related to your reservation to our partner who will provide its assistance with respect to compensation in case of flight delay and cancellation.


To improve our products, tailor your customer experience and why cookies and IP addresses are used

We use personal data to manage and improve our products, website, mobile application and other services. We monitor the way in which our services are used in order to help us to protect your personal data, detect and prevent fraud or other crimes and the misuse of our services. We do this to ensure that you are able to use our services securely. We may use personal data to react to security operations, accidents or other similar incidents and manage them, including for medical and insurance purposes. We use some data anonymously for internal market study and research and development purposes, and to deploy and improve our product range, services, computer systems, security, know-how and the way in which we communicate with you.

To make your customer experience simpler and more secure, and create interaction between you and us, we use cookies and your IP address which are features that allow for the remote customisation of our service (unless you have indicated in your browsing settings that you prefer that we refrain from doing so). Have you heard of cookies? Unfortunately, these are not chocolate chip cookies. Cookies are connection markers that help us to store some data in order to facilitate browsing and enable certain features (notably for remembering the travellers’ shopping basket and personal information). These cookies are essential, particularly for improving your user experience. We merge the cookies, IP address, your searches, reservations and browsing behaviour, in order to offer the most appropriate tailored experience. For more information, please refer to the article on the Cookies Policy below.


To contact you and interact with you

We are always mindful of providing you with the best possible service as a customer. Thus, if you contact us, for example by email, regular mail, telephone or through social networks, we may use your personal data for any clarification or assistance that you request.

We have to process your personal data in order to manage promotions or competitions in which you have chosen to take part, including the promotions or competitions organised with our providers and distribution partners. For example: if you win a prize, we may ask you to take part in surveys, questionnaires and other customer research carried out by our group and other companies on our behalf. In order to better serve you as a customer and provide you with marketing services and communications (including online ads corresponding to your areas of interest), we may merge the personal data that we collect during your purchases from our website, mobile applications and other sources.


To measure and analyse the traffic

We use products that analyse the traffic on our website and mobile application in order to understand our visitors’ expectations and continually improve our website and mobile application. We collect only global and anonymous statistics. We guarantee that we will not establish any correlation between a specific visit and a particular IP address.


We do not sell your personal data to third parties.


Marketing communications

We send you relevant offers and news concerning our products and services in various ways, notably by e-mail. We may also send you information about the products and services of other companies that we deem may be of interest to you. When you book via our website and mobile application, you receive our marketing communications. You may unsubscribe at any time using the dedicated link that appears on our marketing emails.


Non-communication of personal information

When we are legally or contractually required to collect personal information about you and you do not communicate this data to us when we ask you for it, we will be obliged to cancel the reservation that you have made.


Our role as a travel agency is to find the best providers (airline, hotel, car hire, etc.) in order to offer you the most suitable travel services. To meet this promise, we have to share your personal data with the following third parties:


Service providers

We work with service providers to provide the travel and insurance services offered on the website. For example, these providers deal with transport services (e.g. airlines), accommodation services, on-site activity providers, travel insurance, incremental payment, etc. Service providers often act as separate data controllers in relation to the data that we send to them, and they apply their own technical and organisational measures, as well as appropriate policies in terms of data protection. You may enter the identity and details of these recipients during the reservation of travel services on the website. We ask you to consult the privacy policies of the service providers who are responsible for processing data with respect to their service (e.g. the airline is responsible for processing data and applies its own privacy policy).


We also work with providers who perform certain functions on our behalf. These providers act as subcontractors and process data under our authority. For example, these providers deal with IT services, data storage and compilation, marketing, payment processing and product and service delivery.


We may also be required to share personal data in order to establish, exercise or defend our legal rights; this includes the transmission of personal data to third parties in order to prevent fraud and reduce credit risk.


Some service providers may not use your personal data for any purpose other than the specific service in question. In addition, we will only send them the elements of your personal data that they actually need for carrying out the service reserved.



In order to enable you to travel, the disclosure and processing of your personal data may be mandatory (in accordance with the governmental requirements at the point(s) of departure, transit and/or arrival) for the purposes of immigration, border control, security and anti-terrorism or for any other purposes deemed appropriate by the authorities.

Some countries will only authorise the trip if they are provided with prior passenger information (for example Caricom API Data and US Secure Flight Data). These requirements may vary according to your destination. We advise you to check them.

In case of illegal activities or suspicion of illegal activities, for investigation or search warrant purposes, your personal data may be sent, upon request, to the judicial or supervisory authorities: police, gendarmerie, judge and public prosecutor, Departmental Directorate for the Protection of Populations [DDPP] (e.g. Directorate-General for Competition, Consumer Affairs and Prevention of Fraud [DGCCRF]), tax or social services, etc.

We may share strictly necessary personal data with other public bodies if required by law or if we are legally authorised to do so.


Protection of your personal data                 

We understand the importance of the protection and management of your personal data. We use a range of intelligent security measures (physical, electronic and administrative) to protect the information that we collect about you against any accidental loss and any unauthorised access, use, alteration and disclosure.


Data transfer outside the European Economic Area (EEA)

The personal data that we collect from you may be transferred and stored at a location within the EEA or by companies located outside the EEA. In case of subcontracting outside the EEA, we ensure that security is respected. In the context of a service (airline, hotel or on-site activity), each company is responsible for its collection and processing.


Data storage

When you use our services, in accordance with the storage limitation principle of personal data, MisterFly securely stores personal data, but we will never keep it longer than is necessary whilst complying with legal and regulatory requirements. In some cases, we will be able to make your personal data anonymous (so that it cannot be associated with you) for statistical purposes.


Links to other websites

Our website or mobile application may contain links to other websites operated by other companies who have their own privacy policies. You should read these privacy policies carefully before communicating your personal data to the website of another company, as we disclaim any liability concerning the websites of other companies.


Transfer of personal data within the MisterFly group

The MisterFly group consists of the enterprises controlled by MisterFly SAS directly or indirectly, within the meaning of Article L. 233-3 et seq. of the French Commercial Code. We may share when it’s necessary your personal data with the enterprises within the MisterFly group, for purposes, for example, of providing you with the products and services that you booked, managing and improving our products, services and daily operations, helping personalize your experience, getting into contact and communicating with you if necessary and, with your permission and if necessary, for marketing or market research purposes.


Your rights

If you wish to exercise your individual rights to your personal data, you have the right to:  


  • Request access to your data: this allows you to receive a copy of your personal data that we have and to check that we are processing it lawfully.
  • Request the correction of data: this allows you to request us to correct, remove or delete personal data, when we have no real reason to continue processing it. You also have the right to request us to remove or delete your personal data when you have successfully exercised your right of objection, if we have processed your personal data illegally or if we are obliged to remove your personal data in order to comply with applicable local law. Please note, however, that we will not always be able to grant your request for removal due to specific legal reasons of which we will inform you, if and where appropriate, when you file your request.
  • Object to the processing of your personal data when we rely on a legitimate interest (or that of a third party) and if a fact exists in relation to the particular situation which is compelling you to object to the processing according to this basis insofar as you deem that it has an impact on your freedoms and fundamental rights. You also have the right to object when we process your personal data for direct marketing purposes. In some cases, we will be able to demonstrate that we have overriding legitimate grounds for processing your data which outweigh your rights and freedoms.
  • Request the restricted processing of your personal data: this allows you to request us to suspend the processing of your personal data in the following cases: (a) if you want us to accurately establish data; (b) when we use data illegally, but when you do not want us to remove it; (c) when you want us to store data even though we would no longer need it insofar as you need it to establish, exercise or defend your rights in legal proceedings; or (d) you have objected to us using your data, but we need to check if we have compelling legitimate grounds concerning its use.
  • Request the portability of your personal data to you or to a third party. We will provide you or a third party of your choice with your personal data in a structured format, commonly used and readable by machine. Please note that this right only applies to automated information which you have agreed that we may use or when we have used data to execute a contract concluded with you.
  • Instruct us about what to do with your data after your death: you have the right to give us directions about what to do with your data after your death.
  • Withdraw your consent at any time when we rely on your consent for processing your personal data. This will, however, not affect the legality of any processing carried out before the withdrawal of your consent. If you withdraw your consent, we will no longer be able to provide you with certain services.


For any request involving an intervention on your personal data or for any complaint regarding our policy, we ask that you contact our data protection officer (identified by the abbreviation “DPO”) by email at [email protected] We advise you to attach a copy of your identity document to your request so that we are able to confirm your identity. We will endeavour to reply to all legitimate requests within one month. Occasionally, it may take us longer than one month if your request is particularly complex or if you have submitted numerous requests. In this case, we will inform you and will keep you informed. If you are not satisfied with our replies, you may file a complaint with the local data protection authorities:


No fees usually required

You will not be required to pay fees to access your personal data (or exercise any one of your other rights). However, we may impose reasonable fees if your request is clearly unfounded, repetitive or excessive.


Changes to our privacy policy

This policy replaces all previous versions. Please consult it regularly on our website for any updates.


Cookies Policy

When viewing our website, cookies are placed on your computer, mobile or tablet. Our site is designed to be particularly attentive to the requirements and expectations of our customers. This is, among other things, why we use cookies to, for example, save your preferences on the site, remember a trip or journey that you have viewed and personalise the offers that we propose to you. This page allows you to better understand how cookies work and how to use the current tools to configure them.


What is a "cookie"?

A cookie is a small text file placed on your computer, mobile or tablet when visiting a site or viewing an advertisement. Their main purpose is to collect information relating to your browsing on the sites and to send you personalised services. Cookies are managed by your internet browser.


Who places the cookies?


  • Internal cookies are issued by Idiliz: these are cookies placed by Idiliz on your computer for the purposes of browsing our website, the optimisation and personalisation of our services on the site.


  • Third-party cookies are issued by third-party companies: these are cookies placed by third-party companies (for example, advertising agencies/companies or partners) to identify your interests through products viewed or purchased on our site and personalise the advertising offer that is addressed to you on our site or outside of our site. They may be placed when browsing our site or when you click in the advertising spaces of our site. We have no control over cookies placed by advertising agencies/companies which are acting on their own behalf. Within the context of advertising partnerships, we may be required to send to partners, who are acting on our behalf, data concerning your purchases and the products viewed on our site.


Different types of cookies

Different types of cookies are used on our site. They have different purposes. Some are necessary for your use of our site.


  • Functional cookies: these are cookies that are necessary for the functioning of our site. They allow you to use the main features of our site (for example: use of the shopping basket or access to your account). Without these cookies you will not be able to use our site normally. These are cookies placed by Idiliz which concern only the functioning of our site.


  • Analytical cookies: these are cookies which allow us to determine the use and performance of our site and to improve the functioning of it (for example, the most often viewed pages or searches by internet users in the search engine). If you are subscribed to our newsletter, these cookies may also be used to evaluate the performance of our emails, with the aim of sending you more personalised offers. You may unsubscribe at any time by using the links at the bottom of our emails.


  • Advertising cookies: these are cookies that are used to deliver advertisements to you or send you information tailored to your interests on our site or outside of our site when you are browsing the internet. They are notably used to limit the number of times you see an advertisement and help to measure the effectiveness of an advertising campaign. Rejection of these advertising cookies has no impact on the use of our site. However, rejecting advertising cookies will not stop advertising on our site or on the internet and will only result in an advertisement that does not reflect your interests or preferences being displayed. These cookies are mainly third-party cookies. These cookies mainly depend on the advertising agencies/companies. We cannot list them exhaustively.


  • Social network tracking cookies generated by "sharing buttons": our site contains sharing links to social networks which allow you to share content from our site with other people. When you use these sharing buttons, a third-party cookie is installed. If you are logged on to the social network when browsing our website, the sharing buttons allow you to link the viewed content to your user account. Social network sharing buttons use cookies to monitor and track the browsing of their internet users. For more information, please refer to the privacy policy of the social network(s) that you use.


Accepting or rejecting cookies, your cookie choices

You may choose at any time to restrict, block, delete or disable the use of cookies by modifying the configuration of your browser. Your browser may also be configured to notify you of cookies that are placed on your computer and ask you to accept them or not. You may accept or reject cookies on a case-by-case basis or reject them systematically once and for all. You may perform these operations at any time.


We remind you that by rejecting certain cookies, you may have difficulty browsing our website and would be unable to benefit from our full range of services.


If your browser is configured so that it rejects all cookies, you will not be able to make purchases or enjoy our site's essential features such as, for example, storing items in your basket or receiving personalised recommendations. In order to manage the cookies more closely in line with your requirements, please take into account the purpose of the cookies when configuring your browser, as mentioned above.



Last update: August 2019