RebrandingRebranding

Privacy Policy

Last updated: June 12, 2026

1. Overview

This Privacy Policy explains how Rebranding by Travix Lab, operated by Travix Lab ("we", "us"), collects, uses, and protects information when you use the Service. By using the Service you agree to this Policy.

2. Information we collect

  • Account data — email address, password (stored as a secure hash by our authentication provider, Supabase), and your display name.
  • Agency profile — agency name, address, hotline and mobile numbers, agency email, website, IATA/CAAB numbers, brand color, and uploaded logo. This information appears on the documents you generate, which is the purpose of the Service.
  • Payment records — plan, amount, currency, gateway, and transaction identifiers. We never see or store your card number; payments are processed entirely by Stripe, PayPal, or SSLCommerz on their own systems.
  • Usage data — counts and timestamps of rebrand operations (flight or hotel), used to enforce plan limits and improve the Service.

3. Uploaded documents — zero retention

PDFs you upload (e-tickets, hotel confirmations) and the passenger/booking details extracted from them are processed in memory only to generate your branded copy. We do not store the uploaded files or the extracted booking content on our servers after processing completes. Generated PDFs are created in your browser and are never uploaded to us.

Automated field extraction is performed by AI inference providers (such as Cloudflare Workers AI) under contractual terms that prohibit using your content to train models.

4. How we use information

  • To provide, operate, and secure the Service;
  • To verify payments and activate subscriptions;
  • To enforce plan limits and prevent abuse or fraud;
  • To respond to support requests;
  • To send essential service emails (account confirmation, password reset, payment receipts). We do not send marketing email without your consent.

5. Sharing

We do not sell your personal information. We share data only with:

  • Supabase — authentication and database hosting;
  • Cloudflare — application hosting, storage of your uploaded agency logo, and AI extraction;
  • Stripe / PayPal / SSLCommerz — payment processing;
  • Authorities, where required by law or to investigate fraud.

6. Security

All traffic is encrypted in transit (TLS). Data at rest is encrypted by our hosting providers. Database access is protected with row-level security so each agency can only access its own records. Access to production systems is restricted to authorized personnel.

7. Data retention and deletion

  • Account and agency profile data are kept while your account is active.
  • Payment records are retained as required for accounting and tax purposes.
  • Uploaded documents are not retained at all (see Section 3).
  • You may request deletion of your account and associated personal data at any time by emailing support@travixlab.com. We will complete deletion within 30 days, except for records we must keep by law.

8. Cookies and local storage

We use only essential cookies and browser local storage to keep you signed in and remember in-app preferences. We do not use third-party advertising or tracking cookies.

9. Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, contact support@travixlab.com.

10. Children

The Service is intended for business use by adults. We do not knowingly collect data from anyone under 18.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected by the "Last updated" date above. Continued use of the Service after changes take effect constitutes acceptance.

12. Contact

Privacy questions or requests: support@travixlab.com or the contact page.