Loading...
Loading
Loading...
Last updated: February 21, 2026
This Privacy Policy ("Policy") governs the collection, use, storage, disclosure, and processing of all information, including personal data and non-personal data, that Al Safir Airways ("Company," "we," "us," or "our")—a virtual airline operating on the Roblox platform—collects from or about users ("User," "you," or "your") through our website, services, applications, communications, and any affiliated platforms. By accessing or using any part of our services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with any provision hereof, you must discontinue use of our services immediately. This Policy is intended to comply with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant jurisdictions.
From a user perspective, this Policy explains what data we collect, why we collect it, how long we keep it, and what rights you have. We encourage you to read it in full. On our side, we are committed to handling your information responsibly, securing it appropriately, and respecting your choices. We do not sell your personal information for monetary consideration. We use data to operate and improve our virtual airline, support our community, and comply with legal obligations.
The purpose of this Privacy Policy is to provide you with a clear, comprehensive, and transparent explanation of how we collect, process, store, and protect your information when you interact with Al Safir Airways and our virtual airline ecosystem on Roblox. We are committed to safeguarding your privacy and ensuring that your personal information is handled responsibly and in accordance with applicable legal standards. We update this Policy from time to time to reflect changes in our practices or the law; the "Last updated" date indicates when the Policy was last revised.
This Policy applies to all users of Al Safir Airways services, including but not limited to pilots, passengers, administrators, moderators, visitors to our website, and any individual who provides information to us through any channel. This Policy applies regardless of your geographic location, age, or the device you use to access our services. It does not apply to third-party sites or services (including Roblox) that you may access through links from our Services; those have their own privacy policies.
For the purposes of this Policy, the following definitions shall apply:
These definitions are intended to align with standard data protection terminology; where the law in your jurisdiction defines terms differently, the legal definition in your jurisdiction will apply to the extent of our processing there.
We collect information that you voluntarily provide when you register for our services, create an account, apply to become a pilot, participate in forums or communications, submit feedback, or otherwise interact with us. This may include: Roblox username and Roblox user ID; email address; date of birth (if required for age verification); preferred communication preferences; any information you submit in applications, forms, or surveys; and communications you send to us, including support requests and correspondence. As a user, you control what you share in these contexts; we use this information to provide the Services, verify identity, process applications, and communicate with you. On our side, we collect only what is necessary for these purposes and do not require you to provide more than is needed for the feature you are using.
When you access our services, we may automatically collect certain information, including: IP address and approximate geographic location; device type, operating system, and browser type; pages visited, time spent, and navigation patterns; referring URL and exit pages; language preferences; and date and time of access. This helps us operate and secure our services, understand usage, and improve the user experience. We may use cookies and similar technologies for this purpose as described in Section 7. You can control certain collection through browser settings and cookie preferences.
We may receive information about you from third parties, including Roblox Corporation (to the extent permitted by Roblox's terms and policies), social media platforms (if you connect accounts), and service providers who assist us in operating our services. For example, when you sign in with Roblox or link a Discord account, we may receive identifiers necessary to associate your activity with your account. We use such information consistently with this Policy and the permissions you grant to those third parties. We do not buy or rent lists of personal data from data brokers for marketing purposes.
We use the information we collect for the following purposes: to provide, maintain, and improve our virtual airline services; to create and manage your account and membership; to verify your identity and eligibility to use our services; to process applications for pilot or staff positions; to communicate with you about services, updates, and promotions; to respond to your inquiries and provide customer support; to enforce our Terms of Service and prevent fraud or abuse; to analyze usage patterns and improve user experience; to comply with legal obligations and protect our rights; and to send you administrative notices and important updates.
From a user perspective, we use your data to give you a personalized experience—for example, to show your flight history, manage your miles, or display your rank. We may send you service-related emails (e.g., password reset, booking confirmation); you can opt out of marketing communications at any time. On our side, we do not use your personal data for purposes incompatible with those described here without notifying you and, where required by law, obtaining your consent. We may use aggregated or anonymized data for analytics and product development without restriction.
For users in the European Economic Area (EEA), United Kingdom, or other GDPR-applicable jurisdictions, we process your personal data based on: Consent (where you have given clear consent for a specific purpose); Contract Performance (where processing is necessary for a contract with you); Legitimate Interests (e.g., improving services, security, fraud prevention); and Legal Obligation (where processing is necessary for compliance with law).
Where we rely on consent, you may withdraw it at any time; withdrawal does not affect the lawfulness of processing before withdrawal. Where we rely on legitimate interests, we have balanced our interests against your rights and will consider your objections. You have the right to object to processing based on legitimate interests and to lodge a complaint with a supervisory authority. We will explain the specific basis for processing when we collect data where the law requires it, and we will honor your rights as set out in Section 10.
We may share information with: Roblox Corporation in accordance with their privacy policy and our integration needs; Service Providers (hosting, analytics, email, support) who are contractually obligated to protect your information and use it only for the services they provide to us; Analytics and Advertising partners (where we use such services, we aim to use configurations that minimize identification and respect Do Not Track where feasible); Legal and Safety when required by law or to protect rights and safety (e.g., in response to lawful requests, to prevent fraud, or to protect users); and in the event of a Business Transfer (merger, acquisition, sale of assets), in which case your data may be transferred subject to the same protections as in this Policy.
We do not sell your personal information for monetary consideration. In jurisdictions that define "sale" or "share" broadly (e.g., CCPA), we may "share" identifiers for advertising or analytics; you may have the right to opt out of such sharing as described in Section 10. We require our Service Providers to keep your data confidential and to process it only on our instructions. We do not allow them to use your data for their own purposes except with your consent or as required by law.
We use essential cookies (necessary for the website to function, e.g., authentication and security); functional cookies (to remember your preferences and enhance functionality); analytics cookies (to understand visitor behavior and improve our site); and, where applicable, advertising cookies. You may control or delete cookies through your browser settings. Disabling certain cookies may affect functionality—for example, you may need to log in again or some features may not work as intended.
We may also use local storage, session storage, and similar technologies for the same purposes. Our cookie banner or preference center, where provided, allows you to manage non-essential cookies. We respect signals such as Do Not Track where technically and legally feasible. For more detail on the cookies we use and their duration, contact us or check our cookie policy if we publish a separate one.
We retain personal data only for as long as necessary to fulfill the purposes described in this Policy or as required by law. Indicative retention periods: Account information: for the duration of your account plus a period thereafter (typically 3–7 years) for legal, tax, or regulatory purposes; Communications and support tickets: up to 7 years for dispute resolution and quality assurance; Application data (e.g., pilot applications): for the duration of the process and a reasonable period after; Analytics and logs: may be retained in aggregated or anonymized form indefinitely; raw logs may be retained for a limited period for security and troubleshooting.
After the retention period, we securely delete or anonymize your data so it no longer identifies you. You may request earlier deletion of your personal data subject to our legal obligations and the Your Rights section below. On our side, we implement retention schedules to minimize the data we hold and to comply with applicable laws.
We implement technical and organizational measures to protect your personal data, including encryption in transit and at rest where appropriate, access controls and authentication, secure hosting environments, and regular review of our practices. However, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security. We will notify you and relevant authorities of a breach affecting your personal data where required by law.
As a user, you can help by keeping your credentials secure and reporting any suspected unauthorized access. On our side, we limit access to personal data to personnel and contractors who need it for the purposes described in this Policy, and we require them to protect it by contract and training.
Depending on your jurisdiction, you may have the right to: Access your personal data and receive a copy; Rectification of inaccurate data; Erasure ("right to be forgotten") in certain circumstances; Restriction of processing in certain circumstances; Data portability (receive your data in a structured, machine-readable format); Object to processing based on legitimate interests or for direct marketing; Withdraw consent where processing is based on consent; and Lodge a complaint with a supervisory authority. California residents may have additional CCPA rights (e.g., to know, delete, correct, and opt out of sale/sharing). To exercise these rights, contact us via the Contact section. We will respond within the timeframe required by law (e.g., generally 30 days under GDPR, 45 days under CCPA, with possible extensions where permitted). We may need to verify your identity before processing a request.
We will not discriminate against you for exercising your privacy rights. If you are in the EEA/UK, you may also have the right to restrict or object to certain processing and to data portability. We provide these rights in accordance with applicable law. If you are not satisfied with our response, you may lodge a complaint with your local data protection authority.
Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States, where our service providers or we operate. Those countries may have different data protection laws. When we transfer personal data from the EEA, UK, or other jurisdictions with restrictions on international transfers, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or UK equivalents, or other mechanisms permitted by law. You may request a copy of the safeguards we use by contacting us.
From our side, we ensure that any such transfers comply with applicable law and that your data remains protected in line with this Policy and our contractual commitments.
We do not knowingly collect personal data from children under 13 without verifiable parental consent, except as permitted by law (e.g., where the service is directed to children and we have compliant consent mechanisms). If you are under 13, please do not provide us with personal data without your parent or guardian's consent. If we learn that we have collected personal data from a child under 13 without proper consent, we will take steps to delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will address the situation. For users between 13 and 18, we encourage parental involvement in their online activity.
We may modify this Policy at any time. Material changes will be posted on this page with an updated "Last Updated" date. We may also notify you by email or through the Services where feasible and where required by law. Your continued use of the Services after the effective date of changes constitutes acceptance of the updated Policy, except where your consent is required and we seek it separately. If you do not agree, you must discontinue use and may request deletion of your account and data as set out in the Your Rights section. We encourage you to review this Policy periodically.
To the fullest extent permitted by law, this Policy is provided "as is" without warranty. Al Safir Airways and its affiliates shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from this Policy or the collection, use, or disclosure of your information. Our total liability under or in connection with this Policy shall not exceed the greater of amounts paid by you in the preceding 12 months or $100 USD. Some jurisdictions do not allow limitation of liability; in such cases our liability will be limited to the maximum extent permitted by law. This section does not affect your statutory rights where applicable.
This Policy is part of our agreement with you and should be read together with our Terms of Service. If any provision of this Policy is held invalid or unenforceable, the remaining provisions will remain in effect. Our failure to enforce any right does not waive that right. We may assign our rights and obligations under this Policy in connection with a merger, sale, or other transfer of our business; we will use reasonable efforts to ensure that your data remains protected under the same or stricter standards. For questions about how we handle your data in a specific context, contact us and we will provide additional information where appropriate.
For questions, concerns, or to exercise your rights: Contact Us. We will respond within a reasonable timeframe and in any event within the periods required by applicable law. For data protection inquiries in the EEA/UK, you may contact our representative or your local supervisory authority. When contacting us, please include enough detail (e.g., account identifier, request type) so we can process your request efficiently.
Al Safir Airways is a virtual airline experience on Roblox and is not affiliated with any real-world airline. All references to "we," "us," and "our" refer to Al Safir Airways as the operator of the Services described in this Policy.