Privacy Policy

Your privacy is important to us. Our Privacy Policy covers the principles of privacy policy valid on our website and regulates the basis and conditions of processing the personal data of our Clients and Passengers. The concepts in this document coincide with the concepts in our General Terms and Conditions.

By using this Booking Engine and / or addressing the Agent (Nautilus Travel) either through this site or by other channels of communication with a request related to travel services, you confirm that you are acquainted with the company's Privacy Policy, agree with it and acknowledge to be bound by it. The Agent reserves the right to change the terms of Privacy Policy at any time and to restrict access to the Booking Engine with or without prior notice. If you do not agree with our Privacy Policy, then please do not enter the Booking Engine and don't use it.

1. Collection and use of personal information
1.1. The Agent is Nautilus Travel AS, commercial registry code 11982242, Narva mnt 5, 10117 Tallinn, Estonia.
1.2. Personal information means any information relating to an identified or identifiable natural person (the Client and/or the Passenger) obtained by the Agent through Booking Engine and/or in course of providing Travel Services, including persons first and last name, identity code, contact data and other required information, identity document, means of payment, transaction information, start and end date and amount of possible payment default and other sensitive information.
1.3. By providing his/her personal information, the Client gives the Agent the right to process this information in accordance with applicable laws and terms and conditions of this Privacy Policy.
1.4. The agent will not in any way disclose the obtained personal information, except in cases when such disclosure is permitted by the client or required by the law.
1.5. By providing the personal information the Client agrees, that this information can be processed among other things for following purposes:
1.5.1. Providing the Client with the travel offers and information from Agents Partners (i.e. Service Providers). Personal data are not forwarded to the Service providers, except in cases when the Client has explicitly expressed his/her interest in the services offered by the Provider;
1.5.2. Providing travel services in accordance with the Client's bookings and travel arrangements ordered by the Client;
1.5.3. To persons who are involved with providing services in the framework of the Contract between the Agent and the Client, such as parties providing travel, accommodation, payment, communication and / or IT services as well as to other Partners, if any;
1.5.4. When booking air tickets to countries that require additional personal information (US for example), the Agent transfers the required data through Booking Engine to the respective authorities of that country
1.5.5. When there is an obligation to do so under applicable laws or by order of the competent authorities (for example investigative bodies or courts);
1.5.6. To legal aid providers and collection agencies for collection of financial claims against the Client and/or for assignment of the right of claim to a new creditor;
1.5.7. Transferring information related to delayed payments to Estonian Credit Register administered by Krediidiinfo and thus to the public, if the Client has delayed payments to Nautilus Travel. Regulations of handling data by AS Krediidiinfo can be found on their website
1.6. The Client has the right to demand the termination of processing his/her personal data and removal of collected information. The Agent and authorized processers of personal information are not liable to comply with such demands, if the Client still holds payment defaults or if removal is non-compliant with applicable laws.
1.7. The Agent collects and processes only the minimum possible amount of information, which is needed for making travel arrangements. Personal information is processed only as long as it is necessary for providing travel services and achieving the goals for which the data is collected.
1.8. As a rule the data is stored digitally in data carrying media and server, which can be accessed by using unique user ID's and passwords.
1.9. If the Client finds that The Agent has violated his/her rights when processing personal information, the Client has a right to demand immediate termination of such violation. If the Agent does not terminate the violation within a reasonable time, the Client has the right to seek legal protection from court of law or from the Data Protection Inspectorate.
1.10. Claims and questions related to personal data processing issues should be sent in written form either to the Agent's postal address Narva mnt 5, 10117 Tallinn or by email fo

2. Privacy of Fly24 Booking Engine
2.1.Nautilus Travel respects your privacy and therefore implements all necessary physical, organizational and technical measures to safeguard all confidential information obtained and collected through the Booking Engine.
2.2. Galileo: the Fly24 Booking Engine is based on Galileo Central Reservation System, which is one of the biggest global travel info and reservation systems. The functioning of Booking Engine is guaranteed by Travelport LTD (300 Galleria Pkwy, Atlanta, GA 30339, USA). For further information please check:
2.3. Log history: All requests made through Booking Engine are saved. Detailed history is used both for error detection and correction and for offering additional services. Consolidated analysis of log history is used for analyzing the functioning of the server and applications as well as for improving the quality of services rendered and for developing new services The log history is not revealed or transferred to Third Parties (except in cases prescribed by law).
2.4. IP address and Cookies: As many other websites the Fly24 Booking Engine saves your IP address and uses cookies for organizing services and for statistical analysis. Cookies are small data files, that allow to store information in Client's browser while browsing the Booking Engine. Cookies allow us for example to recognize the Clients browser used to access our Booking Engine. You may block saving cookies in your browser, but this may cause certain problems when using the Booking Engine.
2.5. Https protocol: during the reservation phases, that require processing Client's or Passenger's personal information, a https connection is used between the browser and the server. This secures, that third parties can't access the communication and traffic between Agent's server and Client's browser.
2.6. E-mail address: Client's e-mail address is used by the Agent primarily to communicate concerning the travel arrangements. Agent will not forward, sell or provide in any other way this e-mail address to Third Parties, that are not involved in process of fulfilling the booking.
2.7. Security of payment made via bank link: if payment is made by transferring money via Bank Link, the Client is automatically directed to the chosen bank website, a secure provider of the payment solutions. Instructions are provided along the way. The data inserted by the Client to payment interface are not available to the Agent or the third parties (except the Client's Bank, were the transaction is authorized) and the whole information is kept in a database of the chosen bank. The Agent will only see, whether the payment was successful or not.
2.8. Security of Credit card payments: if payment is made by Credit card, the Client is automatically directed to NETS Estonia AS (, a secure provider of payment solutions. Instructions are provided along the way. The data inserted by the Client to payment interface are not available to the Agent or the third parties (except the Client's Bank, were the transaction is authorized) and the whole information is kept in a database in a server of NETS Estonia AS. The Agent will only see, whether the payment was successful or not.
2.9. Copyright: the Booking Engine and it's content is protected by Copyright Act. The Agent reserves all rights to the Booking Engine and its content, except for the parts belonging to Third Parties. Any reproduction, copying, dissemination or recording of the Booking Engine content for fully or partly commercial purposes without prior written permission of the Agent is strictly prohibited. It is prohibited to use texts, travelogues (itineraries) and photos for any purpose, that is contrary to the principle of good practice.
2.10. Links: The Agent is not responsible for any third party websites to which the Booking Engine contains a link. Each respective website has its own privacy policy of collecting and processing data and it is the sole responsibility of the Client to get familiarized with these. The Agent can not be held responsible for the availability of external websites to which the Booking Engine contains a link, as well as for the accuracy of prices, products, advertisements or other information presented on external sites,
2.11. Disclaimer of liability: Using the booking system is the sole responsibility of the User. Agent can not be held responsible for the damage caused by using the booking system, its applications or links in the booking system. The Agent is not responsible if personal information is obtained by the third parties through criminal actions and/or any act or omission of the Client and will not be liable if such data are used without permission.
2.12. Questions and proposals concerning privacy policy of Fly24 Booking Engin can be sent to the e-mail address

3. State Borders Act of the Republic of Estonia
3.1. Upon booking and purchasing an airline ticket, the air carrier shall communicate to the Police and Border Guard Board passengers’ booking information in accordance with the State Borders Act for the purpose of processing, discovering and preventing acts of terrorism and other serious criminal offences. Passengers’ booking information shall be preserved for five (5) years and personalized data for two (2) years as of the receipt of the data. With respect to the communication of booking information, passengers have all of the rights arising from the Personal Data Protection Act.