1. Who We Are

Mylz is a UK-based travel technology company providing users with the ability to search, personalize, and book travel services such as flights, ground transport, accommodations, and experiences through AI-powered tools and integrations with third-party providers.

2. What Data We Collect

We collect different types of data depending on your interaction with the Platform:

• If you use the Platform anonymously, we do not collect personal data beyond what is required for functionality (e.g., essential cookies).
• If you create an account, we may collect your name, email, preferred languages, travel preferences, passport details, payment card details, and chat history.
• If you register using a social login (Google, Facebook, or Apple), we may also collect your associated profile information (e.g., profile photo, name, verified email).
• We do not collect or process sensitive data (such as health, biometric, or religious information).

We use your data to:

• Provide and personalize your travel search and booking experience
• Improve the quality and responsiveness of our AI and user flows
• Analyze usage trends and optimize performance
• Fulfill bookings and customer support requests

Conversation history is stored for account-based users to deliver more personalized responses and streamline the booking process. Anonymous users’ interactions are not stored beyond the session.

3. AI and Automated Processing

We use large language models (LLMs) to power conversational interactions and personalize travel recommendations. For account-based users, your conversations may be analyzed by automated systems to detect booking issues, improve UX, or evaluate AI performance.

No automated decisions are made that would have legal or similarly significant effects on users. Mylz does not involve human review of individual conversations, although aggregate patterns may be used to guide platform improvements.

4. Cookies and Analytics

Mylz uses only essential cookies required for platform operation unless you create an account or opt into analytics. We may use third-party analytics services such as Google Analytics and Tableau to understand site usage. These tools may collect anonymized technical data (e.g., browser type, pages visited).

We may also use social media tools for login and engagement (e.g., Google, Facebook, Apple).

5. Data Sharing and Third Parties

We do not sell your personal data. We may share limited, aggregated, and anonymized data with trusted travel partners for analytics and performance insights. Personal user data is not shared with travel partners unless necessary to complete a booking.

We use third-party services to support platform functionality including:

• Payment processors
• Social sign-in services (Google, Facebook, Apple)
• Analytics platforms (e.g., Google Analytics, Tableau)

These providers process data under contract and only for the purposes we instruct. Payment card information is processed securely by a regulated third-party payment processor (e.g., Stripe) and is never stored directly on Mylz systems.

6. Data Retention and Deletion

For account-based users, we retain conversation history and personal data (including passport and payment card details) for up to 12 months unless otherwise requested.

You may request the deletion of your account or data at any time by contacting us at privacy@gomylz.com.

Anonymous usage data is not stored.

7. User Rights

You have the right to:

• Access the data we hold about you
• Request correction or deletion of your personal data
• Object to or restrict certain types of processing
• File a complaint with a data protection authority

To exercise your rights, contact: privacy@gomylz.com

8. Data Storage and International Transfers

Data may be processed and stored in the United Kingdom, the European Economic Area (EEA), or the United States, depending on infrastructure location.

We ensure appropriate safeguards are in place for all data transfers outside the UK or EEA in compliance with GDPR and other applicable laws.

9. Children’s Privacy

The Platform is not intended for users under the age of 18. We do not knowingly collect or process data from children under 18.

Our Terms & Conditions require all users to confirm they are 18 years or older. If we discover such data has been collected, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes and post the updated version on gomylz.com with a new effective date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: privacy@gomylz.com