Privacy Policy

Last updated: May 2026

This Privacy Policy explains how Dream It ("we", "our", "us") handles information in connection with the Safar platform ("Platform"). We believe privacy is a right, not a feature — so we have kept this policy short, honest, and clear.

1. What We Do NOT Collect

We want to be explicit about this: Safar does not collect, analyse, sell, or share your business data. We do not read your customer files, payment records, agreements, ticket records, or any other operational data you enter into the Platform.

Your data is your data. Full stop. It belongs to your company and your company alone. We have no interest in your clients' information and do not use it for any purpose whatsoever — not for advertising, not for analytics, not for any commercial gain.

2. Data You Enter Into the Platform

All operational records you create — customer files, passport scans, payment entries, invoices, air tickets, refunds, agreements, staff records, and any other data — are stored securely in your company's isolated account. Access is restricted to authorised team members you invite and manage yourself through the Team & Permissions module.

This data is owned entirely by your company. You may export, download, or delete it at any time. Upon account termination, data can be exported before closure.

3. Account & Technical Data

To operate your account, we store the following minimum technical information:

• Your name, email address, and mobile number (provided at registration)
• Your company name, selected plan, and subscription status
• Login timestamps and session tokens (for security)
• Activity log entries triggered by your team's actions within the Platform

This information is used solely to operate the Platform, authenticate users, send necessary system emails (e.g. password resets), and provide customer support when requested.

4. Cookies & Sessions

We use cookies and local browser storage for:

• Keeping you logged in securely (authentication session)
• Remembering your preferences (e.g. dark/light mode, sidebar state, dashboard mode)
• No advertising cookies. No cross-site tracking.

5. Infrastructure & Third-Party Services

The Platform is built on the following infrastructure providers who process technical data to operate the service:

• Supabase — secure database and file storage (your data is encrypted at rest)
• Vercel — platform hosting and global CDN
• DeepSeek AI — processes PNR text and document content temporarily for AI parsing features only; no data is retained by the AI provider

None of these providers are permitted to use your data for any purpose other than delivering the service. We do not use any advertising or social media SDKs.

6. Data Security

We implement industry-standard security practices:

• All data is encrypted in transit (HTTPS/TLS) and at rest
• Row-level security ensures each company can only access its own data
• Role-based permissions control what each team member can view or edit
• Authentication is handled by Supabase Auth with secure session management

Despite these measures, no system is 100% immune to risk. We strongly recommend downloading regular backups from your Profile > Settings page.

7. Your Rights

You have the right to:

• Export all your data at any time from the Platform
• Request deletion of your account and associated data
• Update or correct your account information via Settings
• Contact us with any data-related concern

8. Children's Privacy

The Platform is intended for business use only and is not directed at individuals under 18. We do not knowingly collect information from minors.

9. Changes to This Policy

We may update this Privacy Policy as the Platform evolves. We will notify active users of material changes via email or in-app notice. Continued use after changes are posted constitutes acceptance.

10. Contact

Privacy questions or data requests: safar@mydreamit.dev or WhatsApp +880 1728-392449.