Legal

Privacy Policy

Last updated: March 2026

Above Cappadocia ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or book a balloon flight with us.

1. Information We Collect

Personal Information

When you make a booking or inquiry through our website, we may collect the following personal information:

  • Full name
  • Email address
  • Phone number (including WhatsApp)
  • Hotel name and accommodation details
  • Number of passengers and their details
  • Special requests or health-related information relevant to flight safety
  • Payment information (processed securely by our payment providers)

Automatically Collected Information

When you visit our website, we automatically collect certain information through cookies and similar technologies, including:

  • IP address and approximate location
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent on each page
  • Referral source and search terms

2. How We Use Your Information

We use the information we collect to:

  • Process and confirm your balloon flight bookings
  • Communicate with you about your reservation, including pickup details and weather updates
  • Send booking confirmations and flight reminders via email or WhatsApp
  • Improve our website, services, and customer experience
  • Respond to your inquiries and support requests
  • Comply with legal obligations and ensure flight safety
  • Send promotional offers and newsletters (only with your explicit consent)

3. Third-Party Services

We work with trusted third-party service providers to operate our website and deliver our services. These include:

  • Supabase — Database hosting and authentication services. Your booking data is stored securely on Supabase infrastructure.
  • Cloudflare — Website performance, security, and content delivery. Cloudflare may process your IP address and browsing data to protect against threats.
  • WhatsApp (Meta) — We may communicate with you via WhatsApp for booking confirmations and customer support. WhatsApp's own privacy policy applies to messages sent through their platform.

We do not sell, trade, or rent your personal information to third parties for marketing purposes.

4. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device that help us understand how you interact with our site. We use:

  • Essential cookies — Required for the website to function properly
  • Analytics cookies — Help us understand visitor behavior and improve our services
  • Preference cookies — Remember your settings and language preferences

You can control cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, including:

  • Booking and transaction records: up to 7 years (as required by Turkish tax law)
  • Customer communication records: up to 2 years after your last interaction
  • Website analytics data: up to 26 months
  • Marketing consent records: until you withdraw your consent

6. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). You have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Rectification — Request correction of inaccurate or incomplete data
  • Erasure — Request deletion of your personal data ("right to be forgotten")
  • Restriction — Request that we limit the processing of your data
  • Data portability — Request your data in a structured, machine-readable format
  • Objection — Object to processing of your data for certain purposes
  • Withdraw consent — Withdraw your consent at any time where we rely on consent to process your data

To exercise any of these rights, please contact us using the details below. We will respond to your request within 30 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit (SSL/TLS), secure database hosting, and restricted access to personal information.

8. Children's Privacy

Our services are not directed to children under 6 years of age, and we do not knowingly collect personal information from children under 6. Bookings for minors must be made by a parent or legal guardian.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

Above Cappadocia

Email: [email protected]

Location: Goreme, Cappadocia, Turkey