Privacy policy

Last updated April 25, 2026

WillItWiFi is built privacy-first. We don't sell data, we don't track you across the web, and we don't collect more than the bare minimum needed to make the app work.

Website (willitwifi.com)

What we store

• Community ratings you submit: flight number, date, star rating, optional details (free/paid, speed, provider, use cases), optional comment, optional first name, and an auto-detected country code from your IP (used only as country, never the full IP).
• Email alert subscriptions (when you sign up): your email address, the flight number and date you subscribed to, and snapshot timestamps.
• Anti-abuse hashes: a one-way SHA-256 hash of your IP+User-Agent (for one-rating-per-device dedup) and IP alone (for rate limiting). The original IP is never stored.

What we don't store

• Your IP address (only its hash, only for rate-limit windowing).
• Your browsing history, search history, or any cross-site data.
• Tracking cookies. We use no cookies for analytics.
• Personal identifiers beyond your optional first name.

Analytics

We use Vercel Web Analytics, a privacy-respecting solution that records aggregate page-view counts only. It does not use cookies, does not fingerprint visitors, and is fully GDPR/CCPA compliant without requiring a consent banner.

Third-party services

• AeroDataBox (flight data): when you check a specific flight, we send the flight number and date to AeroDataBox to retrieve aircraft type and registration. No personal info is sent.
• Vercel (hosting): logs requests with standard server metadata (URL, status code, timing).
• Neon (database): stores the data described above.
• flagcdn.com (country flag images): your browser fetches small flag PNGs from this CDN to render community rating badges.

Browser extension

Data transmitted

The WillItWiFi browser extension sends only the following to willitwifi.com when you view a flight on Google Flights:

• The flight number visible in the row (e.g. LH400).
• The flight date (from the page URL or today's date).

That's it. No identifiers, no IP correlation across requests, no analytics SDK. The request is cached locally in chrome.storage.local for 30 minutes to reduce repeat lookups.

Permissions explained

• storage — caches flight lookups and remembers your settings preference.
• alarms — a daily alarm prunes stale cache entries.
• https://www.google.com/travel/flights/* + https://flights.google.com/* — required so the content script can detect flight rows and inject the badge overlay.
• https://www.willitwifi.com/* — required for the extension to call our API.

What the extension does NOT do

• Read or modify any page content outside flight rows.
• Read your cookies, localStorage, or saved passwords.
• Track your browsing activity.
• Run on any site outside the listed hosts.
• Use analytics, fingerprinting, or remote-loaded code.
• Send anything to third parties besides willitwifi.com.

Your rights

You can request deletion of any data tied to your email (alert subscriptions) by emailing the address below. We respond within 7 days.

Changes to this policy

Material changes will be reflected in the "Last updated" date at the top. We don't email you about policy updates because we don't have your email unless you subscribed to flight alerts.

Contact

Questions or data-deletion requests: hello@willitwifi.com.