Privacy Policy
i-Handler BHS (Baggage Handling System) · Last updated: 2026-06-20
Who we are
i-Handler BHS is a baggage-handling application for ground-handling companies, used to scan, track, reconcile and report baggage in compliance with IATA Resolution 753. The service is operated by i-Handler.
Data we collect
- Account data: email, password (stored encrypted by Firebase Authentication), name, ID number, employee number, job title, phone, profile photo and signature you provide.
- Company data: company name, address, contact details, logo and station.
- Operational data: baggage records (license plate, weight, color, type, destination), tracking events, cart/bin assignments and the operator who performed each scan.
- Device data: push-notification tokens and your selected language.
- Billing data: flight-credit purchases. Payments are processed by PayPal; we do not store card numbers.
How we use it
To provide the baggage-tracking service, generate operational reports (BCR), share required baggage data with airlines (IATA Baggage XML), manage your account and access, process prepaid billing, send operational notifications, and communicate service or product updates.
Data retention
Operational baggage data (bags, operations and tracking events) is automatically deleted 30 days after creation. Billing aggregates are kept for legal and accounting purposes. Inactive accounts are notified and then deleted after a prolonged period of inactivity (warnings at 30, 15 and 7 days before deletion; deletion at 60 days of inactivity).
Deleting your account
You can permanently delete your account and personal data at any time from within the app: open Profile → Danger zone → Delete my account. If you own a company, deleting your account also deletes the entire company (flights, baggage, employees and billing). This action cannot be undone.
Service providers
We use Google Firebase (Authentication, Firestore, Cloud Functions, Cloud Messaging) for hosting and infrastructure, Vercel for application delivery, and PayPal for payments. These providers process data on our behalf under their own terms.
Security
Access is restricted by per-company membership and role. Data is transmitted over HTTPS and protected by server-side security rules. Tracking events are immutable for audit integrity.
Children
The service is intended for professional use and is not directed to children under 16.
Contact
For privacy requests or questions, contact us at rtbops@gmail.com.