Privacy Policy

Effective Date: [DATE]

This Privacy Policy explains how [COMPANY LEGAL NAME] (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you use our website, apps, and services (the “Platform”).

Business model note: The Platform is a marketplace for tours/activities offered by independent third-party suppliers (“Suppliers”). We help you discover and book experiences with Suppliers.

1) Information we collect

A) Information you provide to us

Account & booking details may include:

  • Name, email, phone number
  • Billing address (including state/region)
  • Trip details you submit (dates, destinations, group size, preferences)
  • Identity/traveler details you provide for bookings (when required): passport number, date of birth, gender, and similar fields

Communications may include messages you send us (support requests, emails, chat) and WhatsApp/SMS content and metadata related to those messages (e.g., delivery status), if you opt in.

Marketing data may include newsletter preferences and marketing opt-ins/opt-outs.

B) Information collected automatically

  • IP address, device and browser identifiers, approximate location, operating system, referral URLs, pages viewed, clicks, timestamps
  • Cookie and similar tracking data (see “Cookies, analytics, and advertising”)

C) Payment information

We use Stripe to process payments. We do not store full card numbers on our servers; payment details are handled by Stripe.

D) Supplier information (if you are a Supplier)

We collect business onboarding details (business name, contact info, licensing/insurance proof, payout onboarding status), listing content, and booking fulfillment data.

2) How we use information

We use information to:

  • Operate the Platform (create accounts, enable browsing, handle support)
  • Process bookings (send confirmations, communicate requirements, coordinate with Suppliers)
  • Facilitate payments and payouts (payment processing, fraud prevention, identity verification, compliance)
  • Send service messages (booking updates, reminders via email/WhatsApp/SMS)
  • Send marketing (newsletter, promotions), where permitted and based on your preferences
  • Analytics & product improvement (understand usage, improve conversion, debugging)
  • Advertising & retargeting (show ads to visitors and measure ad performance)
  • Security & legal (prevent fraud/abuse; comply with legal requests)

3) Legal bases for processing (EU/UK visitors)

If you are in the EU/UK, we rely on these bases (depending on context):

  • Contract necessity (to provide bookings and Platform services you request)
  • Consent (for certain marketing and cookie-based advertising where required)
  • Legitimate interests (platform security, basic analytics, improving services), balanced against your rights
  • Legal obligation (financial recordkeeping, fraud prevention, payment compliance)

4) How we share information

A) With Suppliers (to fulfill your booking)

When you book an experience, we share relevant booking details with the Supplier (e.g., traveler names, contact info, special requirements, and traveler identity details only if needed for the booking).

B) With service providers (processors)

We use vendors to run the Platform, such as:

  • Payment processing: Stripe
  • Analytics/measurement: Google Analytics
  • Advertising/retargeting: Meta Pixel and Google Ads
  • Messaging: WhatsApp and SMS providers

C) For legal, safety, and enforcement

We may disclose information to law enforcement, regulators, courts, or other parties if required by law, to protect rights/safety, or to prevent fraud.

D) Business transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction (subject to appropriate safeguards).

5) Cookies, analytics, and advertising

A) Cookies & similar technologies

We use cookies and similar technologies for:

  • Strictly necessary site functionality
  • Analytics (traffic measurement and performance)
  • Advertising (retargeting, conversion measurement, and ad personalization where enabled)

B) Your cookie choices

  • You can adjust cookie settings via [COOKIE PREFERENCES LINK] (if implemented).
  • You can also manage browser cookie settings.

6) Marketing communications (email, SMS, WhatsApp)

  • Email newsletter: you can unsubscribe at any time via the link in our emails.
  • SMS: you can opt out by replying STOP (or the method described in the message).
  • WhatsApp: you can message STOP (or block the business) to stop messages.

We may still send non-marketing service messages (e.g., booking confirmations).

7) Sensitive information (passport, DOB, gender)

If you provide passport details, DOB, gender, or similar information, we use it only for booking fulfillment, supplier requirements, fraud prevention, and legal compliance where applicable. We limit access to this information and retain it only as long as necessary (see “Data retention”).

8) Data retention

We retain personal information for as long as necessary to provide the Platform and fulfill bookings, maintain business and transaction records, resolve disputes and enforce agreements, and comply with legal obligations. Retention periods vary by data type and purpose.

9) Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. No system is 100% secure, so we cannot guarantee absolute security.

10) Your privacy rights

A) United States state privacy laws

Depending on your state and applicable law, you may have rights such as access, deletion, correction, and opt-out of certain processing (e.g., targeted advertising).

To submit a request: email [PRIVACY EMAIL] with subject “Privacy Request.” We may verify your identity.

B) EU/UK (GDPR rights)

If applicable, you may have rights to access, correct, delete, restrict, object, and data portability.

To submit: email [PRIVACY EMAIL].

11) International transfers

If you access the Platform from outside the United States, your information may be transferred to and processed in the U.S. and other countries where we and our service providers operate.

12) Children

The Platform is not directed to children under 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal information from children without appropriate authorization.

13) Changes to this Privacy Policy

We may update this policy from time to time. We will update the Effective Date and post the revised policy on this page.

Contact:

Email: [PRIVACY EMAIL]

Address: [BUSINESS ADDRESS]