Privacy Policy

Last updated: November 2, 2024

At Toursion, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our platform.

1. Information We Collect

We collect various types of information to provide and improve our services:

1.1. Personal Information

  • Name and Contact Details: Full name, email address, phone number
  • Account Information: Username, password, profile information
  • Payment Information: Billing address, payment method details
  • Government ID: For verification purposes (with consent)

1.2. Travel-Related Information

  • Booking Details: Tour preferences, dates, special requirements
  • Travel History: Past bookings, reviews, and feedback
  • Preferences: Language, currency, notification settings

1.3. Technical Information

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent, click patterns
  • Location Data: Approximate location for local recommendations

1.4. Communication Information

  • Messages: Communications with tour operators and support
  • Support Requests: Customer service inquiries and responses
  • Feedback: Reviews, ratings, and survey responses

2. How We Use Your Information

We use your information for legitimate business purposes as outlined below:

2.1. Service Provision

  • Process bookings and payments
  • Communicate with tour operators
  • Provide customer support
  • Send booking confirmations and updates

2.2. Personalization

  • Recommend relevant tours based on preferences
  • Personalize your user experience
  • Display content in your preferred language
  • Show local tours and experiences

2.3. Safety and Security

  • Verify user identities
  • Prevent fraud and unauthorized activities
  • Ensure platform security
  • Comply with legal requirements

2.4. Marketing and Communications

We only send marketing communications with your consent. You can unsubscribe at any time.

  • Newsletters and promotional offers
  • Platform updates and new features
  • Surveys and feedback requests
  • Re-engagement campaigns

2.5. Analytics and Improvement

  • Analyze usage patterns to improve services
  • Conduct research and development
  • Optimize platform performance
  • Test new features and functionality

3. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

3.1. Types of Cookies

Cookie Type Purpose Duration
Essential Cookies Required for basic functionality Session / 1 Year
Performance Cookies Analytics and performance monitoring 1 Year
Functional Cookies Remember preferences and settings 1 Year
Marketing Cookies Personalized advertising and content 90 Days

3.2. Third-Party Cookies

We use third-party services that may place cookies:

  • Google Analytics: Website analytics and user behavior
  • Facebook Pixel: Social media advertising
  • Payment Processors: Secure payment processing
  • Live Chat: Customer support functionality

3.3. Cookie Management

Your Choices: You can control cookies through your browser settings and our cookie consent banner. However, disabling essential cookies may affect platform functionality.

4. Data Sharing & Third Parties

We may share your information in specific circumstances:

4.1. Tour Operators

  • Booking details and contact information
  • Special requirements and preferences
  • Communication related to booked tours
  • Reviews and feedback (after tour completion)

4.2. Service Providers

We work with trusted third-party service providers:

  • Payment Processors: Stripe, PayPal for payment processing
  • Cloud Services: AWS for data storage and hosting
  • Analytics: Google Analytics for website analytics
  • Email Services: Mailchimp for email communications
  • Support Tools: Zendesk for customer support

4.3. Legal Requirements

We may disclose your information when required by law, court order, or to protect our rights, property, or safety, or that of our users or the public.

4.4. Business Transfers

If we are acquired by or merged with another company, your information may be transferred as part of the transaction. We will notify you of any such change.

5. Data Security Measures

We implement robust security measures to protect your information:

5.1. Technical Security

  • Encryption: SSL/TLS encryption for data transmission
  • Data Encryption: Sensitive data encrypted at rest
  • Access Controls: Role-based access to user data
  • Firewalls: Network security and intrusion detection

5.2. Operational Security

  • Regular Audits: Security assessments and penetration testing
  • Employee Training: Security awareness and best practices
  • Incident Response: Procedures for security incidents
  • Vendor Management: Security requirements for third-party providers

5.3. Payment Security

Payment information is processed through PCI-compliant payment processors. We do not store credit card details on our servers.

6. Your Rights & Choices

You have several rights regarding your personal information:

6.1. Access Rights

  • Request a copy of your personal data
  • Know what information we collect and why
  • Understand how we use and share your data

6.2. Correction Rights

  • Update inaccurate personal information
  • Correct incomplete data
  • Add missing information

6.3. Deletion Rights

  • Request deletion of your personal data
  • Delete your account and associated data
  • Remove content you've posted

6.4. Portability Rights

  • Request your data in a structured format
  • Transfer data to other services
  • Download your information

6.5. Control Rights

Your Controls: Manage privacy settings, control marketing preferences, adjust notification settings, and manage cookie preferences in your account settings.

7. International Data Transfers

Your information may be transferred and processed in countries outside your own:

7.1. Data Transfer Mechanisms

  • Adequacy Decisions: Countries with EU-adequate data protection
  • Standard Contractual Clauses: Legal agreements for data transfers
  • Binding Corporate Rules: Internal data protection policies

7.2. International Operations

Our services are hosted on AWS servers in multiple regions. We ensure appropriate safeguards are in place for all international data transfers.

7.3. Cross-Border Data Protection

We implement appropriate technical and organizational measures to ensure your data receives the same level of protection regardless of where it's processed.

8. Children's Privacy

Our services are not intended for children under 18:

8.1. Age Restrictions

  • Users must be 18+ to create an account
  • Minors may use services with parental supervision
  • We do not knowingly collect information from children

8.2. Parental Controls

Parents can:

  • Monitor their child's account activity
  • Request deletion of their child's information
  • Control privacy settings for minor accounts

8.3. Educational Content

Some tours may be educational and suitable for minors. We ensure appropriate safeguards are in place for such content.

9. Data Retention

We retain your information only as long as necessary:

9.1. Retention Periods

Data Type Retention Period Reason
Account Information While account is active Service provision
Booking Records 7 years Legal compliance
Financial Records 7 years Tax and legal requirements
Communication Logs 2 years Customer support
Analytics Data 26 months Service improvement

9.2. Deletion Process

When data is no longer needed, we securely delete it using industry-standard methods. Some data may be retained in anonymized form for analytics purposes.

10. Policy Updates

We may update this Privacy Policy periodically:

10.1. Update Process

  • Review policy annually or as needed
  • Update for legal or regulatory changes
  • Revise for new services or features
  • Clarify based on user feedback

10.2. Notification

Significant changes will be communicated via email, platform notifications, or prominent website notices. Minor updates may be made without direct notification.

10.3. Effective Date

Updated policies take effect immediately upon posting. Your continued use of our services constitutes acceptance of the revised policy.

11. Contact Information

If you have questions about this Privacy Policy or your data rights, please contact us:

11.1. Data Protection Officer

  • Email: privacy@toursion.com
  • Phone: +1 (555) 123-4567 ext. 500

11.2. General Inquiries

  • Email: support@toursion.com
  • Address: 123 Travel Street, San Francisco, CA 94102
  • Website: www.toursion.com/contact

11.3. Regulatory Authorities

If you believe we have violated your privacy rights, you may contact your local data protection authority or:

  • FTC (US): www.ftc.gov
  • ICO (UK): www.ico.org.uk
  • EDPB (EU): edpb.europa.eu