← Back to Home

Privacy Policy

Last Updated: February 4, 2026

1. Introduction

Welcome to Touriful. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

If you have any questions or concerns about this policy or our practices with regard to your personal information, please contact us at hello@touriful.com.

2. Information We Collect

2.1 Information You Provide to Us

We collect personal information that you voluntarily provide to us when you:

• Submit a partner inquiry form
• Register for an account
• Make a booking or reservation
• Contact us for support
• Subscribe to our newsletter

The personal information we collect may include:

• Contact Information: Name, email address, phone number
• Business Information: Company name, business description, location
• Communication Preferences: Preferred contact method (email, phone, WhatsApp)
• Account Credentials: Username and password (encrypted)
• Payment Information: Processed securely through third-party payment providers (we do not store credit card details)

2.2 Information Automatically Collected

When you visit our website, we automatically collect certain information about your device, including:

• Device Information: IP address, browser type, operating system
• Usage Data: Pages visited, time spent on pages, links clicked, referring website
• Cookies: See our Cookie Policy for details

2.3 Analytics

We use Google Analytics to understand how visitors interact with our website. This helps us improve our services and user experience. Google Analytics collects information anonymously and reports website trends without identifying individual visitors.

3. How We Use Your Information

We use the information we collect or receive to:

• Provide Services: Process partner applications, manage bookings, and deliver customer support
• Improve Our Platform: Analyze usage patterns to enhance website functionality and user experience
• Communication: Send you updates, marketing materials (with your consent), and respond to inquiries
• Security: Monitor and prevent fraudulent activity, abuse, and security incidents
• Legal Compliance: Comply with applicable laws, regulations, and legal processes
• Business Operations: Facilitate partnerships, process payments, and maintain business records

4. How We Share Your Information

We may share your information with the following categories of recipients:

4.1 Service Providers

We share your information with third-party service providers who perform services on our behalf, such as:

• Email Services: Resend (for transactional emails)
• Analytics: Google Analytics (anonymized data)
• Hosting: Supabase (database and authentication)
• Payment Processing: PayPal (for secure payment transactions)

4.2 Business Partners

When you make a booking, we share relevant information with the experience provider (tour operator, guide, etc.) to fulfill your reservation.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Emergency situations involving personal safety

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Partner Applications: Retained for 2 years after last contact
• User Accounts: Retained until account deletion is requested
• Booking Records: Retained for 7 years for legal and tax purposes
• Analytics Data: Anonymized data retained for 26 months (Google Analytics default)

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 GDPR Rights (EU/EEA Residents)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain types of processing (e.g., marketing)
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

6.2 How to Exercise Your Rights

To exercise any of these rights, please contact us at hello@touriful.com. We will respond to your request within 30 days.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for data transmission
• Secure database storage with access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection best practices
• Two-factor authentication for administrative access

However, please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your personal information.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.

If we make material changes, we will notify you by email (if you have provided us with your email address) or by posting a prominent notice on our website prior to the changes taking effect.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. Supervisory Authority

If you are located in the European Economic Area (EEA), you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.

---

By using our website and services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.