About this policy
The categories of personal information we collect
Children
If you fail to provide personal data
How we collect your personal information
How your information may be used
Third-party use of personal information
About electronic communications
Anonymous data
Publicly visible information
Payments
Rights related to your personal information
Links to other websites
Retention
Personal information according to European legislation
Customers rights according to European legislation
Privacy notice for California residents
Cookie policy
Categories of cookies used
Opt-out from cookies
Changes to this policy
Contact information
WhatsApp Notification Privacy Policy (Addendum)
About this policy
We at Wowfare (“Wowfare”, “we”, “our”, “us”) value your interest in our products and services and we care deeply about privacy, security, online safety, and your privacy is equally important to us. We would like you to feel at ease with how we use and share your personal information.
The purpose of this Privacy Policy is to inform you what personally identifiable information we may collect, how we use, and share your personal data through Wowfare (“Website”, products, services (collectively, the “Services”) or when you interact with us.
Based on this Privacy Policy, Wowfare informs you about what types of data are collected, stored, and processed and what measures are being taken to ensure that personal information is protected at all times when you use the Website.
If you have any questions you will find our contact details at the end of this policy. Details on how to update or access your personal information, or how to make a complaint, are also included.
This policy may be liable to change. Please check this page from time to time to ensure that you are informed of any changes. For information about when we might make changes to this policy and how we would tell you about them, please see Section Changes to this Policy, below.
By visiting or using the Website, you expressly consent to the collection, processing and use of your personal data in accordance with this privacy policy. This consent is granted by active and explicit consenting, e.g. ticking the box next to the field reading “I have read and understood the privacy policy and I accept them” or by indirectly consenting when using the Website, e.g. for browsing available information.
The categories of personal information we collect
We may collect, use and transfer the following types of personal data:
- Identity Data, which includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, photographs, national insurance number, job title, vehicle registration number(s), age and gender;
- Contact Data, which includes billing address, delivery address, personal email, and phone numbers;
- Financial Data, which includes bank account and payment card details;
- Transaction Data, which includes details about payments and donations from you and details of products and services you have purchased from us and activities you have participated in;
- Audio (e.g. call records) and Electronic (e.g. email threads) information.
- Technical Data, which includes the data that can be automatically collected from any device used to access the Site or our Services. Such information may include, but is not limited to: your device internet protocol (IP) address, your login data, browser type and version, time zone offset settings and geolocation, CPU, screen resolution, device memory, system languages, installed fonts, draw canvas logic, browser plug-in types and versions, operating system and platform, full ‘Uniform Resource Locators’, clickstream to, through and from the Site (including date and time) and other technology on the devices you use to access the Site;
- Profile Data, which includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses, products you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks, mouse-overs and methods used to browse away from the page);
- Usage Data, which includes information about how you use the Site, products, and services;
- Marketing and Communications Data, which includes your preferences in receiving marketing from us and Our third parties and your communication preferences; and
- Information that can include search history, IP address, screen resolution, browser used, operating system and settings, access times and referring URL. If you are using a mobile device, we may also collect data that identifies your device, your settings, and your location;
- Customer support information – when you contact our customer support services we will collect any inquiries, complaints, or other information that you may submit to our support team or,
- Any other information you provide us.
If you choose to contact our customer support services we will collect any inquiries, complaints, or other information that you may submit to our support team.
We do not collect any Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.
Children
Wowfare does not knowingly collect personal data from minors, except if the minor is one of the travelers. If we become aware that a minor is attempting to submit personal data, we will remove this information from our records. If you are the parent/legal guardian of a minor who has given us personal data, please contact us so we can delete it.
If you fail to provide personal data
In case we have to collect your personal data according to law or under the terms and conditions of a contract with you (customer), and you don’t provide the requested data, we can’t finish the contract that we have or are trying to enter into with you. Therefore, we might need to cancel a service. However, in these types of situations, we will keep you informed.
How we collect your personal information
Information You Voluntarily Submit: We may collect personal information from you such as your name or email address. For example, you may voluntarily submit information to the Website by leaving a comment, subscribing to a newsletter, or when you purchase a product or service, create an account, fill out a form, participate in a contest or promotion, request customer service, or otherwise communicate with us.
The types of Personal Data you may provide include:
- Contact information (such as name, email address, mailing address, and phone number, gender, title, date of birth, passport number);
- Usernames and passwords;
- Comments, feedback, and other information that you submit, experience using the Website;
- Payment information (including payment card numbers and associated identifiers, billing address, and bank account information, information about your reward system, promotion code, voucher); and
- Account log-in credentials (which for some Services may include social network credentials).
You decide how much information to share in most cases, but not sharing required information may limit your ability to engage in certain activities, such as payment information to complete a purchase.
Information We Collect from Others: We may receive information about you from other sources. You may link your Facebook, Instagram, and/or Google accounts to your account profile. If you choose to link your Facebook, Instagram, and/or Google accounts to your account profile, we will receive your name, email address and profile picture associated with that account.
Automatically-Collected Information: We automatically collect certain information about you and the device with which you access the Website (e.g., OS version, hardware model, unique device identifier, mobile network information). When you use or interact with our Website, we will receive and store information generated by your activity, information about the use of the Website, such as frequency of use, Usage Data and other information automatically collected from your mobile device. This information may include your IP address, time zone, geographic location, purchase history, the Services you used, including time spent and other statistical information.
Cookies: A cookie is a small amount of data stored on your device used as an anonymous unique identifier. Please note that cookies commonly do not contain personal information.
How your information may be used
We may use the information collected in the following ways:
- To enhance your experience with our Service by operating, maintaining, and providing you with all the content and features of the Service;
- To create your account, identify you as a user of the Website, and customize the Website for your account;
- To receive payment for your use of the Service and to communicate with you within the scope of the Service
- To send you promotional information, such as newsletters only if you voluntarily subscribe. Each email promotion will provide information on how to opt out of future mailings;
- To send you administrative communications, such as administrative emails, confirmation emails, technical notices, updates on policies, or security alerts;
- To respond to your requests, inquiries, comments or concerns;
- To provide you with user support on the Website, if requested;
- To protect, investigate, and deter against unauthorized or illegal activity.
- In order to improve the Service offered to you we may send you information regarding the Service. If you do not wish to receive such information, you may opt out by sending an e-mail to the address specified below.
Third-party use of personal information
When you ask us to book a flight or other Service we will transfer the personal data required to the airline or other entity and they will become the data controller of that personal data. It is therefore important that you read and understand their privacy policy. Any questions that you might have regarding their processing of personal data should be directed to them.
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include third-party hosting partners and other parties who assist us in operating our Website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our Website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Third-party service providers
We may disclose your information to our third-party service providers, agents, subcontractors, and other organizations for the purpose of providing products and/or services to us or directly to you on our behalf. These third parties may include cloud services providers (for hosting and email management), advertising agencies, administrative services, or supplementary third parties that provide additional services to us.
When we use third-party service providers, we only disclose personal information that is necessary for them to provide their service. We have a contract in place that requires them to protect your information and not to use it other than in accordance with our specific instructions and requests.
About electronic communications
Consistent with the above purposes and as permitted by applicable law, we may communicate with you via electronic messages, including email, text message, or mobile push notification to:
- Send you information relating to our products and Services. This may include booking confirmations and updates, technical notices, updates, security alerts, support, and administrative messages.
- Send you marketing communications. In other situations, we may communicate with you about contests, offers, promotions, rewards, upcoming events, and other news about products and Services offered by us, our group companies, our travel partners, and other business partners.
Email Communications. From time to time, we may send you emails containing information about your apparent travel-related or activity interests. We do this to make it easy for you to take advantage of travel-related or other opportunities on our website.
If you no longer want to receive marketing and promotional emails from us, you may click on the “unsubscribe” link in such emails to opt out of future marketing email communications. If you have an account, you may also opt out of marketing emails in your account settings. Please note that even if you opt out of receiving marketing communications from one or all of our Services, we will still send you service-related communications, such as confirmations of any future bookings you make.
Push Notifications (on Mobile Devices). You can use the settings on your mobile device to enable or turn off mobile push notifications from us.
SMS Message Service
With your consent, where required, we may contact you at the mobile phone number that you provide to us by way of direct dial calls, autodialed and prerecorded message calls, and text messages in connection with the above purposes.
By signing in to the SMS message service, you consent to receive recurring autodialed marketing texts from or on behalf of our Company at the mobile number you’ve provided to opt-in. You understand that consent is not a condition of purchase. Message & data rates may apply.
After you opt-in to receive messages online, in-person, or SMS, you can cancel the SMS service at any time by just replying “STOP” to the SMS message. After this, you will no longer receive SMS messages from us. Unsubscribing from our SMS service will not preclude us from sending you service-related SMS in connection with an existing booking, including us contacting you with an automated pre-recorded call containing critically important travel information (e.g., Major Schedule Change Notifications via call and/or SMS message). If you want to join again, just sign up as you did the first time, and we will start sending SMS messages to you again.
If at any time you forget what keywords are supported, just reply “HELP” to the SMS message. After you send the SMS message “HELP” to us, we will respond with instructions on how to use our service as well as how to unsubscribe.
As always, message and data rates may apply for any messages sent to you from us and to us from you. Message frequency depends on the user’s interaction. If you have any questions about your text plan or data plan, it is best to contact your wireless provider.
You represent that you are the account holder for the mobile telephone number(s) that you provide. You are responsible for notifying us immediately if you change your mobile telephone number. You may notify us of a number change by contacting us via email at [email protected].
You agree to indemnify us in full for all claims, expenses, and damages related to or caused in whole or in part by your failure to notify us if you change your telephone number, including, but not limited to, all claims, expenses, and damages related to or arising under the Telephone Consumer Protection Act.
For all questions about the SMS message service, you can contact us at:
Telephone: +1 888 738 5190
Email: [email protected]
Anonymous data
From time to time, we may use anonymous data, that does not identify you alone, or when combined with data from other parties, such as a third party mentioned above. This type of anonymous data may be provided to the other parties for marketing, advertising, or other uses.
We use third-party analytics tools to help us measure traffic and usage trends for the Website. These tools collect information sent by your device or our Website, including the pages you visit, add-ons, and other information that assists us in improving the Website. We collect and use this analytics information with analytics information from other users so that it cannot reasonably be used to identify any particular individual user.
Publicly visible information
If you create an account profile on the Website or leave a comment, certain information may be publicly visible. To create an account profile, you must choose a username and password and input your email address for profile confirmation. Your email address will never be available publicly.
Payments
If you purchase products or services from us, we will collect certain information from you, including your name, address, email address, and information about the product or service you are purchasing. Payments are processed by third-party payment processors (e.g., Klarna, Stripe), so please refer to the applicable processor’s terms and privacy policy for more information about how payment information is processed and stored.
Rights related to your personal information
We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability.
We take all reasonable steps to ensure that your personal data is correct and up-to-date. If you believe that your personal data stored by us is incorrect, please notify and provide us with the correct data so that it can be rectified and updated.
For personal data that we have about you can choose:
Opt-out – You may opt out of future email communications by following the unsubscribe links in our emails. You may also notify us at [email protected] to be removed from our mailing list.
Access – You may access the personal information we have about you by submitting a request to [email protected].
Amend – You may contact us at [email protected] to amend or update your personal information.
Forget – You may request that we erase or forget your personal data, subject to applicable laws. To do so, please submit a request to [email protected].
Please note that we may need to retain certain information for record-keeping purposes or to complete transactions, or when required by law.
If you have any inquiries regarding our processing of your personal data, please contact us. If you are displeased with our processing of personal data, you may contact us at [email protected].
Links to other websites
Our Site and Services may contain links to other websites for your convenience and information. These websites may be operated by companies not affiliated with Wowfare. Linked websites may have their own privacy policies or notices, which we strongly suggest you review if you visit those websites. We are not responsible for the content, privacy practices, or use of any websites that are not affiliated with Wowfare.
Retention
We will retain your information for as long as the application is installed on your mobile device or as needed to provide you with our Services. If you remove the application, we will remove your information and use copies of your information as necessary to comply with our legal obligations (including for tax and accounting purposes), resolve disputes, and enforce our agreements.
Personal information according to European legislation
In case you are using our services in the territory of Europe, we have set out below a description of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate and what are your data subjects’ rights under EEA legislation.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out below.
- To assist in purchasing air tickets and related travel products (car rentals, hotel booking, etc.) – Main Activity, to provide assistance requested by you or otherwise perform contractual obligations
- Type of data:
- Identity
- Contact Data
- Financial
- Transaction
- Marketing and Communications
- Audio/Electronic information
- Lawful basis for processing including the basis of legitimate interest:
- Performance of a contract with you,
- To register you as a new or a Regular customer/ to start a business relationship
- To process and deliver your order related to the Main Activity, including:
(a) Managing payments, fees and charges
(b) Collecting and recovering money owed to us
(c) Providing you with post-sale customer support
- Type of data:
- For solely internal uses that are based on your relationship with us or compatible with the context in which personal data was collected
- Type of data:
- Identity
- Contact Data
- Marketing and Communications
- Profile data
- Audio/Electronic information
- Financial
- Profile data
- Technical
- Lawful basis for processing including the basis of legitimate interest:
- Performance of a contract with you,
- To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey
(c) sending holiday greetings - To deliver relevant Platform content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
- To use data analytics to improve our Platforms, products/services, marketing, customer relationships and experiences
- To make suggestions and recommendations to you about goods or services that may be of interest to you
- To create and manage your online account (cabinet)
- Type of data:
- To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity
- Type of data:
- Identity
- Contact Data
- Technical
- Audio/Electronic information
- Lawful basis for processing including the basis of legitimate interest:
- To administer and protect our business and Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
- Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)
- Necessary to comply with a legal obligation
- Type of data:
- To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
- Type of data:
- Identity
- Contact Data
- Profile
- Usage
- Marketing and Communications
- Technical
- Lawful basis for processing including the basis of legitimate interest:
- Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
- Type of data:
- To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
- Type of data:
- Technical
- Usage
- Lawful basis for processing including the basis of legitimate interest:
- Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
- Type of data:
- To exercise or defend legal claims
- Type of data:
- Identity
- Contact Data
- Financial and Transactional data
- Technical
- Marketing and Communications
- Audio/Electronic information
- Usage data
- Lawful basis for processing including the basis of legitimate interest:
- To manage complaints
- To comply with requests, subpoenas and other enforcement notices issued by regulators, courts and law enforcement agencies
- Type of data:
- To make suggestions and recommendations to you about goods or services that may be of interest to you
- Type of data:
- Identity
- Contact
- Technical
- Usage
- Profile
- Marketing and Communications
- Lawful basis for processing including the basis of legitimate interest:
- Necessary for our legitimate interests (to develop our products/services and grow our business)
- Type of data:
Customers rights according to European legislation
- You can ask for access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Deletion of your personal data. This gives you the right to solicit us to delete or remove personal data from our system. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below). Note, that in some cases, when the legislation prohibits us from complying with your request, we will not delete or erase the data. Anyway, you will be notified of that.
- You can ask for the correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
The right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.
- Restriction of processing of your personal data. In the following cases:
- Establish the data’s accuracy.
- Suspicions of illegal use of data.
- Hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- Objections to our use of your data, at the same time we will verify whether we have superior legitimate motives for data usage.
- Transfer of your personal data to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your personal data.
In order to use any of the above-mentioned rights, you should contact us, and provide information to identify yourself, so we can be sure you are the entitled person to make the mentioned requests.
Privacy notice for California residents
This Privacy Notice for California Residents supplements the information contained in our privacy policy above applies solely to the personal data of users who reside in the State of California (“consumers” or “you”). We have included this section to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.
Information We Collect
Our Website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, our website has collected the following categories of personal information from its consumers within the last twelve (12) months:
| Category | Examples | Collected |
| A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | [YES] |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with other categories. | [YES] |
| C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | [NO] |
| D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | [YES] |
| E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | [NO] |
| F. Internet or other similar network activity. | Browsing history, search history and information on a consumer’s interaction with a website, application, or advertisement. | [YES] |
| G. Geolocation data. | Physical location or movements. | [YES] |
| H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | [NO] |
| I. Professional or employment-related information. | Current or past job history or performance evaluations. | [NO] |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | [NO] |
| K. Inferences drawn from other personal information. | The profile reflects a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | [NO] |
| L. Equipment information. | Information about your internet connection, the equipment you use to access our Website, and usage details. | [YES] |
Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
Our Website obtains the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from observing your actions on our Website.
- From third-party business partners such as social media sites, ad networks, and analytics providers.
Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment.
- To provide you with support and to respond to your inquiries, including investigating and addressing your concerns and monitoring and improving our responses.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise outlined in the CCPA.
- We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
Our Website may disclose your personal information to a third party for business purposes. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We share your personal information with the following categories of third parties:
- Service providers.
- Data aggregators.
Disclosures of Personal Information for a Business Purpose
We engage certain trusted third parties to perform functions and provide services to us, including hosting and maintenance, error monitoring, debugging, performance monitoring, billing, customer relationships, database storage and management, and direct marketing campaigns. We may share your Personal Information with these third parties, but only to the extent necessary to perform these functions and provide such services. We also require these third parties to maintain the privacy and security of the Personal Information they process on our behalf.
In the preceding twelve (12) months, the company has disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
Category B: California Customer Records personal information categories.
Category D: Commercial information.
Category F: Internet or other similar network activity.
Category G: Geolocation data.
We disclose your personal information for business purposes to the following categories of third parties:
- Service providers.
- Data aggregators.
Sales of Personal Information
In the preceding twelve (12) months, the Company has not sold personal information.
Your Rights and Choices:
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased;
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us.
You may only make a verifiable consumer request for access or data portability twice within 12 months. The verifiable consumer request must:
- provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
- describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons why we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Do Not Sell My Personal Information
Our Company does not sell your personal information to third parties.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Cookie policy
Cookies are small pieces of data sent from the Platform and stored on your device (computer, smartphone, etc.) by your web browser while you are browsing our Website and sometimes down the line. Without Cookies, it would be impossible to provide you information and services you are requesting through the Internet. Cookies remember stateful information (such as items added to the shopping cart in an online store) or record your browsing activity. They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, addresses, passwords and billing addresses.
By using the Website, you agree to the use of any of the cookies and tracking tools mentioned in this policy, unless you opted out (available only for some cookie types).
Categories of cookies used
Technical and strictly necessary Cookies. In most cases, our Website uses cookies in order to ensure technical feasibility to connect our Website to your device and provide the services requested by you. These cookies are integrated by default into our Website.
In case you try to block/ turn off any of such cookies you might not receive some essential parts of services requested by you. Some examples of such cookies are:
- User input cookies (session-id), e.g. when you are filling an online form (ticket buying, making payment, etc.).
- Authentication cookies, used for authenticated services, e.g. when You are logging into your online account within any of the information systems integrated with our Platform.
- Security cookies used to detect authentication abuses and prevent malicious attacks.
- Multimedia content player session cookies, such as flash player cookies.
- Load balancing session cookies (faster processing of your requests).
- Third-party social plug-in content-sharing cookies.
Functionality and Preferences Cookies. Such Cookies help us to optimize and make more user-friendly our Website, enhance our security level, facilitate faster and more convenient use of the Website, and receive valuable statistics in an anonymized way, including, but not limited to:
- To make aggregated statistics on new visitors to the Website.
- To help us recognize your browser and its previously configured settings, for example, language preferences, font size, etc.
- To collect anonymized statistics on how you use the website to help us optimize its functionality. set analytics cookies.
The retention period of Functionality Cookies usually is very short. In case of longer periods, please, be aware that we always assess the risk level of such processing, so it does not adversely affect Your privacy.
Performance and Analytics Cookies. These cookies collect information about how you use our website, helping us analyze performance and improve your experience. Examples include:
- Tracking user activity to identify trends and troubleshoot issues.
- Gathering anonymized data to measure the effectiveness of new features or designs.
Advertising and Targeting Cookies. We and our third-party vendors, including Google and Facebook, use Advertising cookies to serve ads based on your prior visits to our Platforms. For example:
- To make use of cross-device tracking in order to optimize our advertising activities. As part of cross-device tracking, We may combine information collected from a particular browser or mobile device with another computer or device linked to the computer or device from which the information was collected. By changing your cookie settings on your device you can change your cross-device tracking settings for advertising purposes.
- To work with online advertising companies to display targeted advertising on our Website and third-party platforms that you visit. This targeting may be based on information collected by us or third-party platforms. This targeting may also be based on your activities or behaviors on our Website or those of third parties. We may also obtain information about your browsing history from our business partners.
We may use Google Analytics to collect demographic and interest data about you (such as age, gender, and interests), including through Google Analytics Demographics and Interest Reporting. We may use the information collected about you through Google Analytics for Google services such as Remarketing with Google Analytics and Google Display Network Impression Reporting. The choices you make are browser and device-specific. You may not be able to use these features if you set your device to block cookies. We anonymize IP addresses in Google Analytics.
We and our advertising partners may also use web beacons (single-pixel GIF images). These web beacons are placed in the code of a Web page or an email newsletter. When you access a partner site within our mobile applications, we may track your activity on that site.
Necessary
| Cookie | Type | Expiration | Description |
|---|---|---|---|
| cj_pixel_layer_checkout__success | Cookie | 1 day | Cookie for CJ pixel tracking in the checkout flow. |
| {{offer_uid}}_price_change_data | Cookie | Session | Stores the price change flag for Cover Genius. |
| booking-{{book-uid}} | Cookie | Session | Allows users to access the “Small Amount” page of a booking. |
| view-book-{{book-uid}} | Cookie | 1 hour | Enables access to the Receipt page of a booking. |
| uuid | Cookie | 10 years | Stores a unique identifier for the user (CRM client UUID). |
| skyscanner_redirect_id | Cookie | 30 days | Tracks analytics for Skyscanner redirects. |
| COUNTRYKEYCODE | Cookie | 7 days | Used for localization based on country. |
| LANGUAGEKEYCODE | Cookie | 7 days | Used for localization based on language. |
| cd | Cookie | 356 days | Stores search parameters (origin, destination) for prefilling data in searches. |
| client_id | Cookie | Session | Session identifier |
| ref-registration | Cookie | 1 minute | Handles referral registration cookie processes. |
| cookie_policy | Cookie | 356 days | Indicates the user’s acknowledgment of the cookie policy. |
| active_tabs_index | Cookie | 1 day | Tracks the active tab on the GTT home page. |
| dclid | Cookie | 7 days | Tracks hybrid analytics data. |
| gclid | Cookie | 7 days | Tracks hybrid analytics data for Google Ads. |
| vcid | Cookie | 7 days | Tracks visitor session data for hybrid analytics. |
| location_url | Cookie | 7 days | Stores the current location URL for analytics. |
| kayakclickid | Cookie | 7 days | Tracks click IDs from Kayak for analytics. |
| ranMID | Cookie | 7 days | Tracks Rakuten affiliate data. |
| ranEAID | Cookie | 7 days | Tracks Rakuten affiliate data. |
| ranSiteID | Cookie | 7 days | Tracks Rakuten affiliate data. |
| show-checkout-form-{{offer-uid}} | Cookie | 7 days | Enables the checkout page without requiring login (“Continue without login”). |
| marker | Cookie | 7 days | Stores a redirect ID for Skyscanner or Kayak to set the marker for checkout. |
| custurl | Cookie | 7 days | Provides access to development hotel deep links. |
| _user_identity | Cookie | Session | Stores user details for WP on ScholarTrip. |
| _identity-frontend | Cookie | Session | Stores the client identity. |
| advanced-frontend | Cookie | Session | Maintains the client session. |
| nuveiPayment | Cookie | 5 hours | Enables Nuvei payment functionality. |
| analytics_storage | Cookie | 356 days | Stores consent for Google Analytics. |
| ad_storage | Cookie | 356 days | Stores consent for Google Ads. |
| cje | Cookie | 356 days | CJ pixel tracking. |
| cjdata | Cookie | 356 days | CJ pixel tracking. |
| X_React_Checkout | Cookie | 2 seconds | Used for Checkout proxy on React. |
| run_theme | Cookie | 1 hour | Toggles GTT and Goway theme versions. |
| X_Checkout_React_Old | Cookie | 2 seconds | Used for Checkout proxy on React. |
| X_Checkout_React_New | Cookie | 2 seconds | Used for Checkout proxy on React. |
| _csrf-frontend | Cookie | Session | CSRF token to validate requests. |
| _identity-two-fa-auth | Cookie | 10 days | Cookie for two-factor authentication. |
| _csrf-api | Cookie | Session | CSRF token to validate API requests. |
| access_token | Cookie | 1 day | JWT authentication token. |
| refresh_token | Cookie | 1 day | JWT refresh token. |
| _flag_cache_storage | Cookie | 1 day | Used to flag and clear page cache. |
| forterToken | Cookie | 30 days | Used by react checkout for fraud checking |
| conv_v | Cookie | 30 days | We use this for A/B experiment |
| conv_s | Cookie | 30 days | We use this for A/B experiment |
| brandId | Cookie | 30 days | Used by checkout to switch between projects |
| cjdata | Cookie | 30 days | Need for CJPixel event |
| advanced-api | Cookie | 30 days | Need to be sent to api for authorized user |
| refresh_token | Cookie | 30 days | Need to be sent to api for authorized user |
| view-book-OFFERID | Cookie | 30 days | Need to be sent to api on book offer to properly redirect to thank you page |
| booking-OFFERID | Cookie | 30 days | Need to be sent to api on book offer to properly redirect to thank you page |
| wordpress_test_cookie | Cookie | 30 days | On the front-end of the website without logging in. When the front end of the website was checked, the cookie found to be installed on the browser was wordpress_test_cookie, the cookie used to check whether cookies are enabled to provide the proper user experience. |
| refid | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| wbraid | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| gbraid | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| CID | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| msclkid | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| fbclid | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| utm_term | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| utm_content | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| utm_campaign | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| utm_medium | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| utm_source | Cookie | 30 days | The cookie used to check whether cookies are enabled to provide the proper user experience. |
| pll_language | Cookie | 7 days | Polylang sets this cookie to remember the language the user selects when returning to the website and get the language information when unavailable in another way. |
| _language | Cookie | 7 days | Polylang plugin |
| wp-CFCacheBypass | Cookie | 7 days | Caching plugin |
| LS_CSRF_TOKEN | Cookie | 7 days | Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed. |
| opt_out | Cookie | 7 days | This cookie is used for preventing the installation of third party advertiser or other cookies on the browser. |
| gdpr | Cookie | 7 days | Determines whether the visitor has accepted the cookie consent box. This ensures that the cookie consent box will not be presented again upon re-entry. |
| t_v2_s | Cookie | 2 years | Used by Affirm.Necessary for the website’s payment-plan-function upon checking out. |
| _cfuvid | Cookie | Session | The _cfuvid cookie is set as part of the Rate Limiting Rule that websites can enable with Cloudflare. When sites allow this option, Cloudflare uses the _cfuvid cookie to distinguish between users from the same IP address. |
| zalb_1f2feb5d84 | Cookie | 356 days | This cookie registers statistical data on users’ behaviour on the website. |
| uesign | Cookie | 30 days | Zoho sets this cookie for the Visitor Live Chat. |
| _zcsr_tmp | Cookie | 30 days | Zoho sets this cookie for the login function on the website. |
| tracker_device | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| siqlsdb | Cookie | 356 days | Zoho sets this cookie to generate a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. |
| user_currency | Cookie | 7 days | Multi-currency support |
| comment_author_{hash} | Cookie | 347 days | Used to tracked comment author name, if “Save my name, email, and website in this browser for the next time I comment.” is checked |
| comment_author_email_{hash} | Cookie | 347 days | Used to tracked comment author email, if “Save my name, email, and website in this browser for the next time I comment.” is checked |
| comment_author_url_{hash} | Cookie | 347 days | Used to track comment author url, if “Save my name, email, and website in this browser for the next time I comment.” checkbox is checked |
Analytics
| Cookie | Type | Expiration | Description |
|---|---|---|---|
| vuif | Cookie | 356 days | Tracks visitor analytics. |
| first_url | Cookie | 30 days | Tracks the visitor’s first URL for analytics purposes. |
| switch_version | Cookie | Session | Switches between desktop and mobile versions. Usage uncertain. |
| sc | Cookie | 7 days | Session control for measurement protocol. |
| cross_system_xp | Cookie | 7 days | Old A/B testing flag, no longer in use. |
| document_referrer | Cookie | 7 days | Tracks referral URLs for hybrid analytics. |
| utm_campaign | Cookie | 7 days | Tracks UTM campaign parameters for analytics. |
| utm_source | Cookie | 7 days | Tracks UTM source parameters for analytics. |
| utm_id | Cookie | 7 days | Tracks UTM ID parameters for analytics. |
| _ga | Cookie | 7 days | Sets the client ID on Alternatives and P2B checkout pages when received from CRM. |
| ssid | Cookie | 7 days | Async Search plugin |
| li_gc | Cookie | 30 days | Linkedin set this cookie for storing visitor’s consent regarding using cookies for non-essential purposes. |
| lidc | Cookie | 30 days | LinkedIn sets the lidc cookie to facilitate data center selection. |
| _uetsid | Cookie | 30 days | Bing Ads sets this cookie to engage with a user that has previously visited the website. |
| _uetvid | Cookie | 30 days | Bing Ads sets this cookie to engage with a user that has previously visited the website. |
| SRM_B | Cookie | 30 days | Used by Microsoft Advertising as a unique ID for visitors. |
| bcookie | Cookie | 356 days | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs. |
| cto_bundle | Cookie | 356 days | Criterio sets this cookie to provide functions across pages. |
| MUID | Cookie | 356 days | Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations. |
| ANONCHK | Cookie | 356 days | The ANONCHK cookie, set by Bing, is used to store a user’s session ID and verify ads’ clicks on the Bing search engine. The cookie helps in reporting and personalization as well. |
| rl_anonymous_id | Cookie | 356 days | RudderStack set this cookie to store statistical data of users’ behaviour on the website, which can be used for internal analytics by the website operator. |
| rl_page_init_referrer | Cookie | 356 days | Rudderstack sets this cookie, which is used to store performed actions on the website. |
| rl_trait | Cookie | 356 days | Rudderstack sets this cookie, which is used to store performed actions on the website. |
| ayl_visitor | Cookie | 356 days | This cookie is set by omnitagjs. This cookie stores the data of the visitor, this collected information is used to show relevant advertisements to the user based on user interest. |
| CMID | Cookie | 356 days | Casale Media sets this cookie to collect information on user behaviour for targeted advertising. |
| CMPS | Cookie | 356 days | CasaleMedia sets CMPS cookie for anonymous user tracking based on users’ website visits to display targeted ads. |
| CMPRO | Cookie | 356 days | CasaleMedia sets CMPRO cookie for anonymous usage tracking and targeted advertising. |
| uuid2 | Cookie | 356 days | The uuid2 cookie is set by AppNexus and records information that helps differentiate between devices and browsers. This information is used to pick out ads delivered by the platform and assess the ad performance and its attribute payment. |
| mv_tokens | Cookie | 356 days | Mediavine Exchange sets this cookie to create a unique ID for the visitor, allowing third-party advertisers to target the visitor with relevant advertisements. |
| dpm | Cookie | 356 days | The dpm cookie, set under the Demdex domain, assigns a unique ID to each visiting user, hence allowing third-party advertisers to target these users with relevant ads. |
| _rxuuid | Cookie | 356 days | Unruly Media sets this cookie to store information on how the end user uses the website and any advertising that the end user may have seen before visiting the said website. |
| anj | Cookie | 356 days | AppNexus sets the anj cookie that contains data stating whether a cookie ID is synced with partners. |
| cf | Cookie | 356 days | Used to present the visitor with relevant content advertisement. |
| cip | Cookie | 356 days | Presents the user with relevant content and advertisements, and facilitates real-time bidding for advertisers. |
| cnac | Cookie | 356 days | Used to present the visitor with relevant content advertisement. |
| car | Cookie | 356 days | Used to present the visitor with relevant content advertisement. |
| callback | Cookie | 356 days | ID5 sets this cookie to collect data on visitor behaviour from multiple websites in order to present more relevant advertisements. This also allows the website to limit the number of times that the visitor is shown the same advertisement. |
| tuuid | Cookie | 356 days | The tuuid cookie, set by BidSwitch, stores an unique ID to determine what adverts the users have seen if they have visited any of the advertiser’s websites. The information is used to decide when and how often users will see a certain banner. |
| c | Cookie | 356 days | Rubicon Project sets this cookie to control the synchronization of user identification and the exchange of user data between various ad services. |
| tuuid_lu | Cookie | 356 days | This cookie, set by BidSwitch, stores a unique ID to determine what adverts the users have seen while visiting an advertiser’s website. This information is then used to understand when and how often users will see a certain banner. |
| criteo_write_test | Cookie | 356 days | This cookie sets a unique ID for the visitors that allows third-party advretisers to target the visitors with relevant advertisement. |
| _gcl_au | Cookie | 356 days | Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services. |
| uid | Cookie | 356 days | This is a Google UserID cookie that tracks users across various website segments. |
| _ga | Cookie | 356 days | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
| CLID | Cookie | 356 days | Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited. |
| _hjSessionUser_* | Cookie | 356 days | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. |
| _hjSession_* | Cookie | 356 days | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. |
| _clck | Cookie | 356 days | Microsoft Clarity sets this cookie to retain the browser’s Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID. |
| SM | Cookie | 356 days | Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains. |
| MR | Cookie | 356 days | This cookie, set by Bing, is used to collect user information for analytics purposes. |
| _clsk | Cookie | 356 days | Microsoft Clarity sets this cookie to store and consolidate a user’s pageviews into a single session recording. |
| utsdb | Cookie | 356 days | Zoho SalesIQ sets this cookie to register data on visitor’s website behaviour. |
| demdex | Cookie | 356 days | The demdex cookie, set under the domain demdex.net, is used by Adobe Audience Manager to help identify a unique visitor across domains. |
Marketing
| Cookie | Type | Expiration | Description |
|---|---|---|---|
| rl_session | Cookie | 356 days | Tracks the user’s interaction with the website’s search-bar-function for marketing purposes. |
| optout | Cookie | 356 days | This cookie is generated by our marketing CRM tool, which helps us collect information about our users for marketing purposes. |
| cto_tld_test | Cookie | 356 days | Used to identify the visitor across visits and devices. This allows the website to present the visitor with relevant advertisement – The service is provided by third party advertisement hubs, which facilitate real-time bidding for advertisers. |
| MSPTC | Cookie | 356 days | This cookie registers data on the visitor. The information is used to optimize advertisement relevance. |
| XANDR_PANID | Cookie | 356 days | This cookie is used to deliver a series of advertisement products such as real time bidding from third party advertisers. |
| receive-cookie-deprecation | Cookie | 356 days | This cookie is used to deliver a series of advertisement products such as real time bidding from third party advertisers. |
| data-c-ts | Cookie | 356 days | This cookie is used to deliver a series of advertisement products such as real time bidding from third party advertisers. |
| data-c | Cookie | 356 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| mv_tokens_eu-v1 | Cookie | 356 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| am_tokens | Cookie | 356 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| am_tokens_eu-v1 | Cookie | 356 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| criteo | Cookie | 356 days | This cookie is used to deliver a series of advertisement products such as real time bidding from third party advertisers. |
| visitor-id | Cookie | 356 days | This cookie is used to store necessary information related to the fact that you came to our website via a link on a website of one of our affiliate partners. |
| tv_UICR | Cookie | 356 days | This cookie tracks user’s behavior from multiple websites in order to present more relevant advertisements. |
| tvid | Cookie | 356 days | This cookie registers statistical data on user’s behaviour for the purpose of analytics. |
| gpp | Cookie | 356 days | This cookie tracks user’s behavior from multiple websites in order to present more relevant advertisements. |
| test_rudder_cookie | Cookie | 356 days | This cookie tracks user’s behavior from multiple websites in order to present more relevant advertisements. |
| __tld__ | Cookie | 356 days | This cookie tracks user’s behavior from multiple websites in order to present more relevant advertisements. |
| _rxuuid | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _ga_# | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _uetsid_exp | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _uetvid_exp | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| conv_rand | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| demconf.jpg | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| epvgCMT8-6EBELrAsOMC,18884374956 | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| es.f.session | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| es.f.session.pages.count | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| esScriptStatus | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| esState | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| f.page.count | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| IDE | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| pagead/1p-user-list/# | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| pagead/gen_204/ | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rl_group_id | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rl_group_trait | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rl_user_id | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rum | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| ul_cb/sync | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| um | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| LS_CSRF_TOKEN | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| 1.gif | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| cf_chl_rc_ni | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| CookieConsent | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| cookietest | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| drscc | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rudder_#.#.batchQueue | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| test_cookie | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _hjSessionUser_# | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _conv_r | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _hjSession_# | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| #_zldp | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| #_zldt | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| hjActiveViewportIds | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| hjViewportId | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| zalb_# | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| __ust | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| _zwaf_ua | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| bounceback-visited | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rl_auth_token | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| rl_page_init_referring_domain | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
| tracker_device_is_opt_in | Cookie | 30 days | Used to store various information necessary for our internal analytical and marketing purposes. |
Opt-out from cookies
Please also note that opting out of a third-party cookie does not mean that you will no longer receive or be subject to online advertising or marketing. It means that the third-party service from which you opted out will no longer deliver ads tailored to your web preferences and online behavior.
Changes to this policy
From time to time, we may review this policy, so please review it periodically. We may provide you additional forms of notice of modifications or updates as Websiteropriate under the circumstances. Your continued use of Websitelication or the Service after any modification to this policy will constitute your acceptance of such modification.
Contact information
We hope this clarifies any questions you have regarding the use of data and the current changes in the law. If you have any questions, comments, or requests about the processing of your personal information, or you have questions related to this Privacy Policy, please contact Wowfare using the following details:
Wowfare
1000 N. West Street, Suite 1294, Wilmington, Delaware 19801
Email: [email protected]
Telephone: +1 888 738 5190
WhatsApp Notification Privacy Policy (Addendum)
1. Scope of This Addendum
This policy applies to any user who consents to receive order-related messages through WhatsApp. It is relevant for:
– EU/EEA users, under the GDPR
– U.S. residents, especially in California, Virginia, Colorado, Connecticut, and Utah
2. Categories of Data Collected
We collect the following categories of personal data for WhatsApp-based communication:
Identifiers: Phone number, IP address
Commercial Information: Booking reference and itinerary
Internet/Network Activity: Device information, language preference
Inferences (not collected): No profiling or behavioral analytics applied
3. Purpose and Legal Basis for Processing
– GDPR (EU/EEA Users): Processing is based on your explicit consent (Art. 6(1)(a) GDPR), collected via a checkbox at checkout.
– CCPA/CPRA (U.S. Users): Processing is done only for operational/transactional purposes; we do not sell or share your personal data within the meaning of the CCPA/CPRA.
4. Use of WhatsApp and Your Rights
We use WhatsApp exclusively for:
– Booking confirmations
– Travel updates and operational alerts
– Customer support messages
We do not use WhatsApp to send marketing messages unless you separately opt in.
5. Disclosure of Personal Information
– We share your information with Meta Platforms Ireland Ltd. (WhatsApp Business API provider), who processes it under a data processing agreement.
– For U.S. users, this constitutes a service provider relationship under the CCPA/CPRA.
6. Data Transfers and Safeguards
– For EU/EEA users, any data transferred outside the EEA (e.g., to Meta in the U.S.) is protected by Standard Contractual Clauses (SCCs).
– For U.S. users, data is handled according to state-level privacy laws requiring reasonable security measures.
7. Data Retention
– We retain your WhatsApp consent and communication logs for up to 3 years for auditing and compliance.
– We do not retain message content beyond the operational purpose.
8. Your Rights
Under GDPR (EU/EEA Users):
– Access, rectification, erasure, restriction, objection, data portability, withdrawal of consent
Under U.S. Laws (e.g., California, Virginia):
– Right to know categories of data collected and shared
– Right to request deletion
– Right to opt out of sale or sharing (not applicable—we do neither)
– Right to non-discrimination
You can opt out of WhatsApp communications at any time by replying “STOP” in the chat or contacting us at [email protected].
9. Security
We implement industry-standard technical and organizational safeguards, including:
– Secure API messaging infrastructure
– Access control to WhatsApp accounts
– Consent audit logging
– Use of WhatsApp only through official and secured business systems
10. Contact Information
For privacy inquiries or to exercise your rights, contact us at [email protected].
11. Additional Notices for U.S. Residents
Under California law, we are required to disclose:
– No Sale or Sharing of Personal Information
– No Use of Sensitive Personal Information for Profiling
– No Automated Decision-Making Involving WhatsApp Data
You may designate an authorized agent to make a request on your behalf under the CCPA/CPRA by submitting proof of identity and written authorization.
12. Reference and Integration
This addendum is an integral part of our main Privacy Policy, which includes additional information about cookies, user rights, data transfers, and your legal recourse.