Effective Date: 09/15/2024

1. Introduction

This Privacy Policy applies to the VOYA website and application (“the website” and “the app”) and explains how VOYA collects, uses, maintains, and protects the personal information of its users (“the user”).

By using our services, you agree to the terms of this Privacy Policy. If you have any questions or concerns, please contact us at: [email protected].

2. Definitions

• Data: Information about a living individual who can be identified from that data (or in combination with other information in our possession).
• Usage Data: Data collected automatically, either generated by the use of the service or from the service infrastructure itself (e.g., page visit duration).
• Cookies: Small files stored on your device (computer or mobile device).
• Data Controller: A person or entity that determines the purposes and methods of processing personal data. For this Privacy Policy, VOYA is the Data Controller.
• Data Processors: Third parties who process data on behalf of the Data Controller.
• Data Subject: A living individual who is the subject of personal data.
• User: The individual using our service. The User corresponds to the Data Subject.

3. Legal Context

We comply with the General Data Protection Regulation (GDPR) of the European Union and other applicable privacy laws.

4. Our Role

Under GDPR, VOYA acts as a Data Controller, determining the purposes and methods of processing personal information. In certain cases, we may also act as a Data Processor, following the instructions of our customers (the Data Controllers).

While VOYA ensures GDPR compliance in its practices, we cannot guarantee that external service providers acting as Data Processors also adhere to GDPR. Users should review the privacy policies of third parties to understand how their data is handled.

5. What Types of Personal Information Do We Process?

We collect and process the following types of personal information:

• Identification Data: First name, last name, photo, date of birth.
• Trip Data: Travel destinations, dates, number of travelers, details on children/infants.
• Preferences: Travel pace, culinary preferences, interests.
• Contact Data: Email address, phone number.
• Financial Data: Budget details (processed by third-party providers).

6. When Do We Collect Your Personal Information?

We collect personal information during the following activities:

• Browsing our website or app.
• Using data enrichment tools.
• Registering through sign-up forms.

7. How Do We Use Your Personal Information?

We process personal information for the following purposes:

• Improving customer service and responding to user needs.
• Personalizing user experiences.
• Enhancing our app and services.
• Sending important updates and responses to inquiries.
• Processing payments and improving security.
• Analyzing tourism trends and generating insights (never sold to third parties).

8. Who Can Access Your Personal Information?

Your personal information may be shared with:

• Data Processors: Third-party providers like Google, Booking.com, OpenAI, and Microsoft Azure.
• These providers are contractually obligated to maintain confidentiality and data security.

9. International Data Transfers

VOYA may transfer personal information to countries worldwide. We ensure appropriate safeguards, such as data processing agreements, to protect your data.

10. How Long Do We Store Your Personal Information?

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected. Afterward, it will be archived, deleted, or anonymized.

11. How Do We Protect Your Personal Information?

We implement technical and organizational measures to ensure the confidentiality, integrity, and security of your personal information.

12. User Rights

You have the following rights under GDPR:

• Access, correction, deletion, and restriction of processing.
• Objection to processing.
• Data portability.

To exercise these rights, email us at [email protected].

13. Children’s Privacy

Our services are not intended for children under 16. If we learn that a child has provided personal data without parental consent, we will delete it promptly.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Please review it regularly to stay informed about changes.

15. Right to Object to Data Use

You may object to the use of your data for analysis or generating insights sold to third parties. Contact us at [email protected] to exercise this right.