Privacy Policy

This Privacy Policy explains how TravelWithPriyanshi ("we", "us", "our") collects, uses, and protects your personal data when you visit this website or use our services. We are based in Spain and this policy is written in compliance with the EU General Data Protection Regulation (GDPR) and the Indian Information Technology Act, 2000.

---

1. Who We Are

TravelWithPriyanshi is operated by Priyanshi and Srajan, individuals based in Spain. For data protection queries, contact us via the Contact page.

2. What Data We Collect

We collect the following categories of personal data:

• Contact form submissions: Name, email address, and the content of your message.
• Purchase data: If you purchase a product through Gumroad, your payment and contact data is processed by Gumroad under their own privacy policy. We receive your name, email, and order details.
• Service intake forms: For paid services (Personal Guide, Custom Trip Planner), we collect trip details including travel dates, destination, group size, and travel preferences you choose to share.
• Analytics (if enabled): Aggregated, anonymised website usage data. We use privacy-friendly analytics tools that do not use tracking cookies or collect personal identifiers.

3. How We Use Your Data

• To respond to contact form messages
• To fulfil paid service orders (deliver itineraries, respond to questions)
• To communicate with you about your order
• To improve the website and our services

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing (GDPR)

• Contractual necessity: Processing required to fulfil a service you've purchased.
• Legitimate interests: Responding to enquiries, improving services.
• Consent: Where you've explicitly provided consent (e.g., cookie consent).

5. Data Retention

We retain personal data only as long as necessary:

• Contact form messages: up to 12 months after the last communication
• Purchase and service data: up to 3 years for financial record-keeping obligations

6. Third-Party Services

We use the following third-party services that may process your data:

• Gumroad (payment processing): gumroad.com/privacy
• Web3Forms (contact form): web3forms.com/privacy
• Brevo (email delivery): brevo.com/legal/privacypolicy
• Cloudflare (hosting & CDN): cloudflare.com/privacypolicy

7. Cookies

We use a cookie consent tool (Cookieyes) to manage cookie preferences. Strictly necessary cookies (required for the site to function) are always active. Analytics and marketing cookies are only placed with your consent.

You can change your cookie preferences at any time via the cookie settings link in the footer.

8. Your Rights (GDPR)

If you are in the EU or EEA, you have the following rights regarding your personal data:

• Right of access: Request a copy of the data we hold about you.
• Right of rectification: Request correction of inaccurate data.
• Right of erasure: Request deletion of your data ("right to be forgotten").
• Right to restrict processing: Request that we limit how we use your data.
• Right to data portability: Request your data in a machine-readable format.
• Right to object: Object to processing based on legitimate interests.

To exercise any of these rights, contact us via the Contact page. We will respond within 30 days.

9. Data Security

We take reasonable measures to protect your personal data — including HTTPS encryption on all pages, secure third-party processors, and limited internal access to personal data. However, no internet transmission is completely secure.

10. Changes to This Policy

We may update this policy occasionally. The "last updated" date at the top of this page indicates when it was last revised. Continued use of the website after a policy change constitutes acceptance of the revised policy.

11. Contact

For any privacy-related queries or to exercise your rights, contact us via the Contact page.