Privacy Policy

1. Introduction

Hedell Travel ("we", "us", or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at hedelltravel.com and app.hedelltravel.com.

Please read this Privacy Policy carefully. By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

• Account Information: Name, email address, phone number, company name, business address, and password
• Profile Information: Business description, logo, website URL, and professional credentials
• Communication Data: Messages sent through our platform, inquiry details, and support requests
• Transaction Information: Booking details, payment information, and transaction history
• Content: Photos, descriptions, and other content you upload to the Platform

2.2 Information Collected Automatically

When you access our Platform, we automatically collect:

• Device Information: Browser type, operating system, device identifiers, and IP address
• Usage Data: Pages visited, features used, click patterns, and time spent on the Platform
• Location Data: General geographic location based on IP address
• Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies

2.3 Information from Third Parties

We may receive information from:

• Business partners and affiliates
• Payment processors and financial institutions
• Identity verification services
• Public databases and business registries

3. How We Use Your Information

We use your information for the following purposes:

3.1 Platform Operations

• Create and manage your account
• Facilitate communications between Agents and Partners
• Process bookings and transactions
• Provide customer support and respond to inquiries
• Send service-related notifications and updates

3.2 Platform Improvement

• Analyze usage patterns to improve our services
• Develop new features and functionality
• Conduct research and analytics
• Test and troubleshoot technical issues

3.3 Safety and Security

• Verify user identity and business credentials
• Detect and prevent fraud, abuse, and policy violations
• Monitor for off-platform transactions
• Enforce our Terms of Service
• Protect the rights and safety of users

3.4 Marketing and Communications

• Send promotional messages (with your consent)
• Provide personalized content and recommendations
• Conduct surveys and collect feedback

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 With Other Users

When you communicate or transact with other users, your profile information and relevant transaction details are shared to facilitate the business relationship.

4.2 With Service Providers

We share information with third-party service providers who assist us in operating the Platform, including:

• Cloud hosting and storage providers (Supabase, Vercel)
• Payment processors (Stripe)
• Email service providers (Resend)
• Analytics providers
• Translation services (DeepL)

4.3 For Legal Reasons

We may disclose information when required to:

• Comply with applicable laws, regulations, or legal processes
• Respond to lawful requests from public authorities
• Protect our rights, privacy, safety, or property
• Enforce our Terms of Service
• Investigate potential violations

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and the choices you may have.

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit and at rest
• Secure authentication mechanisms
• Regular security assessments and audits
• Access controls and employee training
• Incident response procedures

However, no method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Support business operations and analytics

When information is no longer needed, we will securely delete or anonymize it. Transaction records may be retained for up to seven (7) years for legal and accounting purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 Access and Portability

Request access to your personal information and receive a copy in a structured, machine-readable format.

7.2 Correction

Request correction of inaccurate or incomplete information. You can also update most information directly through your account settings.

7.3 Deletion

Request deletion of your personal information, subject to certain exceptions (legal obligations, ongoing transactions, etc.).

7.4 Marketing Opt-Out

Opt out of marketing communications at any time by clicking the unsubscribe link in emails or adjusting your notification settings.

7.5 Cookie Preferences

Manage cookie preferences through your browser settings. Note that disabling certain cookies may affect Platform functionality.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential Cookies: Required for Platform functionality, authentication, and security
• Analytics Cookies: Help us understand how users interact with the Platform
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can control cookies through your browser settings. For more information, please see our Cookie Policy.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards, including standard contractual clauses and data processing agreements, to ensure your information is protected.

10. Children's Privacy

Our Platform is intended for business users and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will promptly delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on the Platform
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of the Platform after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

13. Additional Information for EEA Users

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Legal Basis: We process your data based on legitimate interests, contract performance, legal obligations, or your consent
• Right to Object: You may object to processing based on legitimate interests
• Right to Restrict: You may request restriction of processing in certain circumstances
• Right to Complain: You have the right to lodge a complaint with your local data protection authority