At Smart Travel AI, we respect your privacy. This Policy explains what we collect, why we collect it, how we use it, and the choices you have. We process personal data in line with applicable law, including the UK GDPR and (where relevant) the EU GDPR.

We collect:

• Account & Contact Data: name, email, password.
• Payment Data: cardholder details (processed by our payment provider), billing info.
• Travel Preferences: destinations, dates, interests, itinerary inputs.
• Usage & Device Data: pages viewed, session info, IP address, browser/OS.
• Location Data: if you grant permission in your device or browser.
• Communications: messages to support, feedback, and survey responses.

We use personal data to:

• Provide the service (AI trip planning, itinerary generation, account features).
• Personalize recommendations and content.
• Process payments, prevent fraud, and provide customer support.
• Improve and develop our platform (analytics, debugging, testing).
• Send service messages and, with your consent, product updates or offers.
• Comply with legal obligations and enforce our terms.

Depending on the context, we rely on one or more of the following legal bases:

• Contract: to deliver the service you requested.
• Consent: for optional features like marketing emails or location services.
• Legitimate Interests: to secure, improve, and operate our platform.
• Legal Obligations: to meet accounting, tax, or regulatory requirements.

Personal data is processed by COMPANY LTD (the data controller) and by vetted service providers acting on our instructions (e.g., hosting, analytics, payments, support). We may use machine learning to generate and refine recommendations; we do not use your data to create publicly available profiles.

We do not sell personal data. We may share limited data with:

• Service Providers: cloud hosting, analytics, payment processors, anti-fraud.
• Business Operations: professional advisors, auditors.
• Legal: when required by law or to protect rights, safety, or prevent fraud.

We may share aggregated or de-identified insights that cannot reasonably identify you.

If personal data is transferred outside the UK/EEA, we use appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions) and implement technical and organizational measures to protect it.

We use cookies and similar technologies to run the site, remember preferences, and improve performance. You can manage non-essential cookies in our banner or via your browser settings. Categories include essential, performance, functionality, and (if enabled) marketing.

Subject to applicable law, you may have the right to access, correct, delete, or restrict processing of your data; to object to processing; and to data portability. Where processing is based on consent, you can withdraw consent at any time. You also have the right to lodge a complaint with your local supervisory authority.

We keep personal data only as long as necessary for the purposes in this Policy. Factors include your account status, legal and regulatory requirements, dispute resolution, and fraud prevention. When data is no longer needed, we delete or irreversibly anonymize it.

We use protections such as TLS encryption, access controls, and secure infrastructure. While we work hard to safeguard your data, no method of transmission or storage is completely secure.

Our services are not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us and we will take appropriate steps to remove it.

We use automation to generate itineraries and recommendations. We do not make decisions with legal or similarly significant effects solely by automated means. You can always adjust preferences or contact support for manual review.

We may update this Policy from time to time. We will post the revised version with a new “Last updated” date and, where appropriate, notify you by email or in-product message.

The data controller is COMPANY LTD (trading as Smart Travel AI). If you have questions or requests about this Policy or your personal data, contact us:

• Company: COMPANY LTD
• Reg. Nr.: 1111111
• Address: 577 Random Street, England, UK
• Email: support@smarttravelai.org

For general queries, you can also use our Contact page.

You can opt in or out of marketing communications at any time via email footer links or by contacting support. Service and transactional messages (e.g., password resets, receipts) are not marketing and will still be sent when needed.