Privacy Policy

1. Introduction

VibeTraveler ("VibeTraveler," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and services (collectively, the "Services").

We operate in compliance with applicable data protection laws, including the Singapore Personal Data Protection Act 2012 ("PDPA") and, where applicable, the European Union General Data Protection Regulation ("GDPR") and other relevant privacy regulations.

By using our Services, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, phone number, password, and profile details when you create an account
• Booking Information: Guest names, travel dates, special requests, dietary requirements, and accessibility needs
• Payment Information: Credit/debit card details, billing address, and transaction history (payment card data is processed by our PCI-DSS compliant payment processors)
• Identity Documents: Passport or ID information when required by Hotel Partners for booking verification
• Communications: Messages, emails, chat transcripts, support requests, and feedback you send to us
• Preferences: Travel preferences, favorite hotels, room preferences, and membership settings

2.2 Information Collected Automatically

• Device Information: Device type, operating system, browser type, unique device identifiers, and mobile network information
• Log Data: IP address, access times, pages viewed, links clicked, and referring URLs
• Location Data: Approximate location based on IP address or, with your consent, precise location from your device
• Usage Data: Search queries, booking history, feature usage patterns, and interaction with our AI concierge
• Cookies and Similar Technologies: Information collected through cookies, pixels, and similar tracking technologies (see Section 8)

2.3 Information from Third Parties

• Social Login Providers: If you sign in using Google, Apple, or other social providers, we receive your name, email, and profile information as permitted by your privacy settings
• Hotel Partners: Stay history, preferences, and feedback related to your bookings
• Payment Processors: Transaction status and fraud prevention data

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Provision

• Process and manage hotel bookings and reservations
• Communicate booking confirmations, updates, and reminders
• Provide AI-powered concierge assistance and travel recommendations
• Administer membership programs and points
• Process payments and refunds
• Respond to inquiries and provide customer support

3.2 Service Improvement

• Analyze usage patterns to improve our platform and services
• Train and improve our AI systems and recommendation engines
• Conduct research and analytics
• Develop new features and services

3.3 Personalization

• Customize hotel recommendations based on your preferences and history
• Remember your preferences and settings
• Provide targeted offers and promotions relevant to your interests

3.4 Marketing and Communications

• Send promotional emails, newsletters, and special offers (with your consent where required)
• Notify you about new features, services, and membership benefits
• Conduct surveys and collect feedback

3.5 Security and Legal Compliance

• Detect, prevent, and investigate fraud and security incidents
• Verify identity and prevent unauthorized access
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and protect our rights

4. Information Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

4.1 Hotel Partners

We share booking details (guest names, dates, special requests) with Hotel Partners to fulfill your reservations. Hotel Partners are independent data controllers for the information they receive and process.

4.2 Service Providers

We engage trusted third-party service providers who process data on our behalf, including:

• Payment processors (Stripe) for transaction processing
• Cloud hosting providers (Amazon Web Services, Vercel) for data storage
• Email service providers for communications
• Analytics providers for usage analysis
• Customer support platforms

These providers are contractually bound to use your information only for the purposes we specify and to maintain appropriate security measures.

4.3 Legal Requirements

We may disclose your information when required by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have.

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Retention

We retain your personal information for as long as necessary to:

• Provide our Services and maintain your account
• Comply with legal, accounting, and regulatory requirements
• Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where retention is required by law or for legitimate business purposes.

Booking records are generally retained for seven (7) years for legal and accounting purposes. AI conversation history is retained for up to two (2) years to maintain service continuity and improve our systems.

6. Data Security

We implement comprehensive technical and organizational measures to protect your personal information, including:

• Encryption: All data transmissions are encrypted using TLS/SSL. Sensitive data at rest is encrypted using industry-standard encryption
• Access Controls: Access to personal information is restricted to authorized personnel on a need-to-know basis
• Infrastructure Security: Our systems are hosted on secure, SOC 2 compliant cloud infrastructure
• Payment Security: Payment processing is handled by PCI-DSS Level 1 certified processors; we do not store complete card numbers
• Monitoring: We continuously monitor for security threats and vulnerabilities
• Employee Training: Our staff receive regular training on data protection and security practices

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to request a copy of the personal information we hold about you and, where applicable, to receive it in a portable format.

7.2 Correction

You may update or correct inaccurate personal information through your account settings or by contacting us.

7.3 Deletion

You may request deletion of your personal information. We will comply with such requests subject to any legal retention requirements.

7.4 Marketing Opt-Out

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails or updating your preferences in your account settings. Note that you may still receive transactional communications related to your bookings.

7.5 Withdraw Consent

Where we rely on consent for processing, you may withdraw your consent at any time. This will not affect the lawfulness of processing before withdrawal.

7.6 Additional Rights (EU/UK Residents)

If you are located in the European Union or United Kingdom, you may also have the right to object to processing, request restriction of processing, and lodge a complaint with your local data protection authority.

To exercise any of these rights, please contact us at privacy@vibetraveler.com. We will respond to your request within the timeframes required by applicable law.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform.

8.1 Types of Cookies We Use

• Essential Cookies: Required for the platform to function properly (authentication, security, preferences)
• Analytics Cookies: Help us understand how visitors interact with our platform (Google Analytics)
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness

8.2 Managing Cookies

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our Services.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including locations, where our servers and service providers are located.

When we transfer data internationally, we implement appropriate safeguards to ensure your information receives an adequate level of protection, including:

• Standard Contractual Clauses approved by relevant authorities
• Transfers to countries with adequate data protection laws
• Other legally recognized transfer mechanisms

10. Children's Privacy

Our Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@vibetraveler.com, and we will take steps to delete such information.

11. Third-Party Links

Our platform may contain links to third-party websites, including Hotel Partner websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website with a new "Last updated" date and, where appropriate, by email notification.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within a reasonable timeframe, typically within thirty (30) days.