Privacy Policy

1. Introduction

Spirit of Traveling ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our travel planning platform and services.

Data Controller: Spirit of Traveling is a Spanish autonomous company (not officially registered) operated by two freelance individuals. Our data processing is governed by Spanish and European Union data protection laws.

Data Storage: Our servers are located in Germany/Netherlands, but data processing is subject to Spanish and EU regulations under the General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Information You Provide

• Account information (name, email address) when you create an account
• Travel preferences and itinerary data
• Communications with us (contact form submissions, support requests)
• User-generated content (reviews, comments, photos you upload)

2.2 Information We Collect Automatically

• Usage data (pages visited, features used, time spent)
• Device information (browser type, operating system, IP address)
• Location data (if you choose to share it)
• Cookies and similar tracking technologies

2.3 Third-Party Data Sources

We integrate data from various sources to provide comprehensive travel information:

• Wikipedia: Destination information and descriptions (attributed as required)
• Geonames: Geographic data and place names (attributed as required)
• OpenStreetMap: Map data and layers via Leaflet library (attributed as required)
• Other APIs: Weather, transportation, and tourism data

3. How We Use Your Information

We use your information to:

• Provide and improve our travel planning services
• Personalize your experience and recommendations
• Process transactions and manage your account
• Communicate with you about our services
• Analyze usage patterns to improve our platform
• Comply with legal obligations
• Protect against fraud and security threats

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

• Consent: When you explicitly agree to data processing
• Contract Performance: To provide our services as agreed
• Legitimate Interest: To improve our services and prevent fraud
• Legal Obligation: To comply with applicable laws

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in these circumstances:

• With your explicit consent
• To comply with legal obligations or court orders
• To protect our rights, property, or safety
• With service providers who assist us (under strict confidentiality agreements)
• In case of business transfer (merger, acquisition, etc.)

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Secure data centers with physical security
• Staff training on data protection

7. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Right of Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at administrator@spiritoftraveling.com

8. Data Retention

We retain your data only as long as necessary for the purposes outlined in this policy:

• Account data: Until account deletion or 3 years of inactivity
• Usage data: Up to 2 years for analytics purposes
• Communication data: Up to 3 years for customer service
• Legal compliance data: As required by applicable laws

9. International Data Transfers

While our servers are in Germany/Netherlands, some data may be processed by third-party services globally. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) for EU-US transfers
• Adequacy decisions by the European Commission
• Binding Corporate Rules where applicable
• Certification schemes and codes of conduct

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Provide personalized content and recommendations
• Ensure website security and functionality

You can control cookies through your browser settings, but disabling them may affect functionality.

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will delete the information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or through our platform. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us:

14. Data Protection Authority

You have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) if you believe we have violated your data protection rights:

15. Copyright and Attribution

Our Content: All original content, software, and data created by Spirit of Traveling is protected by copyright. All rights reserved. No distribution, copying, modification, or use without permission is allowed.

Third-Party Content: We respect intellectual property rights and provide proper attribution for:

• Wikipedia content (Creative Commons Attribution-ShareAlike)
• Geonames data (Creative Commons Attribution 4.0)
• OpenStreetMap data (Open Database License)
• User-submitted photos (with appropriate licenses)