Skip to main content
← Back to AI VACATIONS
AI VACATIONS

Privacy Policy

Last updated: June 2026

Introduction

AI VACATIONS ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our hotel-deal matchmaking platform.

Information We Collect

Information you provide

  • Name and contact information (email, phone)
  • Billing and payment information (for booking fees)
  • Offers you submit (hotel, dates, price, guests)
  • Deal and negotiation history
  • Account credentials

Information collected automatically

  • Device information (browser, OS)
  • IP address and approximate location
  • Usage patterns and interactions
  • Cookies and tracking technologies

How We Use Your Information

  • Negotiate your offers with hotels
  • Communicate about your offers and deals
  • Process booking fees
  • Provide customer support
  • Personalize your experience
  • Improve our platform and services
  • Detect and prevent fraud
  • Comply with legal obligations

Information Sharing

  • Hotels: Offer details shared so hotels can respond to your offer
  • Payment Processors: Stripe for secure transactions
  • Service Providers: Third parties who assist operations
  • Legal Requirements: When required by law or to protect rights

We do not sell your personal information for marketing purposes.

Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Until you delete your account
  • Deal Records: 7 years (legal/tax requirements)
  • Payment Data: As required by financial regulations
  • Analytics Data: 26 months (anonymized thereafter)

International Data Transfers

Your information may be transferred to and processed in countries outside your jurisdiction, including the United States. When we transfer data internationally, we use appropriate safeguards:

  • Standard Contractual Clauses (SCCs) for EU transfers
  • Data Processing Agreements with all vendors
  • Encryption in transit and at rest

Cookies

We use cookies and similar technologies to enhance your experience. You can manage your preferences:

  • Necessary: Required for site functionality (cannot be disabled)
  • Analytics: Google Analytics to understand usage
  • Marketing: Microsoft Clarity for experience optimization

Use "Cookie preferences" in the footer to manage your choices.

Data Security

We implement industry-standard security measures including TLS encryption, secure servers (SOC 2 compliant hosting), regular security assessments, and access controls. However, no transmission method is 100% secure.

California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale/sharing of personal information
  • Right to Correct: Request correction of inaccurate information
  • Non-Discrimination: We will not discriminate for exercising your rights

Do Not Sell My Personal Information

We do not sell personal information in the traditional sense. However, some analytics/marketing cookies may constitute "sharing" under CCPA. To opt out:

  1. Click "Cookie preferences" in the footer
  2. Disable Analytics and Marketing cookies
  3. Save your preferences

GDPR Rights (EU/EEA Users)

If you are in the European Union or European Economic Area, you have rights under the General Data Protection Regulation:

  • Access and receive a copy of your data
  • Correct inaccurate information
  • Request deletion ("right to be forgotten")
  • Object to or restrict processing
  • Data portability (receive data in machine-readable format)
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

Legal basis for processing: Contract performance, legitimate interests, consent, and legal obligations.

Children's Privacy

AI VACATIONS is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@aivacations.com. We will delete such information promptly.

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also send an email notification.

Contact Us

Questions about this Privacy Policy or your data?

We respond to all data subject requests within 30 days.