GDPR Compliance Policy

Last updated: [Date]

Introduction

wanderMoreGo is committed to protecting the personal data of our users in full compliance with the General Data Protection Regulation (GDPR). This policy explains how we collect, process, store, and protect your personal information when you visit our website.

Data Collection and Processing

What Data We Collect

We collect the following categories of personal data:

Identifiers: Name, email address, phone number (when provided via contact form)
Technical Data: IP address, browser type, device information, operating system
Usage Data: Pages visited, time spent on site, click behavior, referral sources
Booking Data: When you book through our affiliate partners, we may receive your booking details (name, travel dates, destination)

Legal Basis for Processing

We process your data based on the following legal grounds:

Consent: For cookies and marketing communications (you can withdraw consent at any time)
Legitimate Interest: For site functionality, analytics, and improving user experience
Contractual Necessity: When processing bookings through our partners
Legal Obligation: For compliance with tax and financial regulations

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods:

Contact form data: 12 months
Analytics data: 26 months
Booking data: 5 years (for tax and accounting purposes)
Cookies: Session cookies expire when browser is closed; persistent cookies expire after 12 months

Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure (Right to be Forgotten): Request deletion of your data
Right to Restrict Processing: Limit how your data is used
Right to Data Portability: Receive your data in a structured format
Right to Object: Object to processing based on legitimate interest
Right to Withdraw Consent: At any time for data processed based on consent

Data Transfers

Your personal data may be transferred to third-party services located outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Privacy Shield certification (where applicable)
Binding Corporate Rules (BCRs) for internal transfers

Data Security

We implement robust technical and organizational measures to protect your data against unauthorized access, loss, or alteration:

Encryption of data at rest and in transit (TLS 1.2+)
Regular security audits and vulnerability assessments
Strict access controls and authentication protocols
Secure server environments with firewalls and intrusion detection
Regular data backups and disaster recovery procedures

Data Protection Officer

Our Data Protection Officer can be contacted at:

Email: [email protected]

Postal Address: wanderMoreGo Data Protection Officer, 123 Travel Avenue, Suite 100, New York, NY 10001, USA

Complaints

If you believe we have violated your GDPR rights, you have the right to lodge a complaint with a supervisory authority in your EU member state. A list of supervisory authorities can be found at https://ec.europa.eu/info/law/law-topic/data-protection/reform/after-25-may-2018/eu-data-protection-authorities_en