Privacy Policy

1. Introduction

TravellingEZ (“we”, “our”, “us”) explains on this page how personal data is handled when you use www.travellingez.com.

This policy applies to visitors, contact form submissions, newsletter signups, likes, comments, and cookie consent choices.

2. Data We Process

2.1 Contact form

• Data: Name, email, subject, message
• Purpose: Reply to inquiries

2.2 Guest comments

• Data: Name, email (required), comment text, post slug, moderation status, created timestamp
• Abuse prevention: A one-way pseudonymous identifier derived from IP address is stored; raw IP is not stored in the comments table
• Purpose: Publish approved comments and moderate spam/abuse

2.3 Likes

• Data: Post slug, pseudonymous like identifier, timestamp
• Purpose: Prevent duplicate likes and show like counts

2.4 Newsletter

• Data: Email, consent timestamp/version, confirmation token hash, confirmation status
• Purpose: Email updates after double opt-in confirmation

2.5 Cookie consent audit log

• Data: Pseudonymous subject token, selected preferences, consent mechanism, consent text version, timestamp
• Not stored: Raw IP address and raw user-agent in consent logs

3. Cookies and Tracking

Essential functionality is always active. Analytics/performance tools are loaded only after opt-in from cookie settings.

• Essential: Site operation and preference storage
• Analytics: `@vercel/analytics` (only after consent)
• Performance: `@vercel/speed-insights` (only after consent)

4. Subprocessors and Service Providers

5. Legal Basis and Usage Purposes

• Consent: Newsletter and non-essential cookies
• Legitimate interests: Site security, abuse prevention, moderation, and operations
• Contract/communication: Responding to direct contact requests

6. Data Retention

• Comments: Kept while published/moderated unless deletion is requested and legally permissible
• Newsletter: Kept until unsubscribe or deletion request
• Consent logs: Kept for compliance/accountability records
• Operational logs: Limited retention according to provider defaults and operational needs

7. Your Rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

To exercise these rights, please contact us using the information provided below.

8. Security

We implement appropriate security measures to protect your personal information:

• Secure HTTPS encryption for all data transmission
• Regular security updates and monitoring
• Limited access to personal information
• Secure hosting through Vercel with enterprise-grade security

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. International Transfers

Our website is hosted on Vercel, which may transfer data internationally. We ensure that any such transfers comply with applicable data protection laws and use appropriate safeguards.

By using our website, you consent to the transfer of your information to countries outside your residence, including the United States.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our website after any changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 24 hours and address any concerns about your personal data.