Privacy Policy

3.1 Retention Period

We will only retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or for as long as required by law, contractual obligations, or legitimate business interests. The specific retention period may vary depending on the type of data and the context in which it was collected.

3.2 Legal Compliance

In some cases, we may need to retain your personal data for longer periods to comply with legal or regulatory obligations (e.g., tax laws, financial record-keeping requirements, or other legal claims). Where retention is legally required, we will retain the data for the minimum period mandated by law.

3.3 Anonymization and Deletion

When your personal data is no longer required for the purposes for which it was collected, we will securely delete or anonymize it. Anonymization ensures that the data can no longer be linked to an individual, while deletion ensures the data is irreversibly removed from our systems.

3.4 Business Needs

We may also retain certain data if it is necessary for our legitimate business purposes, such as fraud prevention, dispute resolution, or improving our services. However, in all cases, we ensure that the retention period is reasonable and justified by the business need.

3.5 Your Rights

You have the right to request that we delete or correct your personal data, subject to certain exceptions (such as when data is retained for legal or business purposes).

4.1 Service Providers and Contractors

We may share your personal data with trusted third-party service providers who assist us in delivering our services, including but not limited to:

• Cloud storage providers
• Payment processors
• Customer support and communication platforms
• Data analytics providers
• Marketing and advertising partners
• Website hosting and IT services

These service providers are contractually obligated to handle your data only in accordance with our instructions and to take appropriate measures to safeguard your personal information.

4.2 Affiliates and Business Partners

We may share your personal data with our affiliates, subsidiaries, or business partners to enhance our services and provide you with personalized experiences. For example:

• Service Improvements: Sharing aggregated data to improve service quality and performance.
• Marketing: Providing data to trusted partners to deliver tailored content and offers, strictly based on your explicit consent.

4.3 Business Transactions

In the event that we merge, acquire, or sell all or part of our business, your personal data may be transferred as part of that transaction. We will notify you in advance if your personal data is transferred or becomes subject to a different privacy policy.

4.4 Payment Processors

To facilitate payments for your purchase of our service, we share necessary information (such as payment details, billing address, etc.) with secure third-party payment processors. These payment processors are responsible for:

• Processing credit card or other payment method transactions
• Managing billing and invoicing details

We use secure, PCI-compliant payment processors to ensure your financial information is handled safely.

4.5 Third-Party Advertising Analytics and Providers

We may share aggregated, non-identifiable information with third-party advertising and analytics providers to help us understand user behavior, improve our services, and deliver targeted advertisements. These third parties may use cookies and other tracking technologies to collect data about your interactions with our website or app.

4.6 International Transfer

If your personal data is transferred to recipients outside your country of residence (e.g., to a service provider or affiliate in another country), we will take appropriate steps to ensure that the data is protected in accordance with applicable data protection laws. This may include using legal mechanisms such as Standard Contractual Clauses or ensuring that the recipient has adequate data protection measures in place.

5.1 Right to Access

You have the right to request a copy of the personal data we hold about you. This includes information such as:

• Your account details
• Transactional data (e.g., payment history, travel related data generation)
• Communication records with our support team

To request access to your data, please contact us at support@happytrip.io. We will respond to your request within the timeframes required by law.

5.2 Right to Rectification

If you believe the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it. You can edit certain information directly within your account settings. For other updates, please contact our support team.

To request corrections to your personal data, please reach out to us by email: support@happytrip.io

5.3 Right to Erasure (Right to be Forgotten)

You can request that we delete your personal data if:

• You no longer need our services or wish to close your account
• You withdraw your consent to data processing (if applicable)
• We no longer need to process your data for the purposes for which it was collected

To request erasure of your data, please contact us by email: support@happytrip.io

5.4 Right to Restrict Processing

You have the right to request that we limit or stop processing your personal data under certain conditions, such as when:

• You believe the data we hold about you is inaccurate and you are verifying its accuracy
• Our processing of your data is unlawful, but you prefer to limit its use rather than delete it
• You have objected to our processing (see "Right to Object") and we are considering your request

If you wish to restrict the processing of your data, please contact us by email: support@happytrip.io

5.5 Right to Data Portability

You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer your data to another service provider, where technically feasible.

To exercise this right, please contact us at support@happytrip.io. We will process your request in a timely manner, in accordance with applicable laws.

5.6 Right to Object

You have the right to object to the processing of your personal data in certain situations, such as when:

• We are processing your data for direct marketing purposes (e.g., personalized offers or advertising)
• Our processing of your data is based on legitimate interests (e.g., improving our services or preventing fraud)

If you wish to object to certain processing activities, you may contact us by email: support@happytrip.io

5.7 Right to Withdraw Consent

In cases where we process your personal data based on your consent (for example, for marketing purposes or optional data sharing), you have the right to withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing carried out before the withdrawal.

To withdraw your consent, you can adjust your preferences in the app, unsubscribe from marketing emails, or contact us by email: support@happytrip.io

5.8 Do Not Sell My Personal Information

California residents have the right to opt-out of the sale of their personal information. To exercise this right, contact us directly at support@happytrip.io

5.9 Right to Lodge a Complaint

If you believe that we have not handled your personal data in accordance with privacy laws, you have the right to lodge a complaint with a data protection authority or regulatory body in your country. You are encouraged to contact us first to address any concerns you may have, but you are also entitled to file a complaint directly with the relevant authority.

5.10 Right to Opt-Out of Marketing Communications

You have the right to opt-out of receiving promotional or marketing emails from us. You can do this by:

• Clicking the "unsubscribe" link at the bottom of any marketing email you receive from us
• Contacting us directly to request that we stop sending you marketing communications

6.1 Encryption

We use encryption technology to protect your personal data when it is transmitted over the internet. For example, when you provide sensitive information such as payment details, we use Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols to ensure that your data is encrypted during transmission. This helps prevent unauthorized third parties from intercepting your data.

6.2 Access Controls

Access to your personal data is restricted to authorized personnel only. We have implemented strict internal controls to limit access to personal data based on the needs of specific employees or contractors who are required to process or handle your data. All employees are trained on our data protection policies, and access to personal data is regularly reviewed.

6.3 Data Storage Security

We store your personal data on secure servers protected by firewalls and other advanced security mechanisms. Our cloud service providers also adhere to strict security protocols, and we use physical and logical security measures to protect the servers where your data is stored.

6.4 Payment Data Security

When processing payments, we work with third-party payment processors that are fully compliant with Payment Card Industry Data Security Standards (PCI DSS). These providers use advanced security measures, such as tokenization and encryption, to ensure that your payment information is handled securely.

6.5 Two-Factor Authentication (2FA)

To enhance the security of your account, we may offer two-factor authentication (2FA) for an added layer of protection. When enabled, 2FA requires you to verify your identity through a secondary method (such as a code sent to your phone) in addition to your usual login credentials.

6.6 Regular Security Audits and Monitoring

We conduct regular security audits and assessments to identify vulnerabilities and ensure that our security practices remain effective. Additionally, we monitor our systems for suspicious activity and have measures in place to detect and respond to potential security incidents.

6.7 Data Retention and Disposal

We only retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal obligations. When data is no longer needed, we take steps to securely delete or anonymize it to prevent unauthorized access.

6.8 Incident Response and Breach Notification

6.9 Third-Party Security

We ensure that any third-party service providers we work with (such as cloud storage providers, payment processors, and customer support platforms) are committed to maintaining strong security measures. These providers are required to meet our security standards and comply with applicable privacy and data protection laws.

6.10 Your Role in Protecting Your Data

10.1 Initial Resolution

11.1 Express Consent

By using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. Your continued use of our services constitutes your acceptance of these terms.

11.2 Electronic Acceptance

You agree that your use of our services, including clicking "I agree" or similar buttons, checking boxes, or continuing to use our services after being notified of updates to this Privacy Policy, constitutes your legal signature and acceptance of these terms.

11.3 Capacity to Accept

You represent that you have the legal capacity to accept this Privacy Policy or, if you are under the legal age of majority, that you have obtained parental/guardian consent.