Privacy Policy

1. Introduction

Welcome to Secret Travel Gems ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website and use our services.

This policy applies to all users of our platform, including visitors, registered users, and contributors.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, username, password, and profile details
• Content: Articles, photos, reviews, and comments you submit
• Communication: Messages you send through our contact forms or support channels
• Preferences: Travel preferences, saved places, and personalization settings

2.2 Information We Collect Automatically

• Usage Data: Pages visited, time spent, clicks, and navigation patterns
• Device Information: IP address, browser type, device type, and operating system
• Location Data: Approximate location based on IP address (with your consent)
• Cookies: See our Cookie Policy for detailed information

3. How We Use Your Information

We use your information for the following purposes:

• Service Provision: To provide, maintain, and improve our platform
• Personalization: To customize content and recommendations
• Communication: To send important updates, newsletters, and respond to inquiries
• Analytics: To understand how our platform is used and improve user experience
• Security: To protect against fraud, spam, and security threats
• Legal Compliance: To comply with applicable laws and regulations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

• Consent: When you agree to marketing communications or cookies
• Contract: To fulfill our terms of service
• Legitimate Interest: For analytics, security, and service improvement
• Legal Obligation: To comply with laws and regulations

5. Information Sharing

We do not sell your personal information. We may share your information only in these circumstances:

• With Your Consent: When you explicitly agree to sharing
• Service Providers: With trusted third parties who help us operate our platform
• Legal Requirements: When required by law or to protect rights and safety
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Public Content: Content you publish publicly on our platform

6. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

• Account Data: Until you delete your account or request deletion
• Usage Data: Typically 2-3 years for analytics purposes
• Legal Requirements: As required by applicable laws
• Published Content: May remain available even after account deletion (anonymized)

7. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a portable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at zardeord@gmail.com

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Secure data centers and infrastructure
• Employee training on data protection

9. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure adequate protection through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Certification schemes and codes of conduct

10. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

11. Third-Party Services

Our platform may contain links to third-party websites or integrate with third-party services:

• Analytics: Google Analytics, Vercel Analytics
• Authentication: Google OAuth, GitHub OAuth
• Maps: OpenStreetMap, Leaflet
• File Storage: UploadThing

These services have their own privacy policies, and we encourage you to review them.

12. Updates to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices on our platform

13. Contact Information

If you have questions about this privacy policy or our data practices, please contact us:

If you are in the EU and believe we have not addressed your concerns, you have the right to lodge a complaint with your local data protection authority.