Privacy Policy

What we collect

When you unlock a tour, we collect your email address along with which city and tour you were browsing. If you submit a city request, we collect the city name and optionally your email and travel timing.

We use localStoragein your browser to remember that you've verified your email so you don't have to re-enter it. This is not a cookie and is never sent to any server.

Why we collect it

Your email verifies you're a real person interested in walking tours. We use this data to understand which cities and tours people care about, so we can prioritize what to build next. That's it.

How we store it

Your data is stored in Supabase (hosted in the EU, Frankfurt region). Verification codes are temporary and expire after 10 minutes. Verified emails are stored until you request deletion.

Verification emails are sent through Resend, a transactional email service. Resend processes your email address solely to deliver the verification code.

What we don't do

• We don't use tracking cookies or analytics (no cookie banner needed)
• We don't sell, share, or rent your data to third parties
• We don't send marketing emails — only the verification code you requested
• We don't create user accounts or passwords

Your rights (GDPR / CCPA)

You have the right to:

• Access — request a copy of the data we hold about you
• Deletion — request we delete all your data
• Portability — receive your data in a standard format
• Objection — object to how we process your data

To exercise any of these rights, email us at the address below. We'll respond within 30 days.

California residents (CCPA)

We do not sell personal information. You may request disclosure of what data we collect and request its deletion by contacting us.

Contact

For any privacy-related questions or data requests, email: privacy@routravels.com