Privacy Policy

1. Introduction

Voyagr Travel Inc. (“Voyagr,” “we,” “our,” or “us”) values your privacy and is committed to handling personal data with the highest standards of transparency, accountability, and compliance. This Privacy Policy provides a detailed explanation of how we collect, use, disclose, and safeguard personal data when you access or use our website and services at https://voyagr.travel (the “Platform”). It also outlines your rights under international data protection frameworks, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA), Brazil's LGPD, Canada's PIPEDA, Singapore's PDPA, and other applicable global privacy laws.

1.1. Definitions

PlatformThe Voyagr website (voyagr.travel), associated applications, software, and related services provided by Voyagr, whether accessed through desktop, mobile, or third-party integrations.

Voyagr / we / us / ourThe entity operating the Platform, including its subsidiaries, affiliates, and authorized representatives responsible for providing services to Travel Agents/Advisors and managing the Platform.

Travel Agent/Advisor or AgentAny professional individual or entity that registers, verifies, and uses the Platform to facilitate bookings, manage traveler data, and access Supplier services. Only verified Agents are permitted to use the Platform.

TravelerAny individual whose personal or travel-related data is entered into the Platform by a Travel Agent/Advisor for the purpose of making travel bookings or related services. Travelers are not direct contractual users of the Platform; their relationship is mediated through the Agent/Advisor.

SupplierThird-party providers of travel services, including airlines, hotels, rental car companies, tour operators, cruise lines, and other travel-related businesses that fulfill bookings made via the Platform.

Personal Data / Personal InformationAny information that directly or indirectly identifies an individual, such as full name, contact details, government-issued documents, payment information, IP address, or online identifiers, as defined under applicable privacy and data protection laws.

ProcessingAny operation or set of operations performed on Personal Data, whether automated or not, including collection, recording, organization, structuring, storage, alteration, retrieval, consultation, use, disclosure, transmission, dissemination, restriction, erasure, or destruction.

ControllerThe natural or legal person, agency, or other body that determines the purposes and means of Processing Personal Data. For Travel Agent–entered Traveler data, the Travel Agent/Advisor acts as the primary Controller, while Voyagr functions as a Processor. For Agent account data, Voyagr acts as the Controller.

ProcessorAny natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of a Controller. In certain contexts, Voyagr acts as a Processor for Traveler data entered by Agents/Advisors.

Cookies and Tracking TechnologiesSmall files, scripts, or tools placed on a user's device to enable functionality, collect usage data, track preferences, or deliver targeted advertising. This includes first-party cookies, third-party cookies, pixels, and beacons.

Sensitive Personal DataSpecial categories of data defined under applicable law, which may include health information, racial or ethnic origin, political opinions, religious beliefs, union membership, genetic or biometric data, sexual orientation, or criminal records. Voyagr does not intentionally collect or process such categories unless strictly necessary and permitted by law.

ConsentA freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, through a statement or clear affirmative action, signify agreement to the Processing of their Personal Data.

1.2. Scope of This Policy

This Privacy Policy governs the collection, use, disclosure, and protection of personal information across all interactions with Voyagr and our Platform. It applies to:

Travel Agents/Advisors — individuals who register for an account, undergo verification, and utilize the Platform's tools and services.
Travelers (End Customers) — personal and booking-related information entered into the Platform by verified agents/advisors.
Website Visitors — individuals who browse, interact with, or otherwise access voyagr.travel, whether or not they register for an account.

1.3. Global Reach

The Platform is designed to serve users worldwide, subject to applicable laws and regulations in each jurisdiction. Access is restricted to verified travel agents or advisors who successfully complete our verification process, which may include identity and professional credentials checks.

1.4. Third-Party Integration and Data Handling

Because Voyagr operates as a multi-supplier booking engine, interactions may involve third-party suppliers, payment processors, and service providers. This Privacy Policy applies to information collected and processed directly by Voyagr; the terms and conditions of suppliers or partners may govern certain aspects of cancellations, refunds, or use of traveler data. Users are encouraged to review the privacy policies of relevant third-party providers when booking or integrating services through the Platform.

1.5. Limitations

This Policy does not extend to websites, applications, or services operated by third parties that may be linked to or from the Platform. We disclaim responsibility for the data practices of such external services.

1.6. Acknowledgement

By accessing or using the Platform, all users acknowledge the applicability of this Privacy Policy and consent to the practices described herein, subject to rights granted under global privacy laws such as the GDPR, CCPA, and other applicable regulations.

2. Information Collection

We collect and process different categories of personal and non-personal information depending on the nature of the interaction with our Platform.

2.1. Information Collected from Travel Agents

When registering and using the Platform:

Identification and Contact Information

Full Name
Business Name
Professional Credentials
Physical Address
Email Address
Telephone Number

Account and Authentication Data

Username
Password
Documentation required for verification

Financial and Transactional Details

Preferred payment methods
Banking details for commission payments
Billing information necessary to process subscription or service fees

2.2. Information Entered About Travelers (by Verified Agents/Advisors)

Travel agents/advisors may input traveler details necessary to facilitate bookings. This may include:

Personal Identification

Full Name, Nationality, Date of Birth

Contact Information

Email Address, Phone Number, Residential or Mailing Address

Government and Travel Documentation

Passport Number, Visa Details, or other travel documents required to comply with airline, hotel, or destination regulations

Financial Information

Credit/Debit Card details or other financial data used to process reservations

2.3. Automatically Collected Technical and Usage Information

When users interact with the Platform, we automatically collect data through cookies, logs, and analytics tools.

Device and Network Identifiers

IP Addresses, Browser Type and Version, Operating System, Unique Device Identifiers

Session Data

Cookies, Web Beacons, Session Tokens, and analytics related to usage patterns

Activity Logs

Access times, page views, search queries, clicks, and error reports to monitor performance and security.

2.4. Sensitive Data

Voyagr does not intentionally collect sensitive personal data such as health-related information, racial or ethnic origin, political opinions, religious beliefs, genetic or biometric identifiers, sexual orientation, or legal/medical records. Traveler data is strictly limited to the categories necessary for the processing of travel bookings, in accordance with relevant privacy laws.

2.5. Third-Party Sources

In limited circumstances, we may obtain additional information from third-party sources, such as fraud prevention databases, payment processors, or identity verification services, to protect the integrity of the Platform and comply with regulatory obligations.

3. Reasons for Data Collection and Processing

We collect and process personal information for the following purposes, in line with applicable privacy and data protection laws:

3.1. Account Verification

Authenticate the identity of travel agents/advisors, confirm professional eligibility, and maintain the integrity of the Platform.
Prevent unauthorized access, fraudulent accounts, or misuse of the system.

3.2. Travel Service Facilitation

Process and manage traveler bookings across suppliers such as airlines, hotels, car rental agencies, and tour operators.
Transmit traveler information to suppliers where required for reservations, confirmations, modifications, or cancellations.

3.3. CRM Management

Enable agents to create, store, and manage traveler profiles, including travel history, preferences, and communication records.
Support personalized service offerings and efficient customer relationship management.

3.4. Payment Processing and Service Communication

Securely process agent subscription fees, traveler payments, and supplier charges through authorized payment providers.
Calculate and distribute commissions, generate invoices, and maintain financial records.
Provide customer support, respond to inquiries, and resolve issues.
Send confirmations, alerts, and updates regarding bookings, service announcements, or policy changes.
Deliver relevant marketing communications (subject to consent, where required by law).

3.5. Platform Optimization and Security

Monitor and analyze usage patterns in order to enhance functionality, user experience, and system performance.
Test new features, conduct troubleshooting, and protect against errors, abuse, or unauthorized activities.
Detect, investigate, and prevent fraudulent transactions or security threats.

3.6. Regulatory Compliance

Meet obligations under tax, audit, financial reporting, anti-money laundering (AML), counterterrorist financing (CTF), and other applicable legal requirements.
Cooperate with regulators, law enforcement, or courts when legally required.

3.7. Legitimate Business Purposes

Operate, maintain, and improve our business operations in a lawful manner consistent with user rights and expectations.

4. Cookies, Tracking Technologies, and Similar Tools

We use cookies, pixels, scripts, and other tracking technologies to enhance user experience, ensure platform functionality, and support lawful business purposes. These technologies may be deployed directly by Voyagr (first-party) or by trusted partners (third-party).

4.1. Types of Cookies We Use

Strictly Necessary Cookies

Required for secure login, session management, fraud detection, and basic platform operation. Disabling these may impair core functions.

Performance & Analytics Cookies

Collect anonymized data on traffic, browsing behavior, usage frequency, device types, feature performance, and error logs to improve user experience and service reliability.

Functionality Cookies

Remember agent preferences (e.g., language, currency, booking filters), reduce repetitive inputs, and personalize platform interactions.

Tracking Pixels / Beacons

Monitor engagement with emails, campaigns, and platform updates to optimize communication strategies.

Session Storage & Local Storage

Used by the application to maintain temporary records of user interactions for seamless browsing and booking.

4.2. Purposes of Using Cookies and Trackers

Maintain secure authentication and user sessions
Enable efficient operation of booking features and CRM tools
Monitor system health, detect errors, and improve navigation
Conduct statistical research and performance analytics
Deliver personalized, relevant content and advertisements
Safeguard against misuse, fraud, or unauthorized activity

4.3. User Choices and Control

Users may manage or disable cookies at any time via browser settings (e.g., Chrome, Safari, Firefox, Edge).
Some cookies are essential; disabling them may restrict Platform access.
Where legally required (e.g., EU/EEA, UK), users will see a cookie consent banner allowing them to accept, reject, or customize cookie preferences.
Users may exercise opt-out rights for marketing trackers by contacting us at [email protected].

5. Children's Data and Age Restrictions

Voyagr's Platform and services are intended solely for licensed and verified travel professionals. We do not knowingly solicit, collect, or store personal data from children under the age of 16 years (or the minimum age required by applicable law in certain jurisdictions, such as 13 in the United States under COPPA).

5.1. Platform Restrictions

Registration requires verification as a travel agent or advisor; minors are not eligible to create accounts or access services. The Platform is business-oriented, not consumer-facing, and contains no features designed to target children.

5.2. Safeguards

If we become aware that data from a child has been provided (directly or indirectly), we will take immediate steps to delete such information from our systems. Where applicable, we will notify the travel agent or advisor who input the information and remind them of their responsibility to secure lawful consent when entering traveler data.

5.3. Responsibilities of Travel Agents and Advisors

Agents are prohibited from submitting children's personal data unless strictly necessary for a travel booking (e.g., flights for minors).
In such cases, agents must obtain lawful parental/guardian consent and remain the data controller for such information. Voyagr will act solely as a processor.
Any misuse, such as entering children's data without proper authority, may lead to account suspension or termination.

6. Legal Basis for Processing

Voyagr processes personal data strictly in accordance with applicable laws. Under the GDPR (EU/UK), CCPA/CPRA (USA), Brazil's LGPD, and Canada's PIPEDA, we rely on the following lawful bases:

6.1. Contractual Necessity

We process personal data where it is necessary to enter into or perform a contract with travel agents/advisors. This includes authenticating agents, creating accounts, enabling bookings, transmitting traveler details to suppliers, and distributing commissions. Without such processing, we cannot deliver the services offered on our Platform.

6.2. Consent and Vital Interests

Where required by law, we request explicit consent for specific activities such as marketing communications, promotional campaigns, or the use of cookies and tracking technologies in regions where prior consent is mandatory. Consent is voluntary and can be withdrawn at any time without affecting prior lawful processing. In rare circumstances, we may process personal data to protect the vital interests of travelers, for example, in urgent travel-related emergencies.

6.3. Legitimate Interests

We process certain data where necessary to pursue our legitimate business interests, provided such interests are not overridden by your fundamental rights and freedoms. Examples include improving platform performance, fraud detection, internal analytics, service optimization, and communication with agents regarding platform updates or operational notices. We conduct balancing tests to ensure that legitimate interests are applied responsibly.

6.4. Legal Obligations

We may process personal data to comply with applicable laws, regulations, and lawful requests from authorities.
This includes obligations relating to recordkeeping, tax and financial reporting, anti-money laundering (AML) and counter-terrorist financing (CTF) checks, and compliance with consumer protection or travel industry regulations.
Where processing is mandatory to meet legal obligations, refusal may restrict access to our services.

7. Disclosure of Data to Third Parties

We disclose personal data only under controlled and limited circumstances, always ensuring compliance with applicable data protection laws.

7.1. Travel Suppliers

We share traveler information with third-party suppliers who are essential to fulfilling travel services — including airlines, hotels, tour operators, and ground transportation providers. The information disclosed is limited to what is necessary for the supplier to complete the requested booking or service.

7.2. Technology and Service Providers

We rely on trusted third-party vendors to support the technical and operational infrastructure of the platform. These include:

AWS

Secure hosting and cloud storage

Supabase

Database management and authentication services

Stripe

Secure payment processing and financial transactions

Google Analytics

Usage tracking, website performance measurement, and reporting

Intercom

Customer support, live chat, and service communications

Beehiiv

Email marketing and communications management

Featurebase

Collection of user feedback and roadmap tracking for product development

Each provider is contractually bound to process personal data only as necessary to perform services on our behalf and in compliance with applicable privacy standards.

7.3. Regulatory and Legal Authorities

We may disclose personal data when required to do so by law or legal process. This includes responding to lawful requests from courts, regulators, tax authorities, law enforcement agencies, or other government entities. We may also disclose data when necessary to protect our legal rights, investigate fraud, ensure compliance with contractual obligations, or respond to urgent security or safety concerns.

7.4. Restrictions on Data Sharing

We do not sell, rent, or trade personal information under any circumstances.

Any disclosure to third parties is strictly limited to the purposes outlined in this Privacy Policy and is subject to appropriate safeguards, such as contractual obligations and data protection measures.

8. International Data Transfers

Personal data may be processed in multiple jurisdictions where we or our service providers operate, including regions outside your country of residence. To safeguard such transfers, we implement Standard Contractual Clauses (SCCs), rely on adequacy decisions, or apply other legally recognized safeguards to ensure that data is handled in accordance with GDPR and comparable international data protection frameworks. By using the Platform, you acknowledge and agree that your personal information may be transferred to countries with different data protection laws; however, we take all necessary measures to provide adequate protection, maintain security, and uphold your privacy rights in line with applicable regulations.

9. Data Retention Practices

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to meet applicable legal, regulatory, and operational requirements.

Traveler Information: Generally retained until the completion of bookings, after which it may be stored for additional periods required for accounting, auditing, or legal compliance.
Agent Account Data: Preserved until the account is deactivated or terminated, unless longer retention is required by law or to resolve disputes.
Legal and Regulatory Requirements: Extended retention periods may apply to comply with tax obligations, financial reporting rules, or regulatory inquiries.

Once data is no longer required for active use, it is either securely deleted, anonymized for statistical purposes, or archived with restricted access to protect confidentiality.

10. Data Security Safeguards

We take the protection of personal data seriously and employ a combination of administrative, technical, and physical safeguards designed to maintain the confidentiality, integrity, and availability of information. These measures are continuously reviewed and updated in line with evolving security standards and regulatory requirements.

10.1. Encryption of Data in Transit and at Rest

All personal data is encrypted both during transmission over networks (using protocols such as TLS/SSL) and while stored on our servers. This ensures that sensitive information cannot be intercepted or accessed by unauthorized third parties.

10.2. Access Controls and Role-Based Permissions

We implement strict access control policies. Only authorized personnel with clearly defined roles can access specific categories of data, minimizing the risk of misuse or accidental exposure.

10.3. Security Audits, Testing, and Monitoring

Our systems undergo regular security audits, penetration testing, and real-time monitoring to identify vulnerabilities and detect suspicious activity. Proactive monitoring helps prevent breaches before they occur.

10.4. Secure Payment Handling

All financial transactions are processed through PCI DSS-compliant providers, such as Stripe, ensuring industry-standard protections for credit card and payment information.

10.5. Incident Response and Breach Management

We maintain a documented incident response plan to act quickly in the event of a security breach. This includes containment, investigation, notification of affected users, and corrective actions to strengthen safeguards.

11. Individual Rights

We respect the privacy rights of individuals across jurisdictions and provide mechanisms to ensure that users can exercise control over their personal data. The specific rights available depend on applicable laws and regulatory frameworks, but we strive to extend a consistent level of protection globally.

11.1. Rights Under GDPR (EU/UK)

Individuals within the European Union and the United Kingdom are entitled to:

The right to access personal data we hold about you
The right to rectify or update inaccurate or incomplete data
The right to request erasure of personal data (“right to be forgotten”)
The right to restrict or object to processing under certain circumstances
The right to data portability, allowing you to obtain and reuse your data
The right to withdraw consent where processing is based on consent
The right to lodge a complaint with a relevant supervisory authority

11.2. Rights Under CCPA/CPRA (California, USA)

California residents are entitled to:

The right to know what categories and specific pieces of personal data we collect, use, or disclose
The right to request deletion of personal information, subject to legal or contractual obligations
The right to opt out of the “sale” or “sharing” of personal data (note: we do not sell personal data)
The right to correct inaccurate information
The right to non-discrimination for exercising any privacy rights granted by law

11.3. Rights Under Other Frameworks (LGPD, PIPEDA, PDPA, etc.)

Where applicable, we also recognize equivalent rights under other data protection frameworks, such as Brazil's LGPD, Canada's PIPEDA, and Singapore's PDPA. This includes the right to transparency, correction, deletion, and objection, tailored to the local requirements of each framework.

11.4. Exercising Your Rights

To exercise your rights under any of the above frameworks, please contact us at [email protected].

12. Responsibilities for End-Customer Data

Travel agents are responsible for obtaining explicit consent from travelers before submitting personal data. Voyagr acts as a data processor with respect to traveler data, handling it only as instructed by travel agents. For GDPR purposes, travel agents are controllers of traveler data; Voyagr is the processor.

13. Account Termination & Data Deletion

Agents may close their account at any time; associated personal data will be deleted, anonymized, or retained only where legally required. End-customer bookings remain governed by supplier policies, including cancellations and refunds.

14. Policy Updates

This Privacy Policy may be updated periodically to reflect changes in law, business operations, or technology. Updates will be communicated via email or in-app notification with a revised “last updated” date. Continued use of the Platform after updates indicates acceptance.

15. Contact & Data Protection Queries

For inquiries, complaints, or to exercise your privacy rights, please contact us:

Voyagr Travel Inc.

244 5th Ave Suite #1863

New York, NY 10001 USA

Phone: +1 (888) 886-8204

Email: [email protected]