Privacy Policy

Effective: May 9, 2026. We collect the minimum data needed to deliver the service.

1. What we collect

• Email address. Provided by you at checkout. Used for the purchase receipt, recovery email, and support.
• Payment information. Card details are collected and processed by Stripe. We never see or store them. We retain the Stripe payment intent ID and amount for our records.
• IP address and basic request metadata. Used for rate limiting, abuse prevention, and operational logs.
• Device location during tour playback. Processed by your browser to trigger narration at the right spot. Location data is not transmitted to our servers; it stays on your device.
• Cookies. See section 4 below.

2. How we use it

• Fulfill your purchase and grant access to the bundle
• Deliver the recovery email if you lose access
• Provide customer support when you contact us
• Detect and prevent abuse (rate limiting, fraud detection)
• Aggregate, anonymized analytics to improve the product (e.g. which tours are most popular)

We do not sell your data. We do not share it for advertising purposes.

3. Third parties we use

• Stripe — payment processing. Stripe Privacy Policy.
• Brevo (transitional) and / or Postmark (eventual primary) — transactional email delivery for receipts and recovery links.
• Cloudflare — DNS, content delivery, and DDoS protection. May see request metadata in transit.

These services act as data processors on our behalf and only receive the data they need to provide their function.

4. Cookies

We use a small number of strictly functional cookies. None are used for advertising or third-party tracking.

• traviis_access — your tour-access credential. Set after a successful purchase or recovery link click. Lifetime: 30 days.
• traviis_session — pairs with traviis_access to prevent URL-sharing. Lifetime: 30 days.
• traviis_recovery_unlocked — short-lived cookie set after a recovery-link click, allowing you to open multiple purchased tours in one session. Lifetime: 10 minutes.

All three cookies are HttpOnly (inaccessible to JavaScript) and Secure (HTTPS only).

5. How we store your email

Your email address is stored in two forms in our database: the literal email (for sending receipts and recovery links) and a one-way hash (for looking up your purchases without exposing the address in logs and error reports). Both are kept as long as you have purchases on file.

6. Data retention

• Purchase records (Stripe IDs, amount, date, bundle) — retained for tax and accounting purposes per applicable law (typically 7 years).
• Email + email hash — retained while you have any non-revoked purchases plus a reasonable grace window.
• IP address logs — retained for 30 days for operational use, then aggregated or deleted.
• Backup copies of the above — held for up to 90 days as part of standard backup rotation.

7. Your rights

Depending on where you live, you may have rights to access, correct, or delete your personal data, and to obtain a copy in a portable format. To exercise any of these, email [email protected]. We respond within 30 days.

Note: deleting your purchase record will revoke access to the associated tours. Tax-required records may be retained in redacted form per applicable law.

8. Children

Traviis is not directed at children under 13. We do not knowingly collect personal data from children. If you believe we have, email us and we will delete it.

9. Security

We protect your data with reasonable technical safeguards: HTTPS, encrypted databases, scoped credentials, and limited employee access. No system is perfectly secure; if a breach occurs that affects your data, we will notify you per applicable law.

10. Changes to this policy

We may update this policy. Material changes will be posted on this page and, where reasonably possible, communicated by email to existing customers.

11. Contact

Questions, concerns, or requests: [email protected].