Travel with Tom: https://travelwithtom.net

Last updated: February 19, 2026

1. Introduction

This Privacy Policy explains how Travel with Tom (“we”, “us”, “our”) collects, uses, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

Travel consultation services are provided by an Estonia-registered business.

If you have questions regarding this policy, you may contact us at: support@travelwithtom.net

2. What Personal Data We Collect

We may collect the following categories of personal data:

a) Information You Provide Directly

• Full name
  
  
• Email address
  
  
• Payment information (processed via third-party provider)
  
  
• Travel-related information voluntarily shared during consultation
  
  
• Messages sent via contact form
  
  
• Booking details
  
  

b) Automatically Collected Data

When you visit the website, we may collect:

• IP address
  
  
• Browser type
  
  
• Device information
  
  
• Pages visited
  
  
• Time spent on website
  
  
• Referring URLs
  
  

This data is collected via cookies and analytics tools.

3. Purpose of Data Processing

We process personal data for the following purposes:

• To provide travel consultation services
  
  
• To process payments
  
  
• To respond to inquiries
  
  
• To manage bookings
  
  
• To send follow-up emails related to consultations
  
  
• To improve website functionality and performance
  
  
• To comply with legal and accounting obligations
  
  

We do not sell personal data.

4. Legal Basis for Processing (GDPR)

We process your data based on:

• Contractual necessity (to provide booked consultation services)
  
  
• Legitimate interest (to improve services and website performance)
  
  
• Legal obligation (accounting and tax compliance)
  
  
• Consent (for marketing communication, if applicable)
  
  

5. Payment Processing

Payments are securely processed through third-party payment providers such as:

• Stripe
  
  
• PayPal
  
  

We do not store full credit card information.

These providers process data in accordance with their own privacy policies.

6. Data Retention

We retain personal data only as long as necessary for:

• Fulfilling consultation services
  
  
• Legal and accounting obligations
  
  
• Resolving disputes
  
  

Consultation-related communication may be retained for documentation purposes.

7. Data Sharing

We do not sell or rent personal data.

We may share limited data with:

• Payment processors (Stripe, PayPal)
  
  
• Website hosting provider
  
  
• Email service provider
  
  
• Booking software provider
  
  

All third-party providers are required to comply with applicable data protection laws.

8. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented, such as:

• Standard Contractual Clauses (SCCs)
  
  
• Data processing agreements with service providers
  
  

9. Cookies

This website uses cookies for:

• Website functionality
  
  
• Analytics
  
  
• Security
  
  

You may control or disable cookies through your browser settings.

A cookie banner will be displayed where required by law.

10. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

• SSL encryption (HTTPS)
  
  
• Secure payment gateways
  
  
• Limited data access
  
  
• Secure hosting
  
  

However, no online system can be guaranteed 100% secure.

11. Updates to This Policy

We may update this Privacy Policy periodically.

The latest version will always be available on this page.