Privacy Policy for TravelInsuranceGeek.com

1. Introduction

At TravelInsuranceGeek.com, we are firmly committed to protecting your personal data and respecting your privacy rights. This Privacy Policy outlines how we collect, use, store, share, and secure your personal information. We undertake to handle your data with diligence and transparency in alignment with our obligations under applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

We prioritize data privacy and cybersecurity and implement measures to ensure your personal data is used safely and lawfully.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of the TravelInsuranceGeek.com website, including visitors, subscribers, and customers. For the purposes of applicable data protection legislation, the data controller responsible for your personal data is:

Travel Insurance Geek
Website: https://travelinsurancegeek.com
Contact Email: [email protected]

As a data controller, we determine the purposes and means of processing your personal information in accordance with applicable laws.

3. Categories of Personal Data Processed

We collect and process the following categories of personal data:

a) Usage Data
Information automatically collected when you interact with our website, such as browser type and version, device identifiers, IP addresses, session frequency and duration, pages visited, time spent on each page, referral sources, and navigational patterns.

b) Account Data
Information you provide when creating or managing an account, including your name, billing and mailing address, email address, account username, and telephone number.

c) Profile Data
Information related to your preferences, purchase history, site behavior, saved quotes, and interests in travel insurance packages or related services.

d) Communication Data
Records of any communication you send to us through email, contact forms, or site chat, including support requests, inquiries, feedback, complaint history, and related correspondence.

e) Technical Data
Device-specific data such as operating system, screen resolution, browser plug-in types and versions, system configurations, language settings, and time zones.

f) Transaction Data
Details associated with purchases or inquiries, including payment information (processed via third-party providers), policy details, currency preferences, and delivery addresses.

g) Preference Data
Your responses to marketing consents, newsletter subscriptions, survey inputs, user personalization settings, and product interest indicators.

4. Legal Bases for Processing

Under GDPR and other applicable laws, we process your personal data using one or more of the following legal bases:

– Consent: When you have clearly agreed to the processing of your personal data for a specific purpose (e.g., marketing communications).
– Contractual Necessity: When processing is necessary to fulfill a contract with you or respond to your requests before entering into a contract.
– Legitimate Interests: When processing is necessary for our legitimate interests or that of a third party, provided your rights and interests do not override those interests.
– Legal Obligation: When we are legally required to process your personal data.

5. Your Rights

As permitted under GDPR and CCPA, you have the following data protection rights:

– Right of Access: You may request confirmation of whether we process your personal data and gain access to it.
– Right to Rectification: You can request correction of inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): You can ask us to delete your personal data under specific circumstances.
– Right to Restriction of Processing: You may request that we limit the processing of your personal data.
– Right to Data Portability: You may request your data in a machine-readable format or that we transfer that data to another provider.
– Right to Object: You have the right to object to our processing in certain cases, such as direct marketing.
– Right to Withdraw Consent: You may withdraw your consent at any time when we rely on consent to process your data.

California consumers also benefit from:

– Right to Know: You can request, up to twice per year, the categories and specific pieces of personal information we collect, use, and disclose.
– Right to Delete: You can request deletion of your personal information.
– Right to Opt-Out of Sale or Sharing: We do not sell or share your personal data for monetary gain.
– Right to Non-Discrimination: Exercising these rights will not negatively impact your experience with TravelInsuranceGeek.com.

To exercise any rights, please contact us at [email protected].

6. Security Measures

We take the security of your data seriously. To safeguard personal information, we implement strong technical and organizational security controls, including:

– Data encryption in transit and at rest
– Secure socket layer (SSL) technology for secure browsing
– Access controls and authentication for authorized personnel only
– Regular security audits and vulnerability assessments
– Firewalls and anti-malware defenses
– Staff data protection training and confidentiality obligations
– Secure backup and storage procedures

7. International Transfers

Personal data we collect may be transferred to trusted service providers or partners located outside the European Economic Area (EEA) or your local jurisdiction. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

– Standard Contractual Clauses approved by the European Commission
– Adequacy decisions for specific jurisdictions
– Binding corporate rules or equivalent measures

Your data will be processed in accordance with applicable data protection laws despite geographic location.

8. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Retention periods vary by data type:

– Account, Profile, and Communication Data: Retained for as long as your account remains active and for a reasonable period thereafter (up to 7 years) for audit and legal purposes.
– Transaction and Payment Data: Retained for regulatory and financial compliance purposes (typically up to 7 years).
– Marketing and Preference Data: Retained until you withdraw consent or unsubscribe.
– Technical and Usage Data: Retained for system analysis and improvement (up to 2 years).

When data is no longer needed, we securely delete or anonymize it.

9. Cookie Policy

TravelInsuranceGeek.com uses cookies and similar technologies to enhance user experience, analyze website performance, and support marketing efforts. Cookies may be categorized as follows:

– Essential Cookies: Necessary for core website functionality and security (e.g., session management, authentication).
– Functional Cookies: Enable improved user experience, such as remembering your preferences or saved quotes.
– Analytics Cookies: Used to track site usage patterns, traffic sources, and performance metrics to optimize content.
– Performance Cookies: Improve user interface responsiveness and experience based on device behavior.

Third-party cookies may also be placed by analytics providers or advertising partners under strict contractual terms.

10. Cookie Management and Compliance

In compliance with GDPR and CCPA, you have control over cookie usage:

– You can manage cookie preferences through our cookie consent banner or settings panel.
– Your browser settings may allow you to block, clear, or disable cookies.
– You may opt out of certain third-party analytics or marketing cookies as provided during your visit to the site.

Please note that disabling certain cookies may affect website functionality.

11. Special Protections for Children Under 13

TravelInsuranceGeek.com does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that personal data has been collected from a child without verifiable parental consent, we will delete such information promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

12. Policy Updates

We may update this Privacy Policy from time to time in response to legal, technical, or operational changes. We encourage you to review this page periodically. Where required by law or where significant changes are made, we will notify you appropriately through the website or via email.

13. Contact Us

If you have questions, concerns, or wish to exercise your privacy rights, please contact our Data Protection Officer via:

Email: [email protected]
Website: https://travelinsurancegeek.com

We are committed to addressing privacy-related inquiries promptly and in full accordance with applicable legislation.

—

This Privacy Policy reaffirms our commitment to lawful, fair, and transparent processing of your personal data. For any further information or to exercise your rights, please contact us at [email protected].