Privacy Policy

Introduction

BestVacation, Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services. Please read this policy carefully to understand our practices regarding your personal data.

This Privacy Policy applies to all information collected through our website, mobile applications, and any related services (collectively, the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

We collect several types of information from and about users of our Service:

Personal Information

• Contact Information: Name, email address, phone number, and mailing address
• Travel Preferences: Destination preferences, travel dates, accommodation preferences, and itinerary data
• Special Needs Information: Medical conditions, accessibility requirements, dietary restrictions, and other special needs information necessary to provide personalized travel planning services
• Payment Information: Credit card numbers, billing addresses, and payment history (processed securely through third-party payment processors)
• Location Data: Geographic location information when you use location-based features of our Service

Biometric Information (BIPA Compliance)

When you use our voice-enabled features, we may collect voice recordings and voiceprint data. This biometric information is collected to provide AI-powered travel planning assistance and improve your user experience.

Important: Under the Illinois Biometric Information Privacy Act (BIPA), we are required to inform you that:

• We collect biometric identifiers (voice recordings and voiceprints)
• The purpose of collection is to provide AI-powered travel planning assistance and improve our services
• We will retain biometric data for a period of three (3) years or until you request deletion, whichever comes first
• We will securely store biometric data using industry-standard encryption and access controls
• We will permanently destroy biometric data upon expiration of the retention period or upon your request
• We do not sell, lease, trade, or otherwise profit from your biometric data

By using our voice-enabled features, you provide your informed written consent to the collection, storage, and use of your biometric information as described in this Privacy Policy. You may withdraw your consent at any time by contacting us at contact@bestvacation.travel.

How We Use Your Information

We use the information we collect for the following purposes:

• Personalized Travel Planning: To create customized travel itineraries and recommendations based on your preferences and special needs
• AI-Powered Recommendations: To provide intelligent suggestions for accommodations, activities, and services that match your requirements
• Customer Service: To respond to your inquiries, provide support, and communicate with you about your travel plans
• Service Improvements: To analyze usage patterns, improve our Service, and develop new features
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To protect the security and integrity of our Service and prevent fraud

AI Data Processing

Our Service uses artificial intelligence technologies provided by third-party service providers to enhance your travel planning experience. These AI providers assist with:

• Natural language processing and understanding of your travel preferences
• Generating personalized travel recommendations and content
• Voice synthesis and voice-enabled features for travel planning assistance

When using these AI-powered features, we may share the following types of data with our AI service providers:

• Travel preferences, itinerary data, and special needs information (anonymized where possible)
• Text-based queries and conversations
• Voice recordings and voiceprint data (for voice-enabled features)

All data shared with AI service providers is transmitted using encrypted connections (TLS/SSL) and processed in accordance with industry-standard privacy and security practices. We have contractual agreements with these AI service providers that require them to:

• Maintain appropriate security measures to protect your data
• Use your data solely for the purposes we specify
• Not sell or share your data with other parties
• Comply with applicable data protection laws

Third-Party Service Providers

We may share your information with third-party service providers who perform services on our behalf, including:

• AI Service Providers: Third-party AI technology providers that assist with natural language processing, content generation, and voice-enabled features
• Payment Processors: Companies that process payment transactions
• Analytics Providers: Services that help us analyze website usage and improve our Service
• Cloud Storage Providers: Services that host and store our data
• Customer Support Tools: Platforms that help us provide customer service

We follow data minimization principles and only share the minimum amount of information necessary for these service providers to perform their functions. All third-party service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Data is encrypted both in transit (using TLS/SSL) and at rest (using industry-standard encryption algorithms)
• Access Controls: We limit access to personal information to authorized employees and service providers who need it to perform their duties
• Security Protocols: We regularly review and update our security practices, conduct security audits, and monitor for potential security threats
• Secure Storage: Personal information is stored on secure servers with appropriate backup and disaster recovery procedures

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining reasonable security measures.

Your Privacy Rights

You have certain rights regarding your personal information. Depending on your location, these rights may include:

• Right to Access: You may request access to the personal information we hold about you
• Right to Correction: You may request that we correct any inaccurate or incomplete personal information
• Right to Deletion: You may request that we delete your personal information, subject to certain legal exceptions
• Right to Opt-Out: You may opt-out of certain uses of your personal information, such as AI processing for marketing purposes
• Right to Withdraw BIPA Consent: You may withdraw your consent for the collection and use of biometric information at any time
• Right to Data Portability: You may request a copy of your personal information in a structured, machine-readable format

To exercise any of these rights, please contact us at contact@bestvacation.travel. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods are as follows:

• Account Information: Retained for the duration of your account and for a reasonable period thereafter for legal and business purposes
• Travel Preferences and Itineraries: Retained for three (3) years after your last use of the Service or until you request deletion
• Biometric Data (Voice Recordings): Retained for three (3) years or until you request deletion, whichever comes first, in compliance with BIPA
• Payment Information: Retained as required by law and financial regulations, typically seven (7) years
• Special Needs Information: Retained for the duration of your account and securely deleted upon account closure or request

When we delete your personal information, we will use reasonable efforts to permanently remove it from our systems and those of our service providers. However, some information may remain in backup systems for a limited period before being permanently deleted.

Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at contact@bestvacation.travel. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

For children between the ages of 13 and 18, we require parental consent before collecting personal information, in compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this Privacy Policy
• Notify you of material changes by posting a notice on our website or sending you an email notification
• Obtain your consent for any material changes that affect how we use your biometric information, as required by BIPA

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: