Privacy Policy

Last updated: April 3, 2026

Voyager (“Voyager,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, applications, and related services (collectively, the “Services”).

1. Scope and agreement

By accessing or using the Services, you acknowledge that you have read this Privacy Policy. If you do not agree, please discontinue use of the Services. This policy applies to personal data we process as a controller, except where a separate notice applies (for example, certain enterprise agreements).

2. Information we collect

We may collect the following categories of information, depending on how you use Voyager:

  • Account and identity data: name, email address, username, password credentials (stored using industry-standard hashing where applicable), authentication identifiers, and profile preferences you choose to provide.
  • Trip and itinerary data: destinations, dates, bookings, notes, documents you upload or import, and related travel preferences you submit to plan or manage trips.
  • Communications: messages you send to us (for example, support requests), feedback, and survey responses.
  • Usage and device data: log data, approximate location derived from IP address, browser type, device identifiers, pages viewed, referring/exit pages, and timestamps. We may use cookies and similar technologies as described below.
  • Integrations: if you connect third-party accounts (for example, email, calendar, document providers, or loyalty programs), we collect information that you authorize those services to share with us, subject to their terms and your settings.
  • Payment data: if we offer paid features, payment processing is handled by payment processors; we typically receive limited billing metadata, not full card numbers.

3. Cookies and similar technologies

We use cookies, local storage, pixels, and similar technologies to operate the Services, remember preferences, measure performance, and—where permitted—understand product usage. You can control cookies through your browser settings; disabling certain cookies may limit functionality.

4. How we use information

We use personal data to:

  • Provide, operate, maintain, and improve the Services;
  • Create and manage your account and authenticate you;
  • Generate itineraries, recommendations, and travel-related assistance, including through automated and AI-assisted features;
  • Communicate with you about updates, security, and support;
  • Detect, prevent, and respond to fraud, abuse, and security incidents;
  • Comply with law and enforce our Terms of Service;
  • Analyze usage in aggregate or de-identified form to improve reliability and user experience.

5. AI and automated processing

Certain features use machine learning and large language models to interpret inputs and produce suggestions. We may send relevant portions of your content to subprocessors that provide model infrastructure, subject to contractual safeguards where available. Outputs may be inaccurate or incomplete; you should verify important travel decisions independently. Do not submit highly sensitive personal data you are not comfortable having processed for these purposes.

Where the GDPR or similar laws apply, we rely on one or more of the following legal bases: performance of a contract, legitimate interests (such as securing and improving the Services, provided those interests are not overridden by your rights), consent where required, and compliance with legal obligations.

7. How we share information

We may share personal data with:

  • Service providers who host infrastructure, provide analytics, email delivery, customer support tooling, security monitoring, and AI inference, under contracts that limit their use of data;
  • Professional advisors (lawyers, auditors) where necessary and subject to confidentiality obligations;
  • Authorities when required by law, legal process, or to protect rights, safety, and security;
  • Business transfers in connection with a merger, acquisition, or asset sale, subject to safeguards described in this policy;
  • With your direction, such as when you choose to share a trip or export data.

We do not sell personal information as “sale” is defined under the CCPA/CPRA, and we do not share personal information for cross-context behavioral advertising absent appropriate consent where required.

8. Retention

We retain personal data only as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law. Retention depends on factors such as whether you maintain an account, legal obligations, dispute resolution, and ongoing legitimate business needs (for example, backups with defined lifecycles).

9. Security

We implement administrative, technical, and organizational measures designed to protect personal data, including encryption in transit where appropriate, access controls, and vendor reviews. No method of transmission or storage is completely secure; we encourage strong passwords and prompt reporting of suspected unauthorized access.

10. International transfers

We may process and store information in the United States and other countries where we or our providers operate. Where required, we implement appropriate safeguards (such as Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland.

11. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, or export certain personal data; object to or restrict certain processing; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory authority.

California residents: you may have rights under the CCPA/CPRA, including to know categories of personal information collected, to request deletion subject to exceptions, and to opt out of certain sharing where applicable. We will not discriminate against you for exercising these rights.

To exercise rights, contact us at privacy@govoyager.co. We may verify your request and respond within the timeframes required by law.

12. Children

The Services are not directed to children under 13 (or the age required in your jurisdiction), and we do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version with an updated “Last updated” date and, where changes are material, provide additional notice as required by law (for example, email or in-product notification).

14. Contact

Questions about this Privacy Policy: privacy@govoyager.co