Overview & scope
TripCreator, Inc. (“TripCreator”, “we”, “us”) provides a business-to-business intelligence layer for custom-travel operators, destination marketing organisations, and event organisers. This Privacy Policy explains the categories of personal data we process, the purposes and legal bases for processing, our retention practices, and the rights available to data subjects.
This Policy is written to comply with - and is interpreted in light of - the following frameworks where they apply:
- the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the UK GDPR;
- the EU Artificial Intelligence Act (Regulation (EU) 2024/1689, “EU AI Act”), in particular Articles 5 (prohibited practices), 9-11 (data and data governance), and Articles 50 and 52 (transparency obligations for AI systems and general-purpose AI);
- the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA / CPRA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Data Privacy Act (“CTDPA”), the Utah Consumer Privacy Act (“UCPA”), and successor or comparable US state privacy laws;
- sector-specific US laws where applicable, including the Children's Online Privacy Protection Act (“COPPA”) and the Federal Trade Commission Act §5 (unfair or deceptive practices);
- the Brazilian Lei Geral de Proteção de Dados (“LGPD”) and Canada's PIPEDA, for partners and data subjects in those jurisdictions.