Document
Privacy Policy
This Privacy Policy explains how we collect, use, share, and protect personal information when you visit voyarank.tech or use the voyarank Service ("we," "us," "voyarank"). It also describes the rights you have over your personal information and how to exercise them.
Voyarank is operated in the United States. For privacy questions, contact privacy@voyarank.tech.
This policy applies to personal information processed in connection with the Service. It does not cover third-party websites or services that we do not control, even when linked from voyarank.tech.
Scope of this Policy
Voyarank is a business-to-business software service for tour operators, destination management companies, online travel agencies, and similar businesses. Most of the personal information we process belongs to the individuals who sign up to use voyarank on behalf of those businesses — names, work email addresses, billing details. We do not knowingly collect data about consumer end-travelers, except indirectly through the analytics signals our Customers configure us to track on their own websites, where the personal information involved (if any) is governed by our Customer's privacy policy and any Data Processing Addendum between us.
This policy applies globally to anyone who interacts with voyarank.tech or the Service, with additional rights and disclosures for residents of California and other US states.
Geographic availability. The Service is not currently offered to users in the European Economic Area (EEA), Switzerland, or the United Kingdom. Customer accounts cannot be created from those regions, and active customer use of the Service from those regions is not permitted under our Terms of Service. This Privacy Policy describes how we treat personal information generally; the EU/UK-specific compliance mechanisms (Article 27 representative, EU-US Data Privacy Framework, Standard Contractual Clauses) are not in place because there are no EU/UK customers. We will update this policy if availability changes.
Personal Data We Collect
We collect the following categories of personal information directly from you when you create an account, configure the Service, contact support, or use the Service:
- Account data — your name, work email address, timezone, and a hashed (not plain-text) version of your password. We use this to identify and authenticate you, to deliver the Service, and to communicate with you about your account.
- Billing data — handled by Stripe, our payment processor. We do not store your card number. We store the Stripe customer identifier and your subscription status only. Stripe collects and processes your payment instrument under its own privacy policy.
- Usage statistics — counts and frequencies of feature use, session timestamps, API call counts, and similar event-level metadata. We do not store the substantive content of your keyword lists, content briefs, or specific site analyses as part of usage statistics. The substantive content is stored separately to deliver the Service to you, and we do not read, sell, or share that content outside of providing the Service.
- Support communications — when you email us or contact support, we receive your message and any attachments, your contact details, and a record of the communication.
- Technical data — IP address, device type, browser, operating system, and approximate geographic location derived from IP. We use this for security, fraud prevention, debugging, and to keep the Service running.
We do not knowingly collect special categories of personal data under GDPR (such as health, racial or ethnic origin, or biometric data), and we do not process sensitive personal information under CCPA except to the extent that login credentials are considered sensitive (we store only a hashed password, never the plaintext).
How We Collect Personal Data
We collect personal data from three places. Information you give us directly through forms, settings, support channels, and the Service itself. Information automatically generated as you use the Service, such as event logs and technical metadata. And information from a small number of service providers we use to operate the Service (such as billing status updates from Stripe and error reports from Sentry).
Why We Process Your Data — Purposes
We process personal data for the following purposes: to provide, operate, maintain, and improve the Service; to bill you and process payments; to send you account-related communications such as password resets, billing receipts, security notifications, and service updates; to send you product news, tips, and marketing messages where you have not opted out (you may opt out at any time); to detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms; to comply with legal obligations such as tax record retention; and to enforce our Terms of Service or defend legal claims.
How We Share Personal Data — Sub-processors
We share personal data with a limited set of service providers ("sub-processors") who help us operate the Service. All of our sub-processors are located in the United States.
| Sub-processor | Purpose | Location | Categories of data processed |
|---|---|---|---|
| Hostinger (US data centers) | Application and database hosting | United States | All account, billing, usage, and technical data |
| Stripe | Payment processing | United States | Billing data, name, email, payment instrument (handled directly by Stripe) |
| Resend | Transactional and notification email delivery | United States | Name, email, message content |
| Sentry | Application error monitoring and debugging | United States | Technical data, error context, partial request data |
We do not sell or share personal information for cross-context behavioral advertising, monetary value, or any other commercial purpose. We do not rent personal information to data brokers.
We may disclose personal information when required by law, court order, or other legal process, to respond to a verifiable government request, to protect our or our users' rights or safety, or in connection with a merger, acquisition, financing, or sale of all or substantially all of our assets (in which case we will notify you and any successor will be bound by this Privacy Policy or one no less protective).
International Data Transfers and Geographic Restrictions
Voyarank is operated from the United States, and all of our sub-processors process data in the United States. The Service is not currently available to users located in the European Economic Area (EEA), Switzerland, or the United Kingdom — accounts cannot be created from those regions, and using the Service from those regions is not permitted under our Terms.
If you access voyarank.tech as a visitor from a country outside the United States, any limited personal data we process about your visit (such as IP address and browser metadata used for site security and analytics) is processed on servers located in the United States.
Data Retention
We retain personal data only for as long as needed for the purposes described in this policy.
Account data is retained for the duration of your account, plus a wind-down period after termination. When you delete your account from the settings page, your account enters a thirty-day grace period during which deletion can be reversed; after the grace period, account data is permanently deleted from our active systems, with deletion from backups occurring on the regular backup rotation cycle.
Billing records are retained for the period required by applicable US tax and accounting law and to defend against possible legal claims.
Anonymized usage statistics — aggregated, de-identified counts and frequencies that cannot reasonably be linked to you — may be retained for product analytics and capacity planning. These statistics are not personal data once anonymized.
Support communications are retained for the period needed to resolve your matter, plus any retention required by applicable law.
Error logs are retained for the period appropriate to detect, investigate, and respond to security incidents.
If you have outstanding obligations to us (such as unpaid fees) or if we have an outstanding legal obligation that requires longer retention, retention is extended to the duration of that obligation.
Your Rights
Depending on where you live, you have rights over your personal information. The rights below are available to all users of the Service, regardless of jurisdiction, except where explicitly noted.
You have the right to know and access the personal information we hold about you, including the categories of data, the purposes for processing, the sub-processors we share with, and the retention period. You can self-serve this by downloading a JSON export of your data from the account settings page; for anything not covered by the export, contact privacy@voyarank.tech.
You have the right to correct or rectify inaccurate personal information. Most account fields can be edited directly from your account settings; contact privacy@voyarank.tech for anything you cannot edit yourself.
You have the right to delete your personal information. You can schedule deletion of your account from the account settings page — the account enters a thirty-day grace period and is then permanently deleted as described in the Data Retention section. Some data (billing records, fraud-prevention logs) may be retained longer where required by law.
You have the right to data portability — to receive your personal information in a structured, commonly used, machine-readable format and to have it transmitted to another controller. The JSON export from the account settings page satisfies this in most cases.
You have the right to object to or restrict processing based on legitimate interests, including processing for direct marketing. You can opt out of marketing email through the unsubscribe link in any marketing message or by contacting us. For other objections, contact privacy@voyarank.tech.
You have the right to withdraw consent where we rely on consent as the lawful basis for a particular processing activity. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
You have the right to lodge a complaint with a supervisory authority. For California residents, this is the California Attorney General (oag.ca.gov) or the California Privacy Protection Agency (cppa.ca.gov). Residents of other US states with comprehensive privacy laws may complain to their state Attorney General.
California-specific rights — CCPA / CPRA
If you are a California resident, you have the rights described above and the following additional CCPA / CPRA rights. The right to know what personal information we collect and how we use and share it. The right to delete personal information we collect from you, subject to certain exceptions. The right to correct inaccurate personal information. The right to opt out of the sale or sharing of personal information for cross-context behavioral advertising — voyarank does not sell or share personal information under the CCPA / CPRA definitions, so there is nothing to opt out of. The right to limit the use of sensitive personal information — the only category of sensitive personal information we process is your account credentials (stored as a hashed password). The right to non-discrimination for exercising your privacy rights — we will not deny service, charge different prices, or provide a different level of service because you exercised any of these rights.
Other US state privacy rights
If you are a resident of any US state with a comprehensive consumer privacy law, you have rights substantially similar to the California rights above. You may exercise these rights by contacting privacy@voyarank.tech with details of your request. You may appeal a denial of a request by replying to our response within forty-five days; appeal decisions are made in writing within sixty days.
How to Exercise Your Rights
Most rights are exercisable directly from your account settings (export, correction of most fields, scheduled deletion). For anything not available there — including any request to be confirmed in writing, any request on behalf of a household member, or any appeal — contact privacy@voyarank.tech with the words "Privacy Request" in the subject line.
We will acknowledge your request within ten business days and respond substantively within forty-five days for California and other US state-law requests, extendable by a further forty-five days with notice if the request is complex or we have received a large volume of requests.
Security
We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Specifically: data is encrypted in transit using TLS; passwords are stored as one-way hashes; access to production systems is limited to personnel who need it; we monitor for suspicious activity. No security system is perfect — if you become aware of a security incident affecting your account, contact us promptly at privacy@voyarank.tech.
In the event of a personal data breach that creates a risk of harm to you, we will notify you and applicable regulators (such as state Attorneys General) in line with applicable law and within the timeframes those laws require.
Children
The Service is not directed to children under the age of sixteen, and we do not knowingly collect personal information from children under sixteen. If you believe a child has provided personal information to us, contact privacy@voyarank.tech and we will delete it.
Do Not Sell or Share — CCPA Statement
We do not sell personal information for monetary or other valuable consideration. We do not share personal information for cross-context behavioral advertising. As a result, we do not provide a "Do Not Sell or Share My Personal Information" link, because there is nothing to opt out of. If we change this practice in the future, we will update this policy, provide notice in advance, and offer the required opt-out mechanism.
Cookies
For information about cookies and similar technologies used on voyarank.tech, see our separate Cookie Policy.
Changes to This Policy
We may update this Privacy Policy from time to time. For material changes, we will notify you by email and via in-product notice at least thirty days before the change takes effect. Non-material changes (clarifications, formatting, corrections) take effect upon posting.
Contact
Privacy questions, rights requests, complaints, and any other privacy correspondence: privacy@voyarank.tech.
End of document — Privacy Policy