Privacy Policy – sotto.travel

Information we collect

When you order an itinerary, we collect your email address and the travel preferences you submit in the questionnaire (destination, dates, travel style, group size, and similar details). We do not collect payment details directly — these are handled securely by Stripe.

How we use your information

Your information is used solely to create and deliver your itinerary, and to communicate with you about your order. We will not sell, rent, or share your personal information with third parties, except as described below.

Third-party services

We use a small number of trusted third-party services to operate sotto.travel:

Stripe — secure payment processing
Resend — email delivery
Supabase — secure data storage
Anthropic (Claude API) — AI-assisted itinerary drafting

Each of these services has its own privacy policy and processes data only as needed to provide their service.

Data retention

We retain your order information (email, questionnaire answers, and delivered itinerary) for up to 12 months, after which it is deleted. You can request deletion at any time by contacting us.

Cookies

sotto.travel uses minimal cookies — only what is necessary for the site to function. We do not use tracking or advertising cookies.

Data security

We take reasonable precautions to protect your personal information from unauthorised access or disclosure. All data is transmitted over HTTPS.

Your rights

You have the right to access, correct, or delete your personal data at any time. To make a request, contact us at [email protected].

Third-party links

Our website and itineraries may contain links to external websites (restaurants, venues, etc.). We are not responsible for the privacy practices or content of those sites.

Changes to this policy

We may update this privacy policy from time to time. The current version will always be posted on this page.

Contact

Questions about your data or this policy? Contact us at [email protected].