What this data policy covers
This page is a more detailed companion to our Privacy Policy. It describes the legal bases we rely on, where your data is processed, and the specific safeguards we put in place.

A more technical companion to our Privacy Policy — describing the legal bases, processors and safeguards behind how we handle your data.
This page is a more detailed companion to our Privacy Policy. It describes the legal bases we rely on, where your data is processed, and the specific safeguards we put in place.
Customer records are stored on managed PostgreSQL infrastructure (Neon, US/EU regions). Transactional emails are processed by Resend. Payments are handled by our PCI-DSS compliant payment processor.
When data is transferred outside your home region we rely on Standard Contractual Clauses or equivalent legal mechanisms.
We collect only the data needed to deliver the service you booked. We do not enrich your profile from third-party data sets.
If a breach occurs that is likely to result in a risk to your rights, we will notify the appropriate supervisory authority within 72 hours and email you directly without undue delay.
Email dpo@travelora.app for any data protection matter. We aim to respond within five business days.
Questions? Reach out to us at hello@travelora.app.