The JourneyMate logo - A smiling face with a pindrop on the right side of the smile with a star.

JourneyMate privacy policy

Last updated 18-05-25

JourneyMate Privacy Policy

Last Updated: 18/05/2025

1. Introduction

Welcome to JourneyMate! This Privacy Policy explains how JourneyMate Limited Partnership ("JourneyMate", "we", "us", "our") collects, uses, shares, and protects your personal information when you use our website, mobile applications, and services (collectively, the "Platform").

JourneyMate provides a bespoke experience marketplace connecting users ("Users", "you") with providers of travel activities and experiences ("Suppliers"). Protecting your privacy is paramount to us. This policy outlines our practices and your rights regarding your personal data, in compliance with applicable data protection laws, including the New Zealand Privacy Act 2020.

By accessing or using the JourneyMate Platform, you agree to the collection and use of information in accordance with this policy. Please also review our General Terms and Conditions, which govern your use of the Platform.

2. Information We Collect

We collect different types of information to provide and improve our Platform and personalize your experience.

  • 2.1. Information You Provide Directly:

    • Account & Profile Information: When you register for an account or complete your profile during onboarding, we collect personal information such as your name, email address, phone number, date of birth (for age verification and personalization), sex, country of origin, and travel circumstances (e.g., solo traveller, couple, family).
    • Preferences: We collect information about your travel interests, preferences, and desired experience types during onboarding and potentially through profile settings.
    • Bespoke Experience Prompts: When you use our Large Language Model (LLM) feature to create bespoke experience packages, we collect the prompts and inputs you provide. This helps generate the package and may be used to improve our services (see Section 3).
    • Communications: If you contact us directly (e.g., customer support), we may keep a record of that communication.
    • Booking Information: Details needed to facilitate bookings with Suppliers, which may include specific requests or requirements you provide.

  • 2.2. Information Collected Automatically:

    • Usage Data: We automatically track your interactions with the Platform. This includes pages viewed, listings clicked, searches performed, features used, time spent on the platform, IP address, browser type, device information (model, operating system), and general location data derived from your IP address or device settings (if enabled).
    • Transactional Data: We collect data related to your activities on the Platform, including experiences you view, save, or add to wishlists; bespoke packages you create; bookings made; booking confirmations; and cancellations.

  • 2.3. Information from Third Parties:

    • Payment Information: We use Stripe Connect Express, a third-party payment processor, to handle payments. When you make a booking, you provide payment details directly to Stripe. JourneyMate does not store your full credit card number. We receive transaction confirmations, booking identifiers, and limited payment information (like card type and last four digits) from Stripe to confirm payment, manage bookings, and handle potential refunds or disputes. Stripe's use of your information is governed by their own privacy policy.
    • Suppliers: Suppliers may provide us with information regarding your participation in an experience (e.g., confirmation of attendance, feedback).

3. How We Use Your Information

We use the information we collect for various purposes:

  • 3.1. To Provide and Manage Services:

    • To create and manage your JourneyMate account.
    • To process your bookings and facilitate transactions with Suppliers.
    • To facilitate payment processing via Stripe.
    • To communicate with you about your account, bookings, and service updates.

  • 3.2. To Personalize Your Experience:

    • To tailor recommendations, search results, and content displayed on the Platform based on your profile information (age, sex, origin, circumstance), stated preferences, usage data, transactional history, and potentially anonymized/aggregated insights derived from bespoke package creation prompts.
    • Our adaptive algorithms use this data to predict experiences you might like and optimize your journey discovery process.

  • 3.3. To Operate and Improve the Platform:

    • To understand how users interact with the Platform, identify trends, and improve functionality, performance, and user-friendliness.
    • To analyze usage patterns, transactional data, and feedback (including LLM prompts in an aggregated or anonymized form where appropriate) to develop new features and services.
    • To train and refine our personalization algorithms and the LLM component for better bespoke package generation.
    • For troubleshooting, data analysis, testing, research, and statistical purposes.

  • 3.4. For Security and Compliance:

    • To prevent fraud, spam, abuse, security incidents, and other harmful activity.
    • To comply with legal obligations (e.g., tax laws, law enforcement requests).
    • To enforce our General Terms and Conditions and other policies.

  • 3.5. For Marketing (with your consent):

    • To send you promotional messages, marketing, advertising, and other information that may be of interest to you based on your preferences (you can opt-out at any time).

4. How We Share Your Information

We may share your information in the following circumstances:

  • 4.1. With Suppliers: We share necessary information (e.g., your name, booking details, contact information if required for the experience) with Suppliers to enable them to provide the booked experience. Their use of your data is subject to their own privacy practices.

  • 4.2. With Service Providers: We engage third-party companies and individuals to perform services on our behalf (e.g., cloud hosting, data analytics, customer support, marketing assistance, payment processing). These providers only have access to the information necessary to perform their tasks and are obligated not to disclose or use it for other purposes.

    • Stripe: We share transaction details with Stripe Connect to process payments securely.

  • 4.3. For Legal Reasons: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of JourneyMate, our Users, Suppliers, or the public.

  • 4.4. Business Transfers: If JourneyMate is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you before your personal information becomes subject to a different privacy policy.

  • 4.5. Aggregated Data: We may share aggregated or anonymized information (which does not identify individual users) with partners or for public reporting on travel trends.

5. Legal Basis for Processing (for users covered by specific regulations like GDPR, and as good practice under NZ Privacy Act)

Our legal basis for collecting and using the personal information described above will depend on the specific context. Primarily, we rely on:

  • Performance of a Contract: Processing necessary to provide the JourneyMate service you requested, including facilitating bookings and payments.
  • Legitimate Interests: Processing for our legitimate interests, such as platform improvement, personalization, security, and fraud prevention, provided these are not overridden by your data protection interests or fundamental rights.
  • Consent: Where required by law (e.g., for certain types of marketing communications or cookies), we will obtain your consent. You can withdraw consent at any time.
  • Legal Obligation: Processing necessary to comply with our legal obligations.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This includes encryption, access controls, and secure protocols. Payment processing via Stripe uses their secure infrastructure. However, no internet transmission or electronic storage is 100% secure, so we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., for tax, legal, or accounting purposes). This includes retaining data necessary to provide our services, maintain your account, comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we will securely delete or anonymize it. LLM prompt data may be retained for model improvement purposes, typically in an anonymized or aggregated form, subject to our data retention schedules.

8. Your Privacy Rights (Under the NZ Privacy Act 2020)

You have rights regarding your personal information:

  • Right to Access: You can request access to the personal information we hold about you.

  • Right to Correction: You can request correction of inaccurate or incomplete personal information. You can often update profile information directly in your account settings.

  • Right to Request Deletion: You can request the deletion of your personal information, subject to certain exceptions (e.g., where we need to keep data for legal compliance or ongoing service provision).
  • Right Regarding Use/Disclosure: You have the right to understand how we use and share your data.

To exercise these rights, please contact us using the details below. We will respond to your request in accordance with applicable law.

9. Children's Privacy

The JourneyMate Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under this age. If we become aware that we have collected data from a child without verification of parental consent, we will take steps to remove that information.

10. Third-Party Links

Our Platform may contain links to other websites or services not operated by us (e.g., Supplier websites, Stripe). If you click a third-party link, you will be directed to their site. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on the Platform and updating the "Last Updated" date. We encourage you to review this policy periodically. Your continued use of the Platform after changes constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Privacy Officer at contact@journeymate.co.nz

© 2025 JourneyMate. All rights reserved