🔒 Legal

Privacy Policy

Last Updated: June 8, 2026  ·  Effective Date: June 8, 2026

NewEcom AI operates the TravelSmart web platform at app.travelsmart.travel. This policy explains how we collect, use, and protect your information.

Contents
  1. Information We Collect
  2. How We Use Your Information
  3. Data Storage & Security
  4. Data Retention
  5. Your Rights & Choices
  6. Cookies & Tracking
  7. Children's Privacy
  8. International Transfers
  9. California Rights (CCPA)
  10. European Rights (GDPR)
  11. Changes to This Policy
  12. Contact Us
1

Information We Collect

Information You Provide

Data TypePurposeStorage
Account InformationEmail, name, password (hashed)Encrypted in cloud database
Business InformationAgency name, IATA/ARC numbers, branding (logo, colors)Stored securely on our servers
Client InformationNames, contact details, travel preferences, loyalty programs, travel documentsStored securely on our servers
Travel Requests & ItinerariesTrip details, destinations, dates, budgetsStored securely on our servers
Proposals & Commission DataClient proposals, pricing, commission rates, payment statusStored securely on our servers

Information Collected Automatically

Data TypePurposeRetention
Usage AnalyticsPlatform improvement (anonymized)90 days
Session DataAuthentication and securityDuration of session
Browser & Device InfoCompatibility and performance optimization90 days (anonymized)
Voice Input (if used)Transcription of travel requestsProcessed in real-time, not stored
Image Uploads (if used)Analyze travel inspiration imagesProcessed in real-time, not stored

Information from Third-Party Services

We integrate with the following services to provide travel search and AI functionality:

  • OpenAI – Natural language processing and itinerary generation
  • Amadeus – Real-time flight and hotel search (400+ airlines, 2M+ hotels)
  • Google Places – Place details, ratings, reviews, and mapping
  • Viator – Tours and experiences (if enabled)

Review their privacy policies: OpenAI · Amadeus · Google

2

How We Use Your Information

✓ We do
  • Generate personalized AI travel itineraries
  • Search flights, hotels, and experiences in real time
  • Create branded client proposals and shareable links
  • Track revenue, commissions, and booking status
  • Power GEO-optimized pages for AI search visibility
  • Analyze anonymized usage to improve the platform
✗ We never
  • Sell your personal information
  • Share client data with third parties for marketing
  • Use your data for targeted advertising
  • Store voice recordings or uploaded images permanently
3

Data Storage & Security

TravelSmart is a web-based platform. All personal and client data is stored securely on our cloud servers, encrypted at rest and in transit.

MeasureImplementation
Password HashingPBKDF2 with 100,000 iterations + random salt
Encryption at RestAES-256 on all stored data
Network SecurityAll connections over HTTPS / TLS 1.3
Input ValidationSanitization against XSS and injection attacks
Session ManagementSecure, httpOnly, SameSite cookies; server-side invalidation
4

Data Retention

Data TypeRetention Period
Account InformationUntil you delete your account
Client ProfilesUntil you delete them
Itineraries & ProposalsUntil you delete them
GEO-Optimized PagesUntil you unpublish or delete them
Voice / Image InputProcessed immediately, not stored
API Usage Logs90 days (anonymized)
Session DataDuration of session
5

Your Rights & Choices

Access & Export

  • View all your stored data within the platform
  • Export itineraries as branded PDF documents
  • Request a copy of your data by contacting us

Deletion

  • Delete individual clients, itineraries, proposals, or GEO pages
  • Delete your account (removes all associated data from our servers)
  • Request complete data deletion at [email protected]

Browser Permissions

Revoke voice input permission anytime: Browser Settings → Site Permissions → Microphone → Block for app.travelsmart.travel

6

Cookies & Tracking Technologies

We use cookies for session management, platform functionality, and anonymized analytics only. We do not use cookies for cross-site advertising or sell cookie data to third parties.

7

Children's Privacy

TravelSmart is designed for professional travel agents and is not intended for individuals under 18. We do not knowingly collect personal information from children.

8

International Data Transfers

If you use TravelSmart outside the United States, your information may be transferred to and processed in the United States. By using the platform, you consent to this transfer.

9

California Privacy Rights (CCPA)

🔍
Right to Know
What personal information we collect
🗑️
Right to Delete
Request deletion of your data
🚫
Right to Opt-Out
We do not sell personal information
⚖️
Non-Discrimination
Equal service regardless of privacy choices

To exercise these rights, contact [email protected].

10

European Privacy Rights (GDPR)

  • Access to your personal data
  • Rectification of inaccurate data
  • Erasure ("right to be forgotten")
  • Data portability
  • Restriction of processing
  • Objection to processing

Legal Basis for Processing

  • Contract performance – providing the service
  • Legitimate interests – improving the platform
  • Consent – optional features like voice input
11

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by posting the updated policy on the platform, updating the "Last Updated" date, and emailing you for material changes.

12

Contact Us

Privacy inquiries[email protected]
Data Protection Officer[email protected]
Mailing addressNewEcom AI · 915 Shore Acres Drive · Mamaroneck, NY 10543 · U.S.A.
By using TravelSmart, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.