Hi5Travel Privacy Policy

The Quick Version

We know privacy policies are usually terrible to read. Here's what matters:

• Your data is yours. We don't sell it, share it, or use it for anything shady.
• We collect what we need to make Hi5Travel work (your email, your clients' info, etc.)
• We're careful with it. Encryption, secure servers, the basics done right.
• You can leave anytime and take everything with you.

Now here's the detailed version (still in plain English):

1. Who We Are

Hi5Travel is run by Melwyn Turbant, a solo founder based in Poland who's building this specifically for travel agents like you.

Contact:

• Email: melwyn@hi5travel.com
• Website: hi5travel.com

Data Controller: Melwyn Turbant (that's the legal term—it just means I'm responsible for your data)

2. What Information We Collect

Information You Give Us

When you sign up:

• Your name
• Email address
• Password (encrypted—we never see the actual password)
• Business name (if you provide it)

When you use Hi5Travel:

• Your clients' names and contact information
• Travel proposals and itineraries you create
• Commission tracking data
• Files you upload
• Payment information (handled by Paddle—we never see your credit card)

When you contact us:

• Support emails
• Feedback and feature requests
• Bug reports

Information We Collect Automatically

Usage data:

• Which features you use and how often
• Pages you visit
• Time spent in the app
• Device type and browser
• IP address (for security)

Cookies:

• We use cookies to keep you logged in
• We use analytics to understand how Hi5Travel is being used
• No advertising cookies—we're not tracking you around the internet

3. How We Use Your Information

To Provide Hi5Travel

The obvious stuff:

• Create and manage your account
• Process your subscription payments (through Paddle)
• Send booking confirmations and notifications you create
• Store your proposals and client data
• Provide customer support
• Send important service updates

To Make Hi5Travel Better

Product improvements:

• Understand which features are most useful
• Find bugs and performance issues
• Identify confusing workflows
• Prioritize what to build next

To Communicate With You

We'll email you about:

• Your account (password resets, billing issues)
• New features or important updates
• Response to your support requests

We won't: Spam you with marketing emails, sell your email to anyone, or send you stuff you didn't ask for.

You can unsubscribe from feature updates anytime (but we'll still send critical account emails like password resets).

4. How We Share Your Information

Third-Party Services We Use

We work with a few trusted companies to make Hi5Travel run:

When We MUST Share Information

• Legal requirements: If required by law (court orders, subpoenas), to protect against fraud or abuse, or in emergencies involving safety.
• If Hi5Travel is sold: If the business is acquired, your data would transfer to the new owner. You'd be notified 60 days in advance, and your rights to export or delete data would remain.

When We DON'T Share Information

Never to advertisers, never to data brokers, never to competitors, and never for marketing purposes.

5. Your Client Data (This Is Important)

You're in Control

Your clients' information belongs to you:

• You decide what client data to store
• You decide when to send them messages
• You're responsible for getting their consent
• We only process their data on your instructions

Your Responsibilities

You need to: Get proper consent from your clients for communications, comply with privacy laws (GDPR if you have EU clients, etc.), keep your clients' information accurate, and honor their privacy requests.

We help by: Providing tools to manage client data, making it easy to export or delete information, including unsubscribe options in automated emails, and keeping everything secure.

6. How We Protect Your Data

Security Measures

• Technical protections: All data encrypted in transit (HTTPS/SSL) and at rest, secure password hashing, regular security updates, and secure backup systems.
• Access controls: Limited access (currently just me), strong authentication required, and activity logging for security monitoring.

Being Realistic

We take security seriously and follow industry best practices. That said, we're also honest: we're a small operation, not a Fortune 500 company with a massive security team.

What we promise: We'll do everything reasonable to protect your data, we'll be transparent if something goes wrong, and we'll notify you promptly if there's a security issue.

7. Your Rights & Choices

8. Data Retention

While You're Using Hi5Travel

We keep your data as long as your account is active. Simple.

After You Cancel

You have 60 days to export everything:

• Full access to all your data
• We'll remind you at 30 days and 55 days
• After 60 days, we permanently delete everything

Exceptions: Financial records for tax purposes (7 years in Poland), records needed to resolve disputes, and anonymized analytics data.

9. International Data Transfers

Your data is stored on servers in the EU/US.

If you're in the EU: We comply with GDPR and your data is protected by EU privacy laws.

If you're outside the EU: Your data may be transferred to EU servers, protected by the same security standards and subject to EU privacy regulations.

10. Changes to This Privacy Policy

We may update this policy as Hi5Travel evolves or privacy laws change.

• We'll email you at least 30 days before significant changes
• Minor clarifications or typo fixes won't require notice
• The "Last Updated" date at the top will always reflect the latest version

If you don't like the changes, you can cancel within 30 days, we'll help you export your data, and provide a pro-rated refund for any unused time.

11. Cookies & Tracking

• Essential cookies (required): Keep you logged in, remember your preferences, and secure your session.
• Analytics cookies (optional): Understand how Hi5Travel is being used and identify bugs. No personal information collected.
• What we DON'T use: Advertising cookies, cross-site tracking, or social media pixels.

You can disable cookies in your browser, but Hi5Travel won't work properly without the essential ones.

12. Your Privacy Rights (By Region)

If You're in the EU (GDPR Rights)

You have the right to access, correct, delete ("right to be forgotten"), restrict, export, and object to certain processing. You can also withdraw consent anytime and complain to your data protection authority.

Polish Data Protection Authority: Urząd Ochrony Danych Osobowych (UODO) | Website: uodo.gov.pl

If You're in the US

Privacy rights vary by state. California residents have specific rights under CCPA/CPRA. Contact us at melwyn@hi5travel.com for details about your specific rights.

13. Questions & Concerns

Privacy questions: Email melwyn@hi5travel.com. Response time: Within 2 business days.

Just email if you want to exercise your privacy rights, request data deletion, report a security concern, or ask about our data practices. I'm one person—you'll get a real response, not an automated ticket system.

14. The Bottom Line

Look, I'm building Hi5Travel because I saw how frustrating it is for travel agents to juggle disconnected tools. Your trust matters to me.