Privacy Policy
Last Updated: November 11, 2025
Introduction
At getaway gift card, we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. Please read this policy carefully to understand our practices regarding your personal data.
Information We Collect
We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties.
1. Information You Provide to Us
- Account Information: Name, email address, password (if you create an account)
- Purchase Information: Billing details, payment information (processed securely by Mollie)
- Booking Information: Guest names, contact details, special requests for hotel bookings
- Gift Card Information: Recipient details (if gifting to someone else)
- Support Communications: Information you provide when contacting customer service
- Feedback: Reviews, ratings, and survey responses
2. Information Collected Automatically
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Information: Pages visited, search queries, hotels viewed, booking interactions
- Location Information: Approximate location based on IP address (with your consent for precise location)
- Cookies and Tracking: See our Cookie Policy for details
3. Information from Third Parties
- Payment Processors: Transaction status and payment verification from Mollie
- Hotel Partners: Booking confirmations, availability updates, cancellation status
- Fraud Prevention: Device fingerprinting and risk assessment data
How We Use Your Information
We use the information we collect for the following purposes:
Service Delivery
- Process and fulfill gift card purchases
- Manage hotel bookings and reservations
- Send booking confirmations and receipts
- Provide customer support
- Process refunds and cancellations
Communication
- Send transactional emails (order confirmations, booking updates)
- Provide informational emails about your booking or destination
- Request feedback on your experience
- Respond to your inquiries and support requests
- Send marketing communications (with your consent)
Security & Fraud Prevention
- Detect and prevent fraudulent transactions
- Verify payment information
- Protect against unauthorized access
- Monitor for security threats
Improvement & Analytics
- Analyze website usage and user behavior (with consent)
- Improve our services and user experience
- Develop new features and offerings
- Conduct A/B testing for optimization
Legal Compliance
- Comply with legal obligations and regulations
- Respond to lawful requests from authorities
- Enforce our terms and conditions
- Maintain tax and accounting records
How We Share Your Information
We do not sell your personal information to third parties. We may share your information with:
Hotel Service Providers
We share necessary booking information (guest names, dates, special requests) with hotels to fulfill your reservations.
Payment Processors
Payment information is processed securely by Mollie. We do not store complete credit card details on our servers. See Mollie's Privacy Policy.
Analytics Providers
With your consent, we share usage data with Google Analytics to help us understand how our website is used and improve our services.
Service Providers
We work with trusted third-party service providers who assist us with email delivery, customer support, fraud detection, and other business operations. These providers are contractually obligated to protect your data.
Legal Requirements
We may disclose your information if required by law, court order, or governmental regulation, or to protect our rights, property, or safety.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
| Data Type | Retention Period |
|---|---|
| Account data (if you have an account) | Duration of account + 3 years after closure |
| Transaction and payment records | 7 years (tax and regulatory compliance) |
| Gift card purchase records | 2 years after expiration or full redemption |
| Hotel booking records | 3 years after checkout date |
| Marketing consent data | Until you withdraw consent |
| Customer support communications | 3 years from last contact |
| Analytics data (with consent) | Up to 26 months (Google Analytics default) |
Your Privacy Rights
You have important rights regarding your personal data. For detailed information about your rights under GDPR and CCPA, please visit our Data Protection & GDPR page.
To exercise any of these rights, please visit our Customer Service page to submit a request.
How We Protect Your Information
We implement appropriate technical and organizational security measures to protect your personal information:
- Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS technology.
- Secure Payment Processing: We use Mollie, a PCI DSS Level 1 compliant payment processor. We do not store complete credit card numbers.
- Access Controls: Only authorized personnel have access to personal data, and only when necessary.
- Regular Security Audits: We conduct ongoing security assessments and monitoring.
- CSRF Protection: Cross-Site Request Forgery tokens protect against unauthorized actions.
- Secure Session Management: Session cookies use httpOnly and secure flags.
Third-Party Services
We work with trusted third-party service providers. Each has their own privacy practices:
Mollie (Payment Processing)
Privacy Policy: mollie.com/privacy
Google Analytics (with your consent)
Privacy Policy: policies.google.com/privacy
Children's Privacy
Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately through our Customer Service page.
International Data Transfers
Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer data from the EU/EEA to other countries, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data is protected.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.
Related Policies
If you have any questions or concerns about this Privacy Policy or our data practices, please visit our Customer Service page to submit a request.