Effective Date: August 1, 2025
Last Updated: August 17, 2025
At Roamways, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services or visit our website. As a luxury travel design studio that creates transformative travel experiences, we understand that trust is fundamental to our relationship with you, and we take our responsibility to protect your personal information seriously.
Who We Are
Roamways is a travel design studio that creates transformative travel experiences where exploration leads to discovery. Our website address is https://roamways.travel, and we operate as journey architects, crafting remarkable journeys for discerning travelers who seek authentic and meaningful travel experiences.
For any privacy-related questions or concerns, you can contact us at support@roamways.travel. We maintain a dedicated privacy team that responds to all inquiries within 48 hours and ensures that your privacy concerns are addressed promptly and professionally.
Information We Collect
Personal Information for Travel Services
When you engage our services to design your travel journey, we collect comprehensive personal information necessary to create your customized experience. This includes your full name, contact information such as email addresses, phone numbers, and home address, which allows us to communicate with you throughout the journey design process and provide support during your travels.
We collect detailed travel preferences and requirements to ensure your journey meets your specific needs and desires. This encompasses your preferred travel dates, destination interests, accommodation preferences, activity levels, special interests such as culinary experiences or cultural immersion, and any specific requests that will enhance your travel experience.
For international travel, we collect passport and travel document information including passport numbers, expiration dates, nationality, and any visa requirements. This information is essential for booking international flights, securing accommodations, and ensuring smooth border crossings during your journey.
Payment and billing information is collected to process your travel bookings and service fees. This includes credit card details, billing addresses, and financial information necessary to complete transactions with travel suppliers and our services.
We also collect emergency contact details to ensure your safety during travel. This includes names, relationships, phone numbers, and addresses of individuals who can be contacted in case of emergencies while you are traveling.
Dietary restrictions, accessibility needs, and health considerations are collected to ensure that all aspects of your journey accommodate your specific requirements. This information helps us select appropriate accommodations, restaurants, and activities that align with your needs.
Your travel history and feedback from previous journeys help us continuously improve our services and understand your evolving preferences. This includes destinations visited, experiences enjoyed, and any feedback about accommodations, activities, or overall journey satisfaction.
Website and Digital Interaction Data
When you visit our website or interact with our digital platforms, we automatically collect technical information that helps us improve your browsing experience and our services. Your IP address and browser information are collected to understand your geographic location and ensure our website displays correctly on your device.
We track pages visited and time spent on our site to understand which destinations and services interest you most. This helps us personalize your experience and recommend relevant travel opportunities. Referring website information shows us how you discovered Roamways, allowing us to understand which marketing efforts are most effective.
Device and operating system details help us ensure our website functions properly across different platforms and devices. Location data may be collected with your explicit permission to provide location-relevant travel recommendations and services.
How We Use Your Information
Journey Design and Booking Services
We use your personal information primarily to design and execute extraordinary travel experiences tailored specifically to your preferences and requirements. This involves creating detailed itineraries, coordinating with luxury accommodations, securing unique experiences, and managing all logistical aspects of your journey from departure to return.
Communication throughout the journey design process and during your travels is essential to our service. We use your contact information to provide regular updates, share important travel information, coordinate timing for activities and transfers, and ensure you have 24/7 access to support during your journey.
Payment processing and booking management requires us to use your financial information to secure reservations with hotels, airlines, tour operators, and other travel suppliers. We process payments according to agreed schedules and manage all financial aspects of your travel arrangements.
Customer support and assistance extend beyond the initial booking to encompass pre-travel consultation, real-time support during your journey, and post-travel follow-up. We use your information to provide personalized assistance and resolve any issues that may arise.
Marketing and Service Enhancement
Travel updates and recommendations are provided based on your interests and travel history. We may share information about new destinations, seasonal opportunities, exclusive experiences, or special offers that align with your preferences. You can opt out of these communications at any time while maintaining access to essential travel-related communications.
Service improvement involves analyzing travel patterns, feedback, and preferences to enhance our journey design process and identify new opportunities for exceptional experiences. Website functionality improvements are made based on user behavior data to ensure smooth navigation and easy access to information.
Legal and regulatory compliance requires us to maintain certain records and provide information to authorities when legally required, particularly for international travel arrangements and financial transactions.
Comments and User-Generated Content
When visitors leave comments on our site, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help with spam detection. This information helps us maintain the quality and security of our website community.
An anonymized string created from your email address, also called a hash, may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available at https://automattic.com/privacy/. After approval of your comment, your profile picture becomes visible to the public in the context of your comment.
We encourage travelers to share their experiences and insights through comments and testimonials. When you share travel photos or content with us, you grant Roamways permission to use these materials for marketing purposes, with appropriate attribution when possible. We believe authentic traveler stories help inspire others and showcase the transformative power of well-designed journeys.
Media and File Uploads
If you upload images to our website, you should avoid uploading images with embedded location data, known as EXIF GPS data. Visitors to the website can download and extract any location data from images on the website, which could compromise your privacy or security.
When sharing travel photos or documents with us as part of your journey planning or for testimonial purposes, we handle these materials with care and use them only for agreed purposes. High-resolution images may be used in our marketing materials to showcase destinations and experiences, always with respect for your privacy and preferences.
Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your browsing experience and provide personalized services. Essential cookies are necessary for the website to function properly and cannot be disabled without affecting basic site functionality. These include cookies that remember your session, maintain security, and ensure proper page loading.
Preference cookies are used if you leave a comment on our site and opt-in to saving your name, email address, and website information. These cookies are designed for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year and can be cleared through your browser settings at any time.
Session cookies are temporary cookies set when you visit our login page to determine if your browser accepts cookies. This cookie contains no personal data and is automatically discarded when you close your browser. This helps us ensure that interactive features of our website work properly for you.
When you log in to our website, we set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me,” your login will persist for two weeks, allowing you to return to the site without repeatedly entering your credentials. If you log out of your account, the login cookies will be removed immediately.
If you edit or publish an article on our site, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day and helps maintain the editing interface functionality.
Analytics cookies help us understand how visitors interact with our website, which pages are most popular, and how we can improve the user experience. This information is aggregated and anonymized, focusing on patterns rather than individual behavior.
You can control cookie settings through your browser preferences, though disabling certain cookies may affect website functionality. Most browsers allow you to view, manage, and delete cookies, and you can set preferences for future cookie handling.
Embedded Content from Other Websites
Articles and pages on our site may include embedded content such as videos, images, maps, booking widgets, and social media posts. Embedded content from other websites behaves exactly as if the visitor has visited the other website directly. This means that these third-party websites may collect data about you, use cookies, embed additional tracking technologies, and monitor your interaction with that embedded content.
These third parties may track your interaction with embedded content even if you have an account with that website and are logged in. For example, if we embed a YouTube video, Google may collect information about your viewing behavior according to their privacy policy. Similarly, embedded social media posts may allow those platforms to track your engagement.
We carefully select embedded content from reputable sources, but we cannot control their data collection practices. We recommend reviewing the privacy policies of any third-party services whose embedded content you interact with on our site.
Third-Party Services and Data Sharing
Travel Industry Partners
We work with carefully selected travel suppliers to provide exceptional experiences for our clients. These partners include luxury hotels and resorts, boutique accommodations, airlines and private aviation companies, local tour operators and guides, restaurants and culinary experiences, transportation services, and specialized activity providers.
When we share your information with these partners, it is strictly limited to what is necessary to provide the services you have requested. For example, hotels receive your name, arrival and departure dates, room preferences, and any special requirements you have communicated to us. Airlines receive passenger information required for ticketing and security purposes. Local guides receive relevant preferences and interests to customize your experiences.
All travel partners are required to maintain appropriate data protection standards and use your information only for the agreed purposes of providing travel services. We maintain contracts with partners that specify data protection requirements and limit their use of your information.
Payment and Financial Services
Secure payment processing is handled through PCI-compliant payment gateways that maintain the highest standards of financial data security. Payment processors receive only the information necessary to complete transactions and are prohibited from using your financial information for any other purpose.
We may work with financial institutions for currency exchange, travel insurance, and other financial services related to your journey. These services are provided only with your explicit consent and in accordance with their respective privacy policies.
Communication and Technology Services
Email marketing platforms help us send personalized travel recommendations and updates. These services are bound by strict data protection agreements and cannot use your information for their own marketing purposes.
Customer support tools enable us to provide responsive assistance before, during, and after your travels. These may include chat platforms, phone systems, and case management tools that help us track and resolve any issues efficiently.
Website analytics services help us understand how our website is used and identify areas for improvement. This information is aggregated and anonymized, focusing on overall trends rather than individual behavior.
Legal and Regulatory Disclosure
We may share your information with legal authorities when required by law, such as in response to valid court orders, subpoenas, or government investigations. In cases of travel emergencies, we may share relevant information with embassies, consulates, medical facilities, or emergency services to ensure your safety and well-being.
We never sell, rent, or trade your personal information to third parties for their marketing purposes. Any data sharing is strictly limited to providing the travel services you have requested or fulfilling legal obligations.
International Data Transfers
As a travel company specializing in global destinations, we necessarily transfer your data internationally to complete travel bookings in your destination countries, provide 24/7 support during your travels, and comply with local regulations and requirements.
When transferring data internationally, we ensure appropriate safeguards are in place. This includes using Standard Contractual Clauses approved by relevant data protection authorities, working with partners in countries with adequate data protection laws, and implementing additional security measures for transfers to countries without adequate protections.
For European Union residents, we comply with General Data Protection Regulation (GDPR) requirements for international transfers. For residents of other jurisdictions, we apply similar standards to ensure your data receives consistent protection regardless of where it is processed.
We maintain detailed records of international data transfers and can provide information about specific transfers upon request. Our legal team regularly reviews transfer mechanisms to ensure ongoing compliance with evolving international privacy laws.
Data Retention
Travel Booking and Service Records
We retain booking and travel information for seven years after the completion of your journey. This retention period serves several important purposes: compliance with financial and tax regulations, availability of information for insurance claims or travel-related disputes, maintenance of your travel history for future journey planning, and documentation for health and safety purposes.
During this retention period, your travel records are securely stored and access is limited to authorized personnel who need the information for legitimate business purposes. After seven years, travel records are securely deleted unless we have a legal obligation to retain them longer.
Website and Digital Interaction Records
Comments and their associated metadata are retained indefinitely to automatically approve follow-up comments from recognized users and maintain the integrity and continuity of discussions on our website. This helps create a better experience for all website visitors and reduces spam.
User account information is stored as long as your account remains active. You can request deletion of your account and associated data at any time, though we may retain certain information as required by law or for legitimate business purposes such as fraud prevention.
Marketing communications preferences and contact information are retained until you unsubscribe or request removal. Even after unsubscription, we maintain a record that you have opted out to ensure we do not inadvertently contact you again.
Financial and Payment Records
Payment information is retained according to legal requirements and industry standards. Credit card details are not stored on our systems but are securely processed through our payment providers. Transaction records are maintained for seven years for accounting and tax purposes, then securely deleted.
Financial data related to refunds, disputes, or chargebacks may be retained longer as required for resolution of these matters. We follow industry best practices for financial data retention and disposal.
Your Rights and Choices
Access and Portability Rights
You have the right to request a copy of all personal data we hold about you. This includes information provided directly by you, data collected automatically through website interactions, records of communications with our team, booking and travel history, and preferences and settings associated with your account.
We will provide this information in a commonly used, machine-readable format within 30 days of your request. For large amounts of data, we may provide secure electronic delivery or arrange for physical delivery if preferred.
Data portability allows you to request that we transfer your data directly to another service provider where technically feasible. This supports your ability to switch service providers while maintaining access to your travel history and preferences.
Correction and Updating Rights
You have the right to correct inaccurate or incomplete information in our records. This is particularly important for travel-related information where accuracy is essential for successful journey execution. You can update most information through your online account or by contacting our customer service team.
For significant changes that affect travel bookings, we will coordinate with relevant suppliers to ensure your journey arrangements reflect your updated information. Some changes may result in additional fees from travel suppliers, which we will communicate clearly before implementing.
Deletion and Erasure Rights
You can request deletion of your personal data, subject to certain limitations. We will honor deletion requests except where we have legal obligations to retain information, such as for tax and accounting purposes, fraud prevention, or safety and security reasons.
When deletion is not possible due to legal requirements, we will restrict processing of your data to only those purposes that require retention. We will inform you of any limitations on deletion and provide a timeline for when restricted data will be permanently deleted.
Partial deletion is available for specific types of information. For example, you might request deletion of marketing preferences while maintaining travel booking records, or deletion of optional profile information while keeping essential contact details.
Restriction and Objection Rights
You have the right to restrict how we process your information in certain circumstances, such as when you contest the accuracy of data, when processing is unlawful but you prefer restriction over deletion, or when you need the data for legal claims.
You can object to processing based on legitimate interests, including marketing communications and analytics. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests or need the processing for legal claims.
Direct marketing objections are always honored immediately. You can opt out of marketing communications while maintaining essential service-related communications about your travel bookings.
Consent Withdrawal
For processing based on consent, you can withdraw your consent at any time. This affects future processing but does not invalidate processing that occurred before withdrawal. Withdrawal of consent may limit our ability to provide certain services, which we will explain before processing the withdrawal.
Contact privacy@roamways.travel to exercise any of these rights. We will respond within 30 days and provide clear information about what actions we have taken in response to your request.
Security Measures
Technical Safeguards
We implement comprehensive technical security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. All sensitive information is encrypted during transmission using industry-standard SSL/TLS protocols, ensuring that data traveling between your device and our servers cannot be intercepted or read by unauthorized parties.
Data at rest is protected through advanced encryption algorithms that render information unreadable without proper decryption keys. Our databases and file storage systems use multiple layers of encryption, with keys managed through secure key management systems that are separate from the encrypted data.
Network security includes firewalls, intrusion detection systems, and continuous monitoring for suspicious activity. Our systems are designed to detect and respond to potential security threats in real-time, with automated alerts for unusual access patterns or potential breaches.
Access Controls and Authentication
Access to personal data is strictly controlled through role-based permissions that ensure employees can only access information necessary for their job functions. Multi-factor authentication is required for all system access, adding an additional layer of security beyond username and password combinations.
Regular access reviews ensure that permissions remain appropriate as job roles change and that access is promptly revoked when employees leave the company. All access to personal data is logged and monitored, creating an audit trail that can be reviewed for security and compliance purposes.
Administrative privileges are limited to essential personnel and subject to additional approval processes. No single individual has unrestricted access to all personal data, implementing separation of duties that reduces the risk of unauthorized access or data misuse.
Physical and Operational Security
Our offices and data centers maintain strict physical security controls including controlled access, surveillance systems, and environmental monitoring. Visitors must be escorted, and all access is logged and monitored.
Employee training on data protection and security is mandatory and ongoing. All team members receive regular updates on security best practices, privacy requirements, and their responsibilities for protecting customer data. Specific training is provided for employees who handle sensitive personal information.
Incident response procedures are in place to quickly identify, contain, and resolve any security incidents. Our response plan includes immediate containment measures, assessment of affected data, notification procedures, and steps to prevent similar incidents in the future.
Regular Security Assessments
We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses in our systems and processes. These assessments are performed by qualified security professionals and include both automated scanning and manual testing.
Penetration testing simulates real-world attacks to evaluate the effectiveness of our security measures. Results are used to strengthen defenses and improve our overall security posture.
Third-party security certifications and compliance audits provide independent verification of our security practices. We maintain compliance with relevant industry standards and work continuously to enhance our security measures as threats evolve.
Backup and Recovery
Secure backup procedures ensure that your data is protected against loss due to system failures, natural disasters, or other unexpected events. Backups are encrypted and stored in geographically diverse locations to ensure availability when needed.
Disaster recovery plans are regularly tested to ensure we can quickly restore services and protect data integrity in the event of a major incident. Recovery procedures are designed to minimize service disruption while maintaining the security and confidentiality of personal data.
Children’s Privacy
Our services are designed for adults and families traveling with children, but we do not specifically target children under 16 with our marketing or collect personal information directly from children without appropriate parental consent. When families travel with children, we collect only the information necessary to provide travel services, such as names and ages for booking purposes.
Parents or guardians are responsible for providing information about children traveling with them and for making decisions about what information to share. We encourage parents to review this privacy policy and discuss travel privacy considerations with their children as appropriate.
If we become aware that we have collected personal information from a child under 16 without proper parental consent, we will take immediate steps to delete that information. Parents who believe we may have information about their child can contact us to review, update, or delete that information.
For family travel planning, we work directly with adults to arrange all aspects of the journey, including accommodations and activities suitable for children. Any special requirements for children, such as dietary needs or accessibility considerations, are handled through communication with parents or guardians.
Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, services, legal requirements, or technology. Significant changes will be communicated clearly and well in advance of implementation to ensure you have adequate time to review and understand the modifications.
Email notifications will be sent to registered users for substantial changes that affect how we collect, use, or protect personal information. These notifications will clearly explain the changes and their effective date, allowing you to make informed decisions about your continued use of our services.
Prominent website notices will announce policy updates for all visitors, ensuring that even occasional site visitors are aware of changes. The updated effective date at the top of this policy will always reflect the most recent version.
For significant changes that materially affect your rights or our processing of personal data, we may seek your renewed consent before implementing the changes. You will always have the option to discontinue using our services if you do not agree with policy modifications.
We maintain historical versions of our privacy policy to demonstrate our commitment to transparency and allow you to track how our practices have evolved over time.
Contact Information
For questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us at support@roamways.travel. We respond to all privacy inquiries within 48 hours and work diligently to resolve concerns promptly and thoroughly.
We are committed to addressing your privacy concerns transparently and thoroughly, working with you to resolve any issues and continuously improve our privacy practices. Your trust is essential to our business, and we take our responsibility to protect your personal information seriously.
This Privacy Policy is part of our Terms of Service and should be read in conjunction with those terms. Together, these documents establish the complete framework for our relationship and our mutual responsibilities regarding your personal information and use of our services.