Legal
Privacy Policy
Last updated: July 01, 2026 · Version 1.3
This policy explains what personal information Tourify Travel Pty Ltd collects, why we collect it, and the choices you have. Essential cookies necessary for platform functionality are used by default.
Tourify collects and processes data to deliver booking services, user authentication, payment processing, and platform operations. Analytics and advertising cookies are used only with your consent, which we ask for separately via our cookie banner.
At a glance
Data collection
We collect information necessary for platform operation, legal compliance, and service delivery, including account details, booking data, and usage analytics where consented.
Data usage
Your data is used for service provision, platform improvement, legal compliance, and with your consent, marketing communications and analytics.
Data sharing
Information is shared only with service providers necessary for business operations, legal compliance, and with your consent for marketing purposes. We do not sell personal data.
Your rights
You have rights to access, correct, delete, and port your data, subject to applicable legal requirements. Contact us at privacy@thetourify.com to exercise your rights.
Data controller
Tourify Travel Pty Ltd is the data controller for the personal information collected through our platform. You can contact us regarding any privacy matters:
- Company
- Tourify Travel Pty Ltd
- Privacy contact
- privacy@thetourify.com
- +61 1800 595 430
- Registered office
- Melbourne, Victoria, Australia. The full registered address is available via ABN Lookup (ABN 89 690 308 528) or on request.
1. Information we collect
1.1 Personal information you provide
- Account Information: Name, email address, phone number, password
- Booking Details: Travel dates, destinations, number of travelers
- Traveler Information: Names and nationality where relevant to your booking
- Payment Information: Card details are entered directly with Stripe and are never collected or stored on our systems; we receive only the transaction outcome (status, amount, and payment reference)
- Special Requests: Dietary arrangements or other preferences you choose to share when making a booking — provided voluntarily and used solely to arrange appropriate accommodations
- Communication: Messages, reviews, feedback, support requests
1.2 Information we collect automatically
- Device Information: IP address, browser type, operating system, device identifiers
- Location Data: General location based on IP address (not precise GPS)
- Cookies & Tracking: Analytics data, preferences, session information (where consented)
1.3 Third-party information
- Social Login: Basic profile information from Google OAuth
- Payment Processors: Transaction status and payment verification
- Tour Partners: Booking confirmations and service updates
2. How we use your information
2.1 Service provision (legal basis: contract)
- Process and manage your tour bookings
- Coordinate with tour operators and accommodation providers
- Handle payments and refunds
- Provide customer support and assistance
- Send booking confirmations and travel information
2.2 Platform improvement (legal basis: legitimate interest)
- Analyze usage patterns to improve user experience
- Develop new features and services
- Ensure platform security and prevent fraud
- Conduct research and analytics
2.3 Marketing communications (legal basis: consent)
- Send promotional emails about new destinations and offers
- Share travel tips and destination guides
- Notify you about special deals and discounts
- Conduct surveys and collect feedback
You can opt out of marketing communications at any time using the unsubscribe link in emails or by updating your preferences in your account settings.
2.4 Legal compliance (legal basis: legal obligation)
- Comply with applicable laws and regulations
- Respond to valid legal requests and court orders
- Prevent fraud and ensure platform security
- Maintain records for accounting and tax purposes
3. How we share your information
3.1 Service providers and business partners
We share personal information only with third parties who assist in delivering our services, under strict data processing agreements.
- Tour Operators: Booking details necessary to fulfill your travel arrangements
- Payment Processors (Stripe): Your card details are collected directly by Stripe; we pass Stripe only the booking amount and reference needed to process the transaction
- Analytics Providers: Aggregated usage data where you have consented to analytics cookies
- Cloud Infrastructure: Hosting and storage providers under data processing agreements
- Communication Services: Email providers used to deliver booking confirmations and support
- Live Chat (Crisp): Messages and contact details you share when using our support chat
- Maps (Mapbox): Your IP address is visible to Mapbox when interactive maps load on our platform
We do not sell your personal data to third parties, data brokers, or advertisers.
3.2 Legal and regulatory disclosure
We may disclose personal information when required by law or to protect our legitimate interests:
- In response to valid legal process (court orders, subpoenas, regulatory requests)
- To comply with applicable Australian and international law
- To protect the rights, property, or safety of Tourify, our users, or the public
- In connection with fraud investigation or prevention
Where legally permitted, we will notify you of such disclosures.
3.3 Business transfers
In the event of a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will:
- Notify you prior to your data being transferred and becoming subject to a different privacy policy
- Ensure the acquiring party maintains equivalent privacy protections
- Honor existing consent and opt-out preferences where technically feasible
4. Data security
We implement industry-standard technical and organisational measures to protect your personal information against unauthorised access, loss, or disclosure.
4.1 Security measures
- Encryption: TLS/SSL encryption for all data in transit
- Access Controls: Role-based access limited to authorised personnel
- Third-Party Standards: Service providers are required to maintain equivalent security standards
- Regular Reviews: Periodic security assessments of our systems and processes
- Incident Response: Documented procedures for identifying and responding to security events
4.2 Security incident notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify relevant supervisory authorities within 72 hours where required by law
- Inform affected individuals without undue delay where there is a high risk to their rights
- Take prompt remediation steps to contain and address the incident
While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.
5. Your privacy rights
Depending on your location, you may have the following rights regarding your personal information. We are committed to facilitating these rights in accordance with applicable law.
5.1 Right of access
You may request a copy of the personal information we hold about you. We will respond within 30 days. In complex cases or where multiple requests are received, we may extend this period by a further 60 days with notice.
5.2 Right to rectification
You may request correction of inaccurate or incomplete personal data. Many details can be updated directly via your account settings.
5.3 Right to erasure
You may request deletion of your personal data where it is no longer necessary for the purpose it was collected, you withdraw consent, or processing is unlawful. Exceptions apply where retention is required to comply with legal obligations (e.g. financial records) or to establish, exercise, or defend legal claims.
5.4 Right to data portability
Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, commonly used, machine-readable format.
5.5 Right to object and restrict processing
You may object to processing based on legitimate interests or for direct marketing purposes at any time. You may also request restriction of processing in certain circumstances.
5.6 How to exercise your rights
Submit a request to privacy@thetourify.com. We will respond within 30 days. Identity verification may be required to protect your data from unauthorised requests. If you are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC), or with your local data protection authority if you are located in the EU or UK.
6. Cookies and tracking technologies
We use cookies and similar technologies to enhance your experience on our platform. For detailed information about our cookie practices, please see our Cookie Policy.
Current Status
You have not yet set your cookie preferences. The cookie banner will appear when you visit other pages.
Cookie Categories
Essential Cookies
Required for platform functionality. Always active.
Analytics Cookies
Google Analytics 4 - Tracks page views, user behavior, and site performance.
Status: Disabled
Advertising Cookies
Google Ads - Used for conversion tracking, remarketing, and ad personalization.
Status: Disabled
Update Preferences
Note: Changes take effect immediately. If you decline cookies, only essential functional cookies will be used. Google Analytics and advertising tracking will be disabled.
6.1 Google Analytics 4 & advertising tracking
With your consent, we use Google Analytics 4 and Google Tag Manager to collect information about your interactions with our platform. This data helps us improve our services and deliver relevant advertising.
What we track with Google Analytics:
- Page Views: Every page you visit and time spent on each page
- Tour Browsing Behavior: Which tours you view, search for, or interact with
- Trip Customization: Key interactions such as destination views and booking funnel steps
- Booking Journey: Complete path from browsing to checkout
- Purchase Events: Transaction details, amount spent, items purchased
- Device & Location: Browser type, device model, operating system, general location
- Traffic Sources: How you found us (ads, search, social media)
Google Ads integration:
Where consented, your data is shared with Google Ads for advertising purposes, including:
- Conversion Tracking: Measuring ad effectiveness and ROI
- Remarketing: Showing you ads after you leave our site
- Audience Targeting: Creating custom audiences based on your behavior
- Similar Audiences: Finding users with similar characteristics
- Ad Personalization: Tailoring ads based on your interests
Cookie consent management:
When you first visit our site, a cookie banner will appear asking for your consent to use analytics and advertising cookies. You can:
- Accept all: Grants permission for analytics and advertising tracking
- Essential only: Only essential functional cookies will be used
Your choice is stored in your browser's localStorage. You can change your preference at any time via the cookie settings panel above or by clearing your browser's data.
Third-party data sharing:
Google Analytics and Google Ads are third-party services operated by Google LLC. When you consent to these cookies:
- Google may combine your data with other Google services
- Your information may be transferred to servers in the United States and other countries
- Google's own privacy policies and terms apply to this data
- Data may be retained by Google according to their retention policies
Learn more about Google's data practices: Google Privacy Policy
Opting out of Google Analytics:
If you choose "Essential only" via our banner, GA4 tracking will be disabled. You can also:
- Install the Google Analytics Opt-out Browser Add-on
- Use browser settings to block third-party cookies
- Visit Google Ads Settings to control ad personalization
Declining analytics cookies will not affect your ability to use our platform or make bookings.
7. Data retention
We retain personal information only for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required or permitted by law.
- Account Data: Retained while your account is active and for up to 2 years after account closure
- Financial Records: Retained for 7 years as required by Australian tax and accounting law
- Booking Records: Retained for 5 years for customer service and legal purposes
- Analytics Data: Personal identifiers are automatically deleted by Google Analytics after at most 14 months; aggregated statistics may be kept longer
- Communication Records: Retained for up to 3 years for customer service and dispute resolution
- Marketing Consent Records: Retained for 5 years to demonstrate compliance
Backup copies may persist for a reasonable period following deletion from active systems in accordance with our backup rotation schedule.
8. International data transfers
Your personal information may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place:
- Adequacy Decisions: Transfers to countries with adequate protection recognised by applicable law
- Standard Contractual Clauses: EU-approved data transfer agreements where required
- Service Provider Safeguards: All third parties are contractually required to implement appropriate data protection measures
9. Children's privacy
Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us so we can take appropriate action.
10. Changes to this privacy policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify registered users by email or prominent in-platform notice for significant changes
- Where required by law, seek fresh consent before applying changes to existing data
- Provide a reasonable notice period before changes take effect
We encourage you to review this policy periodically. If you have questions about any changes, contact us at privacy@thetourify.com.
11. Contact us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
- Privacy inquiries
- privacy@thetourify.com
- WhatsApp support
- +61 1800 595 430
- General support
- support@thetourify.com
This Privacy Policy was last updated on July 01, 2026 (version 1.3).