Privacy Policy
Effective Date: May 9, 2025 · Last Updated: May 9, 2025
Summary (not a substitute for the full policy)
Sojourn collects the data you provide (account info, travel preferences, trip details) and limited technical data (session cookies, usage patterns) to power your personalized AI travel planning experience. We do not sell your personal data, use it for advertising, or share it with third parties except as described below. You have meaningful rights over your data, including access, correction, deletion, and portability. For full details, read the policy below.
1. Who We Are and How to Contact Us
Sojourn, Inc. ("Sojourn," "we," "us," or "our") is the data controller responsible for the personal data processed through the Sojourn platform, including any associated mobile applications, APIs, and services (collectively, the "Service").
For privacy-related inquiries, data subject rights requests, or concerns about this Privacy Policy, please contact our Privacy Team at [email protected]. For legal notices, contact [email protected]. For EU/EEA data protection matters, our Data Protection Officer can be reached at [email protected].
This Privacy Policy applies to all users of the Service worldwide. Jurisdiction-specific supplements (for EU/EEA residents under the GDPR, and for California residents under the CCPA/CPRA) are set out in Sections 14 and 15 respectively.
2. Information We Collect
2.1 Information You Provide Directly
We collect the following categories of personal data that you provide when using the Service:
| Category | Examples |
|---|---|
| Account information | Name and email address collected via OAuth authentication provider (Manus). |
| Traveler profile | Quiz answers, traveler type (e.g., Budget Traveler, Luxury Traveler), dietary preferences, allergies, mobility considerations, home country, transport preferences, and custom quiz answers. |
| Trip data | Destinations, travel dates, group composition, group size, child ages (if applicable), must-dos, accommodation notes, and flight details. |
| AI chat messages | Messages you send to the Sojourn AI assistant within a trip context, including itinerary refinement requests. |
| Community content | Trip itineraries you choose to publish to the community feed, safety reports you submit (including traveler context, category, severity, and description), and any highlight notes you attach to activities. |
| Collaborator data | If you invite collaborators to a trip, we collect their email address (via the OAuth provider) and any profile information they choose to share, including dietary restrictions and child ages they provide. |
| Packing list and notes | Items you add to AI-generated packing lists, including manual edits and packed/unpacked status. |
| Feedback and support | Messages you send to our support team or feedback you submit through the Service. |
2.2 Information Collected Automatically
When you access or use the Service, we automatically collect certain technical information:
| Category | Details |
|---|---|
| Session cookies | A signed, httpOnly, secure session cookie is set upon login to maintain your authenticated state. This cookie does not track you across other websites and expires when you log out or after a defined inactivity period. |
| Usage analytics | Aggregate, anonymized page view and feature interaction data collected via our internal analytics system. This data is not linked to your identity and is used solely to understand how the Service is used at a population level. |
| Device and browser data | Browser type, operating system, screen resolution, and preferred language, collected to optimize the Service's display and performance. |
| AI usage logs | Timestamps and counts of AI itinerary generation requests, used to enforce per-user daily rate limits and detect abuse. These logs are retained for 90 days. |
| Error and performance logs | Server-side error logs that may contain IP addresses and request metadata, retained for 30 days for debugging purposes. |
2.3 Special Categories of Personal Data
Certain information you may provide — including dietary restrictions, allergies, and mobility considerations — may constitute "special category data" or "sensitive personal information" under applicable data protection laws (e.g., health data under the GDPR; sensitive personal information under the CCPA/CPRA). We collect this data solely to personalize your travel itineraries and AI recommendations. We do not use this data for any other purpose, and we do not share it with third parties except as necessary to provide the Service (e.g., transmitting dietary preferences to our AI provider to generate restaurant recommendations).
By providing this information, you expressly consent to its processing for the purposes described in this Privacy Policy. You may withdraw this consent at any time by deleting the relevant information from your profile or by contacting us at [email protected].
3. How We Use Your Information
We process your personal data for the following purposes and on the following legal bases (where applicable under the GDPR):
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and personalizing the Service, including generating AI itineraries tailored to your traveler profile, dietary preferences, group composition, and travel style. | Performance of a contract (Art. 6(1)(b)) |
| Authenticating your account and maintaining your session. | Performance of a contract (Art. 6(1)(b)) |
| Storing your trips, quiz results, packing lists, and preferences across sessions. | Performance of a contract (Art. 6(1)(b)) |
| Processing special category data (dietary restrictions, allergies, mobility) to personalize restaurant and activity recommendations. | Explicit consent (Art. 9(2)(a)) |
| Displaying community safety reports and community trip feeds. | Legitimate interests (Art. 6(1)(f)) — enabling community-driven safety information sharing |
| Enforcing per-user AI generation rate limits and detecting abuse. | Legitimate interests (Art. 6(1)(f)) — protecting Service integrity |
| Improving the Service through anonymized, aggregate usage analysis. | Legitimate interests (Art. 6(1)(f)) — improving product quality |
| Sending operational notifications (e.g., new collaborator joined your trip, community thank-you notifications). | Performance of a contract / Legitimate interests (Art. 6(1)(b)/(f)) |
| Complying with legal obligations, including responding to lawful requests from public authorities. | Legal obligation (Art. 6(1)(c)) |
We do not sell your personal data to third parties. We do not use your personal data for targeted advertising, behavioral profiling for advertising purposes, or any purpose incompatible with those described above.
4. AI Processing and Large Language Models
4.1 Data Transmitted to AI Providers. When you generate an itinerary, refine it via AI chat, or use any AI-powered feature of the Service, the following data is transmitted to our third-party AI provider to generate your output: your destination(s), travel dates, traveler type, dietary preferences and allergies, group composition, child ages (if applicable), transport preferences, must-dos, custom quiz answers, and any messages you send in the AI chat interface.
4.2 AI Provider Data Use. Under our current service agreement with our AI provider, your data transmitted for inference purposes is not used to train or improve the AI provider's models. We will update this policy if our service agreement changes in a material way.
4.3 No Guarantee of Accuracy. AI-generated content — including itineraries, visa guidance, safety assessments, and restaurant recommendations — is produced by probabilistic machine learning systems and may contain errors, inaccuracies, or outdated information. You must independently verify all material travel information before making bookings or travel decisions. See our Terms of Service for the full AI disclaimer.
4.4 Community Safety Reports in AI Prompts. When generating safety recommendations for a destination, the Service may incorporate anonymized, aggregated community safety report data as grounding context for the AI. Individual report authors are not identified in AI outputs.
5. How We Share Your Information
We share your personal data only in the following limited circumstances:
5.1 Service Providers
We engage third-party service providers who process personal data on our behalf under data processing agreements that require them to protect your data and use it only for the purposes we specify. These include:
| Provider / Category | Data Shared and Purpose |
|---|---|
| AI inference provider (LLM) | Traveler profile, trip data, chat messages — to generate itineraries and recommendations. |
| OAuth authentication provider (Manus) | Account authentication — we receive your name and email upon login. |
| Google Maps Platform | Destination coordinates, activity addresses — for map display, geocoding, distance matrix calculations, and route planning. |
| Open-Meteo (weather) | Destination geographic coordinates only — to fetch weather forecasts. No personal data is transmitted. |
| Cloud database and infrastructure provider | All data stored in the Service — hosted in a managed cloud environment with encryption at rest and in transit. |
| File storage provider (S3-compatible) | User-uploaded files and AI-generated assets — stored securely with access controls. |
5.2 Community Features
If you choose to publish a trip to the community feed, the following information becomes publicly visible to all users of the Service: your trip itinerary (destinations, activities, day structure), your traveler type, any highlight notes you attached to activities, and your display name. Your email address, dietary preferences, allergies, and other profile data are never made public.
If you submit a community safety report, the report content, category, severity, traveler context, and destination are visible to other users. If you submit anonymously, your display name is not shown; however, we retain your identity internally for abuse prevention purposes.
5.3 Trip Collaborators
If you share a trip with collaborators, those collaborators can view your trip itinerary and, if you grant collaborate access, interact with the AI chat. Collaborators cannot see your dietary preferences, allergies, or other profile data unless you explicitly share that information within the trip context.
5.4 Legal and Safety Disclosures
We may disclose your personal data if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation, court order, or lawful request from a government authority; (b) protect the rights, property, or safety of Sojourn, our users, or the public; (c) detect, prevent, or address fraud, security, or technical issues; or (d) enforce our Terms of Service.
5.5 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of our assets, your personal data may be transferred to the acquiring entity. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
6. Third-Party Links and Booking Platforms
The Service contains links to third-party booking platforms, including but not limited to Airbnb, Booking.com, Hotels.com, Viator, Google Flights, OpenTable, TheFork, Resy, and others. When you click a booking link, you leave the Sojourn Service and are subject to the third party's own privacy policy and terms of service. Sojourn is not responsible for the privacy practices of these third parties. We recommend reviewing their privacy policies before providing any personal data.
Sojourn does not receive any commission, referral fee, or other compensation from third-party booking platforms for clicks or bookings made through the Service as of the Effective Date.
7. Data Retention
We retain your personal data for as long as your account is active or as necessary to provide the Service. The following specific retention periods apply:
| Data Category | Retention Period |
|---|---|
| Account and profile data | Retained until account deletion, then deleted within 30 days (except where required by law). |
| Trip data and itineraries | Retained until you delete the trip or your account, then deleted within 30 days. |
| Published community trips | Retained until you unpublish the trip or delete your account. Copies made by other users are not deleted when you unpublish. |
| Community safety reports | Retained for 2 years from submission, or until you request deletion. |
| AI chat messages | Retained as part of the trip record. Deleted when the trip or account is deleted. |
| AI usage logs (rate limiting) | Retained for 90 days, then automatically purged. |
| Server error and access logs | Retained for 30 days, then automatically purged. |
| Anonymized analytics data | Retained indefinitely in aggregate form; not linked to individual users. |
8. Data Security
We implement industry-standard technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include:
Encryption in transit using TLS 1.2 or higher for all data transmitted between your browser and our servers. Encryption at rest for all data stored in our managed cloud database. Session cookies that are signed with a cryptographic secret, marked httpOnly and Secure, and are not accessible to client-side JavaScript. Role-based access controls limiting internal access to personal data to authorized personnel only. Regular security reviews and dependency audits.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and, where required, the relevant supervisory authority, in accordance with applicable law.
9. Cookies and Tracking Technologies
Sojourn uses only the following cookies and does not use any third-party advertising, tracking, or analytics cookies:
| Cookie | Purpose and Retention |
|---|---|
| Session cookie (sojourn_session) | Strictly necessary. Maintains your authenticated session after login. httpOnly, Secure, SameSite=Lax. Expires on logout or after 30 days of inactivity. |
| Internal analytics (first-party) | Strictly necessary for Service improvement. Aggregate, anonymized page view data. No cross-site tracking. No personal identifiers stored. |
We do not use cookies for advertising, behavioral profiling, or cross-site tracking. You may disable cookies in your browser settings, but doing so will prevent you from logging in to the Service.
10. International Data Transfers
Sojourn is based in the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the United States and potentially other countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.
For transfers of personal data from the European Economic Area ("EEA"), the United Kingdom, or Switzerland to countries not recognized as providing an adequate level of data protection, we rely on appropriate safeguards, including Standard Contractual Clauses approved by the European Commission (or equivalent mechanisms under UK law), to ensure your personal data receives an adequate level of protection.
You may request a copy of the applicable transfer mechanisms by contacting us at [email protected].
11. Children's Privacy
The Service is not directed to children under the age of 13 (or 16 in the EEA/UK where applicable). We do not knowingly collect personal data from children under these ages. If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us immediately at [email protected] and we will take steps to delete such information promptly.
The Service does allow users to provide child ages as part of family trip planning. This information is used solely to personalize AI recommendations for family-friendly activities and is not used for any other purpose.
12. Your Privacy Rights
Depending on your jurisdiction, you have the following rights with respect to your personal data. To exercise any of these rights, submit a request to [email protected]. We will respond within 30 days (or within the timeframe required by applicable law).
| Right | Description |
|---|---|
| Access / Know | Request a copy of the personal data we hold about you and information about how we process it. |
| Correction / Rectification | Request correction of inaccurate or incomplete personal data. |
| Deletion / Erasure | Request deletion of your personal data. Note: we may retain certain data where required by law or for legitimate business purposes (e.g., fraud prevention). |
| Data Portability | Receive a copy of your personal data in a structured, machine-readable format and, where technically feasible, have it transmitted to another controller. |
| Restriction of Processing | Request that we restrict processing of your personal data in certain circumstances (e.g., while you contest its accuracy). |
| Objection | Object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds. |
| Withdraw Consent | Where processing is based on consent (including special category data), withdraw consent at any time without affecting the lawfulness of prior processing. |
| Non-Discrimination | We will not discriminate against you for exercising your privacy rights (applicable to California residents under CCPA/CPRA). |
| Opt Out of Sale/Sharing | We do not sell or share your personal data for cross-context behavioral advertising. This right is therefore not applicable, but we honor it as a matter of policy. |
We may need to verify your identity before processing a rights request. We will not charge a fee for processing your request unless it is manifestly unfounded or excessive.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. We will notify you of material changes by: (a) updating the "Last Updated" date at the top of this page; (b) posting a prominent notice within the Service; and/or (c) sending an email notification to the address associated with your account. For material changes involving new uses of special category data or new data sharing arrangements, we will seek your consent where required by applicable law.
Your continued use of the Service following the effective date of any update constitutes your acceptance of the revised Privacy Policy. If you do not agree to the updated policy, you must discontinue use of the Service and may request deletion of your account.
14. Additional Rights for EU/EEA/UK Residents (GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the following additional provisions apply to you under the General Data Protection Regulation (GDPR) and equivalent national implementing legislation.
Data Controller. Sojourn, Inc. is the data controller for personal data processed through the Service. Our Data Protection Officer can be contacted at [email protected].
Legal Bases. The legal bases for our processing activities are set out in Section 3 above. Where we rely on legitimate interests, you have the right to object to such processing as described in Section 12.
Right to Lodge a Complaint. You have the right to lodge a complaint with your local data protection supervisory authority. In the EU, you may contact the supervisory authority in your Member State. In the UK, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.
Automated Decision-Making. The Service uses AI systems to generate personalized travel recommendations. This constitutes automated processing but does not constitute solely automated decision-making that produces legal or similarly significant effects on you within the meaning of Article 22 GDPR. You retain full control over whether to act on any AI-generated recommendation.
15. Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA) provides you with specific rights regarding your personal information. This section describes those rights and how to exercise them.
Categories of Personal Information Collected. In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA: Identifiers (name, email address); Personal information categories listed in the California Customer Records statute (name, email); Internet or other electronic network activity information (usage data, session data); Geolocation data (destination coordinates for weather and maps); Inferences drawn from personal information (traveler type, preferences); and Sensitive personal information (dietary restrictions, allergies, child ages).
No Sale or Sharing. We do not sell your personal information and do not share your personal information for cross-context behavioral advertising. We have not done so in the preceding 12 months.
Sensitive Personal Information. We collect sensitive personal information (dietary restrictions, allergies, child ages) solely to provide the Service. We do not use or disclose sensitive personal information for purposes beyond those permitted by the CPRA.
Exercising Your Rights. California residents may exercise their rights (access, deletion, correction, portability, opt-out of sale/sharing, limit use of sensitive personal information) by contacting us at [email protected]. We will not discriminate against you for exercising your CCPA/CPRA rights.
Authorized Agent. You may designate an authorized agent to submit a rights request on your behalf. We may require verification of the agent's authorization and your identity before processing the request.
16. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Sojourn, Inc. — Privacy Team
Email: [email protected]
Data Protection Officer: [email protected]
Legal: [email protected]
This Privacy Policy constitutes a draft legal framework for an AI-powered travel planning platform. It should be reviewed by a licensed attorney and a qualified data protection professional before being finalized and published. This document does not constitute legal advice and does not create an attorney-client relationship.