Privacy Policy

1. Introduction

Macviaje ("we", "us", "our") values your privacy. This Privacy Policy explains how we collect, use, store, share and protect personal data when you use our website and services (the "Platform"), including when you create an account, search travel options, make bookings and contact customer support.

This Policy also explains your rights under the EU General Data Protection Regulation (GDPR) and other applicable laws, and how to contact us.

2. Who is the Data Controller?

Where third parties (such as travel suppliers or payment providers) process your data for their own purposes, they act as independent controllers and their privacy policies apply.

3. Our role (important)

Macviaje is an intermediary travel platform. We help users search and book travel services (hotels and flights) offered by third-party Travel Providers via API integrations.

• We do not operate hotels or airlines.
• We do not deliver the travel service.
• Your contract for the travel service is with the relevant Travel Provider.
• We may earn revenue through a service margin/commission included in the final displayed price.

4. Personal data we collect

A) Data you provide directly

• Account information: name, email, phone (if provided), login credentials
• Booking details: traveler names, dates, destination, accommodation/flight selection
• Payment-related data: billing details and payment confirmation data (note: payment processing may be handled by third-party processors)
• Communications: emails/messages sent to support
• Optional preferences: language, currency, saved searches

B) Data collected automatically

• Device and usage data: IP address, browser type, operating system, pages viewed, clicks, approximate location (from IP)
• Cookies and similar technologies: (see our Cookie Statement)

C) Data received from third parties

• Travel Providers (via API): booking status, confirmations, changes, cancellations, refund status (when provided)
• Payment providers: transaction status, fraud signals, chargeback signals
• Map providers: location display services (e.g., Google Maps)

5. Why we use your personal data and legal bases (GDPR)

We process personal data for the following purposes:

5.1 Booking and service delivery

• Create and manage bookings
• Send booking confirmations and essential travel communications
• Provide customer support related to bookings
• Share necessary booking details with Travel Providers

5.2 Payments and fraud prevention

• Facilitate payment processing
• Prevent fraud and abuse
• Handle disputes, chargebacks and security incidents

5.3 Platform performance and analytics

• Monitor technical performance
• Improve the Platform and fix bugs
• Measure usage in aggregated form

5.4 Marketing communications

• Send updates or promotional emails (only where permitted and with required opt-out/consent mechanisms)

5.5 Legal compliance

• Comply with applicable laws, tax/accounting obligations, lawful requests from authorities

6. Sharing of personal data (who receives it)

We may share personal data with:

• 6.1 Travel Providers (Hotels / Airlines / Suppliers): To fulfill your booking, handle changes/cancellations, and provide support.
• 6.2 Technology and infrastructure providers: Hosting, analytics, security, email delivery, customer support tools (as processors under contract).
• 6.3 Payment providers: To process payments, refunds (if applicable), fraud prevention and chargebacks.
• 6.4 Map services (Google Maps): To display locations and help users understand where properties are located.
• 6.5 Legal and compliance recipients: Authorities, courts, legal advisors, auditors, only when required or lawfully necessary.

7. International data transfers

Macviaje is based in Spain and operates in the EU. Some service providers or Travel Providers may process data outside the EEA.

When we transfer personal data outside the EEA/UK, we implement appropriate safeguards, such as:

• EU Commission Standard Contractual Clauses (SCCs), and/or
• Transfers to countries with an adequacy decision, where applicable.

8. Data retention

We retain personal data only as long as necessary for:

• providing services and support,
• legal, accounting and tax obligations,
• fraud prevention and dispute resolution.

When no longer needed, we delete or anonymize the data, unless retention is required by law.

9. Security

We apply reasonable technical and organizational measures to protect personal data, including access controls and monitoring. However, no online system can be guaranteed 100% secure.

If a data breach occurs that is likely to result in a risk to your rights, we will notify the competent authority and affected individuals where legally required.

10. Minors

Our Platform is not intended for children. Bookings must be made by adults (18+). If you provide data relating to minors as part of a booking, you confirm you have authority to do so.

11. Your rights under GDPR (EU/EEA)

You may have the right to:

To exercise these rights, contact: info@macviaje.com

You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) or your local EU supervisory authority.

12. Cookies and tracking

We use cookies and similar technologies. Please see our Cookie Statement for details and for managing preferences.

13. Changes to this Privacy Policy

We may update this Policy to reflect changes in legal requirements or our services. The "Last Updated" date shows the latest revision.

14. Contact