Last Updated: December 27, 2022

Privacy policy

This Privacy Policy describes our policies and procedures regarding the collection and use of your information when you make use of the service and informs you of your privacy rights and how the law protects you.

When we say "company", "we", "us", "our", "us", "service" or "services" in this document, we mean Totepass.

At Totepass, we are committed to complying with the GDPR, the CCPA, and other privacy regulations on our platform. The privacy of your data - and it's your data, not ours - is an important issue for us.

In this policy, we explain what data we collect and why, how your data is handled, and your rights over it. We promise you that we will never sell your data: we never have and never will.

Quick summary

When you visit Totepass, we use analytics to understand visitor behavior and implement improvements.

We value your privacy very highly. That's why all the data we collect is completely anonymous, as it does not require cookies and is not shared with third parties.

On the other hand, when you create an account, Totepass requires the use of essential Cookies to manage the sessions started.

The usage data collected are the following:

• IP address.
• User agent.
• Date and time of visit.
• Language of the browser.
• URL of the page visited.
• Screen size.

Additionally, when you create an account on Totepass, we collect a series of personal data. Again, none of this data is shared with third parties and is only used to contact you or to log you into the platform.

The data collected is the following:

• Full name.
• Email address.
• Travel plans.
• Travel files.
• Identifiers associated with your third party accounts.

As a visitor to the website

The privacy of our website visitors is important to us, so we do not track any individual person. As a visitor to the website, the following anonymous information is collected:

• IP address.
• User agent.
• Date and time of visit.
• Browser language.
• URL of the page visited.
• Screen size.

following this conditions:

• No personal information is collected.
• No information, such as cookies, is stored in the browser.
• No information is shared, sent or sold to third parties.
• No information is shared with advertising companies.
• No information is extracted to obtain personal and behavioral trends.
• No information is monetized.
• No cookies are used for analytical purposes.

As a Totepass user

Our principle is to collect only what we need and that we will only process this information to provide you with the service you have subscribed to.

We use a select number of trusted third party service providers for certain service offerings. These service providers are carefully selected and meet high standards of data protection, privacy and security.

We only share with them the information necessary for the services offered.

This is what this means in practice:

What we collect.

• Full name.
• Email address.
• Travel plans.
• Travel files.
• Identifiers associated with your third party accounts.

What we use it for

• You need to provide us with your email address if you wish to create a Totepass account. This is so you can log in and personalize your new account, and so we can send you updates or other essential information.
• It is necessary for you to provide us with your travel and file information to carry out our service, as our service proposition is based on sharing this data with users you authorize. This data is not shared with third parties.
• A first-party persistent cookie is stored to remember that you are logged in. If you log in to your Totepass account, you give us permission to use cookies so that you do not have to log in each time you log in again. This makes it easier for you to use our platform. A cookie is a piece of text stored by your browser. You can adjust the cookie retention settings in your own browser. Cookies already stored can be deleted at any time.
• The identifiers of your third-party accounts are used to associate your Totepass account with them. These identifiers are only used to enable you to log in using a third party service and in no case are they used for the collection of personal data.
• All data we collect is fully protected, encrypted and hosted on a server located in Spain. This ensures that all site data is covered by strict European Union data privacy laws. Your site data never leaves the EU.
• All emails are sent using a third party email provider. Emails are sent using SendInBlue. Open and link tracking on all emails sent is enabled for transactional email debugging. Details and previews are not enabled. See SendInBlue privacy policy for full details.
• When you write to us with a question or request for assistance. We retain that correspondence, which includes the email address, so that we have a history of past correspondence that we can refer to should you contact us in the future. We use this data only in connection with responding to inquiries we receive.

Under what conditions

• No information is shared, sent or sold to third parties.
• No information is shared with advertising companies.
• No information is monetized.

Data retention

We will retain your information for as long as your account is active, as necessary to provide you services or as otherwise set forth in this policy.

We will also retain and use this information as necessary for the purposes set forth in this policy and as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and protect Totepass's legal rights.

You may choose to delete your Totepass account at any time. All your data will be permanently deleted immediately at the time of the request to delete your account.

Leaks

If at any time an unauthorized leak of Totepass data should occur, we will notify you within 48 hours, in accordance with the European General Data Protection Act (GDPR). If it happens, we recommend you to change all your passwords and check if you have been a victim of other possible leaks at have i been pwned?.

Subsequently, as soon as we know more information about the breach, we will inform you what happened, how it happened and what measures we will implement to protect your data in the future. Remember that you can download your data at any time from your profile.

Changes and questions

We may update this policy as necessary to comply with relevant regulations and to reflect any new practices. Whenever we make a significant change to our policies, we will announce it by email.

Please contact us if you have any questions, comments or concerns about this privacy policy, your data or your rights with respect to your information.