Privacy Policy

Last updated: June 27, 2026

1. Introduction

TravelDesk Pro ("we," "our," or "us") is operated by Travel Desk Pro. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our travel back-office platform and related services (collectively, the "Service").

2. Information We Collect

Account Information: When you register, we collect your name, email address, phone number, company name, and role.

Booking Data: We process PNR records, ticket numbers, passenger names, flight details, hotel reservations, and car rental information that you import or create through the Service.

Gmail Integration: When you authorize Gmail access, we read booking confirmation emails to auto-create bookings. We access read-only email data and do not send, modify, or delete emails on your behalf.

Google Business Profile: When you connect your Google Business Profile, we read and reply to customer reviews on your behalf, and display review data in your dashboard.

Payment Information: Payment processing is handled by Stripe and Flutterwave. We do not store credit card numbers on our servers.

Usage Data: We collect anonymized usage analytics, IP addresses, browser type, and device information for security and performance monitoring.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process bookings, generate reports, and manage your travel operations
  • To send review requests to your customers via email, SMS, or WhatsApp
  • To sync and manage your Google Business Profile reviews
  • To detect and prevent fraud, abuse, and security incidents
  • To communicate with you about service updates and support
  • To comply with legal obligations

4. Data Sharing

We share information only with:

  • Service Providers: Supabase (database), Vercel (hosting), Stripe/Flutterwave (payments), SendGrid (email delivery), Twilio (SMS), Google (OAuth and AI), OpenAI (AI parsing)
  • Travel Suppliers: Airlines, hotels, and GDS systems when you create bookings
  • Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, role-based access control, multi-factor authentication options, and regular security audits. All API keys and secrets are encrypted and never exposed in client-side code.

6. Data Retention

Your data is retained for as long as your account is active. Upon account deletion, we retain data for up to 30 days to allow for recovery, then permanently delete it. Booking records may be retained longer to comply with aviation and financial regulations.

7. Your Rights

You have the right to:

  • Access, correct, or delete your personal data
  • Export your data in standard formats
  • Revoke OAuth permissions (Google, etc.) at any time
  • Opt out of non-essential communications
  • Request a copy of all data we hold about you

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. You can manage cookie preferences through your browser settings.

9. International Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place for international data transfers, including Standard Contractual Clauses where required.

10. Children's Privacy

The Service is not intended for individuals under 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy, please contact us:

Travel Desk Pro
Email: dwmusoke@gmail.com
Phone: +256 776 182 027