Privacy Policy | TripClub Travel

This Privacy Policy explains how travel.tripclub.gr (“TripClub”, “we”, “us”) handles personal data. We aim to comply with the EU General Data Protection Regulation (GDPR).

Summary: We do not sell tickets or take payments. Bookings happen on third-party websites. We may process limited technical data for analytics and affiliate attribution.

1. Controller

The data controller for this website is TripClub. Contact: [email protected]

2. Data We Do Not Collect

TripClub does not intentionally collect or store:

payment card information,
passport/ID data,
full booking details (PNR, ticket numbers, etc.).

3. Data We May Collect on This Website

Depending on your settings and consent, we may process:

IP address (often in truncated/anonymized form depending on tooling),
device and browser information,
pages visited and interactions,
referring source and affiliate click identifiers.

4. Purpose and Legal Basis

4.1 Website operation

Processing necessary to operate and secure the website (legal basis: legitimate interests and/or performance of a contract depending on context).

4.2 Analytics

If enabled, analytics help us understand website performance and improve content (legal basis: typically consent for non-essential analytics cookies, depending on your configuration).

4.3 Affiliate attribution

Affiliate tracking enables attribution of referrals so TripClub can receive commission when bookings occur (legal basis: typically consent for non-essential tracking, depending on cookie setup and applicable law).

5. Third-Party Processing (Travelpayouts & Providers)

travel.tripclub.gr operates as a white-label affiliate travel search powered by Travelpayouts. When you click an offer and leave our site, third parties (Travelpayouts and the booking provider) may process your data under their own privacy policies and terms.

Note: TripClub does not control third-party websites. Please review the provider’s privacy policy before booking.

6. Cookies and Similar Technologies

We use cookies and similar technologies for essential functions, analytics (if enabled), and affiliate attribution. See our Cookie Policy for details.

7. Data Retention

We retain data only as long as necessary for the purposes described above, or as required by law. Third-party providers have their own retention periods.

8. Your Rights (GDPR)

You may have the right to:

access your personal data,
rectify inaccurate data,
erase data (“right to be forgotten”),
restrict or object to processing,
data portability (where applicable),
withdraw consent at any time (where processing is based on consent).

To exercise your rights, contact [email protected].

9. International Transfers

Some service providers may process data outside the European Economic Area. Where applicable, transfers are protected through appropriate safeguards (e.g., Standard Contractual Clauses) as provided by the relevant processors.

10. Updates

We may update this policy from time to time. The “Last updated” date reflects the latest version.