Rainbow Tour Guides
Back to home

Privacy Policy

Last Updated: March 2026

At Rainbow Tour Guides, your safety and privacy are our foundational priorities. We are committed to minimizing the data we collect, protecting the data we hold, and giving you complete control over your digital footprint.

This Privacy Policy explains how we collect, use, and protect your information when you use our platform.

1. Information We Collect

To facilitate safe and curated local connections, we collect information that you directly provide to us:

  • Account Information: Your name, email address, secure authentication credentials, and preferences (such as your preferred display language and currency).
  • Profile Information: Information you choose to add to your profile, such as a short bio, interests, and profile photos.
  • Booking & Coordination Data: Tour dates, locations, itinerary notes, and in-app messages exchanged between Travelers and Guides.
  • Financial Information: Payment details are processed directly by our secure payment provider (Stripe). We do not store your raw credit card numbers or bank routing information on our servers. If you choose to save a payment method for faster checkout, the card details are securely vaulted by Stripe — we only store a reference token, never the card number itself.
  • Guide Verification Documents: To ensure community safety, Guides must manually upload a Government-issued ID during onboarding for administrative review. (See Section 3 for our strict deletion rules regarding these documents).

2. Profile Privacy & Information Sharing

We intentionally separate your private data from what is publicly visible to protect your identity and boundaries.

  • Traveler Profiles:We utilize a limited "Public Profile" system. When you request a booking, the Guide will only see your first name, an optional photo, languages spoken, and a short bio to help them ensure a safe and aligned tour. Your email address, phone number, exact billing address, and payment details are never shared with Guides or the public.
  • Messaging Boundaries: To protect both parties, direct messaging between Travelers and Guides is technologically locked until a booking is financially confirmed. We never share your personal contact information; all coordination happens safely within the platform.
  • Third Parties: We never sell your personal data to third parties. We only share data with essential service providers (like Stripe for payments and email providers for transactional alerts) necessary to operate the platform.

3. Data Retention & Our "Zero-Retention" ID Policy

We do not believe in hoarding sensitive data.

  • Zero-Retention for Government IDs: For Guides undergoing our manual vetting process, the Government-issued ID image you upload is reviewed by our administrative team and then immediately and irreversibly deleted from our databases the exact second an approval or rejection decision is made. We retain the status of your verification, but we never store the sensitive document itself.
  • General Data Retention: We retain your account data for as long as your account is active. If you choose to delete your account, your Personally Identifiable Information (PII) is permanently wiped.

4. Global Privacy Rights (GDPR Compliance)

We believe that privacy is a universal human right. Therefore, we extend GDPR-level data controls to all users globally, regardless of your country of residence. From your private Dashboard Settings, you can exercise your right to:

  • Access & Export: Download a complete, structured file (JSON) of your profile data, booking history, and review history at any time.
  • Erasure ("Right to be Forgotten"): Initiate a self-serve account deletion. Upon email confirmation, the system will permanently delete or mathematically obfuscate your Personally Identifiable Information (PII) from our active databases.

Note: To comply with international tax and legal regulations, anonymized records of financial transactions (which cannot be traced back to your identity) are retained for our platform accounting.

5. Cookies & Analytics tracking

We use cookies to ensure the basic functionality of our platform (such as keeping you logged in and remembering your currency preferences).

For performance and marketing analytics, we operate on a strict consent model. Non-essential tracking scripts (such as Google Analytics) do not load or track your behavior unless you explicitly click "Accept" on our cookie consent banner. You can manage or revoke these preferences at any time.

6. Security Measures

We implement industry-standard security measures, including:

  • Encryption: All sensitive data is encrypted in transit (HTTPS) and at rest (via Supabase).
  • Access Controls: Strict Role-Based Access Control (RBAC) ensures that only authorized administrative personnel can access safety reports, refund queues, or pending guide applications.

7. Contact Us

If you have any questions about this Privacy Policy, or if you need assistance exercising your data rights, please contact our privacy team at: privacy@rainbowtourguides.com.

Terms of ServiceSafety GuidelinesBack to home