Privacy Policy
Last updated: March 2026
TravelPearls (a trading name of Travel Pearls Pty Ltd ABN 65 696 242 065, "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website and use our services. We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and the Spam Act 2003 (Cth).
This Privacy Policy is available free of charge on our website at all times.
1. Anonymity & Pseudonymity
Where practicable, you may visit our website and browse deals without identifying yourself. However, to make a booking or create an account, we require you to provide your identity. It is not practicable for us to deal with you anonymously or by pseudonym for the purposes of completing a travel booking, as we are required to pass accurate passenger details to travel suppliers (including airlines, hotels, and tour operators) and to comply with applicable laws.
2. Information We Collect
Personal Information You Provide
- Name, email address, phone number, and date of birth
- Passport details and travel document information (for booking purposes)
- Emergency contact details
- Payment information (processed securely by Stripe — we do not store your card details)
- Communication preferences and marketing opt-in status
Sensitive Information
We may collect dietary requirements and medical or health needs relevant to your travel (for example, food allergies, mobility requirements, or medical equipment needs). This information is classified as sensitive information under the Privacy Act 1988 (Cth) and we will only collect it with your explicit consent. We collect this information solely to pass it to your travel suppliers (hotels, airlines, tour operators) so they can accommodate your needs. You are not required to provide this information, but failing to do so may affect the level of service suppliers can provide.
Information Collected Automatically
- Browser type, device information, and IP address
- Pages visited, time spent on pages, and referral source
- Cookies and similar technologies for website functionality
3. How We Use Your Information
- To process bookings — creating and managing your travel bookings, processing payments, and issuing travel documentation
- To communicate with you — sending booking confirmations, balance reminders, itinerary updates, and customer service responses
- To send marketing communications — weekly deal announcements and promotional offers (only with your consent; you can unsubscribe at any time via the unsubscribe link in any email or by contacting us directly)
- To improve our services — analysing usage patterns, troubleshooting issues, and enhancing the user experience
- To comply with legal obligations — meeting regulatory requirements, tax obligations, and responding to lawful requests
4. Overseas Disclosure & Third-Party Services
We use trusted third-party services to operate our platform. Some of these providers are located overseas, including in the United States of America. By providing your personal information to us, you consent to it being disclosed to these overseas recipients. We take reasonable steps to ensure these providers protect your information in a manner consistent with the Australian Privacy Principles:
- Stripe (USA) — payment processing (PCI DSS Level 1 compliant)
- Supabase (USA) — database hosting and authentication
- Resend (USA) — transactional email delivery
- Vercel (USA) — website hosting
- Anthropic (USA) — AI-powered customer service chat
- Retell AI (USA) — AI-powered voice customer service
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
5. Marketing Communications & Spam Act Compliance
We comply with the Spam Act 2003 (Cth). We will only send you commercial electronic messages (such as promotional emails) if you have consented to receive them. Every marketing message we send will clearly identify TravelPearls as the sender and include a functioning unsubscribe mechanism. You can withdraw consent at any time by clicking the unsubscribe link in any marketing email or by contacting us directly. Transactional emails relating to your booking (confirmations, balance reminders, itinerary updates) are not marketing messages and will be sent regardless of your marketing preferences.
6. Cookies
We use essential cookies for website functionality, including authentication and brand preferences. We may also use analytics cookies to understand how visitors use our site. Analytics cookies may collect information about your device and browsing behaviour, which constitutes personal information under the Privacy Act. You can manage cookie preferences in your browser settings; however, disabling essential cookies may affect website functionality.
7. Data Security
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. This includes encryption in transit (TLS/SSL), row-level security on our database, and secure payment processing through Stripe. However, no method of electronic storage or transmission is 100% secure.
When personal information is no longer needed for any purpose for which it may be used or disclosed, and we are not required by law to retain it, we will take reasonable steps to destroy or de-identify that information.
8. Data Retention
We retain your personal information for as long as necessary to provide our services and fulfil the purposes outlined in this policy. Booking records are retained for 7 years to comply with Australian tax and consumer protection obligations. You may request deletion of your account and personal data at any time, subject to our legal retention requirements.
9. Data Breaches
We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). If we become aware of a data breach that is likely to result in serious harm to any individuals whose information is involved, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable.
10. Your Rights
Under the Privacy Act 1988, you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate or out-of-date information
- Opt out of marketing communications at any time
- Request deletion of your personal data (subject to legal obligations)
- Withdraw consent to the collection of sensitive information (dietary/medical) at any time, noting this may affect the service suppliers can provide
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached
11. Privacy Complaints
If you believe we have breached the Australian Privacy Principles or the Privacy Act 1988 (Cth), we encourage you to contact us first so we can attempt to resolve your complaint directly.
To lodge a privacy complaint:
- Email us at hello@travelpearls.com.au with the subject line "Privacy Complaint" and a description of your concern.
- We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days.
- If you are not satisfied with our response, you may escalate your complaint to the OAIC at www.oaic.gov.au or by calling 1300 363 992.
12. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. Bookings for minors must be made by a parent or legal guardian.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
TravelPearls
Trading name of Travel Pearls Pty Ltd
ABN: 65 696 242 065 | ACN: 696 242 065
NSW 2009, Australia
Email: hello@travelpearls.com.au
Office of the Australian Information Commissioner: www.oaic.gov.au | 1300 363 992