Adventour logo
Adventour
ToursEssentialsAbout
favorite_borderSign In

Privacy

1. Scope2. Information We Collect3. How We Use Information4. Legal Bases5. How We Share Information6. International Transfers7. Data Retention8. Cookies and Similar Technologies9. Your Choices and Rights10. Security11. Children12. Changes to This Policy13. Contact

Privacy Policy

This policy describes how Adventour handles traveler, booking, support, and payment-related information across the current platform.

Effective date: April 1, 2026

1. Scope

This Privacy Policy explains how Adventour collects, uses, stores, and shares personal information when you use our website, create an account, browse travel content, request support, or make a booking through Adventour services.

This policy covers the Adventour website and related booking, account, support, and payment flows that link to it. It does not replace third-party privacy notices that apply to services you use through our platform, such as Google sign-in, Mapbox maps, Supabase-hosted infrastructure, or Golomt-hosted payment pages.

2. Information We Collect

  • Account and profile data, such as email address, full name, avatar URL, phone number, role, status, and account preferences when you register or sign in.
  • Booking and traveler data, such as first name, last name, passport number, nationality, travel dates, guest count, itinerary selections, camp or tour details, extras, and contact email.
  • Support data, such as the name, email address, subject line, message content, ticket reference, and any context you choose to include in a support request.
  • Payment and transaction data, such as booking reference, provider order ID, amount, currency, payment status, request metadata, and callback metadata. Adventour does not collect or store full payment card numbers in the current hosted Golomt payment flow.
  • Preference and session data, such as language and currency cookie values, authentication/session cookies set through Supabase, and a short-lived cookie used only to track that a Google OAuth sign-in redirect is in progress.
  • Usage and technical data that service providers may collect automatically, such as IP address, device/browser details, timestamps, and approximate location inferred from network requests when maps, authentication, or hosted payments are loaded.

3. How We Use Information

  • Create and manage traveler accounts and authenticate sign-in requests.
  • Prepare, confirm, administer, and support bookings for tours, camps, guides, transport, and related services.
  • Process or reconcile payment attempts and payment return callbacks.
  • Send operational notices, booking updates, account notices, and support responses.
  • Display maps, routing context, language settings, and currency preferences.
  • Prevent fraud, misuse, unauthorized access, and other security issues.
  • Comply with legal, tax, accounting, consumer-protection, and dispute-resolution obligations.
  • Improve platform reliability, content accuracy, and operational planning.

4. Legal Bases

Where applicable law requires a legal basis for processing, Adventour generally relies on one or more of the following: performance of a contract with you, legitimate interests in operating and securing the platform, compliance with legal obligations, and your consent where a specific feature requires it.

5. How We Share Information

  • With infrastructure providers that help us run the service, including Supabase for authentication, database, and session handling.
  • With Google when you choose Google sign-in, subject to Google's own privacy terms and account settings.
  • With Golomt or another enabled payment provider to present hosted checkout and confirm payment outcomes.
  • With Mapbox when map views or map assets are loaded.
  • With local suppliers or trip operators, such as camps, guides, transport providers, or other fulfillment partners, but only to the extent needed to arrange or deliver the booked service.
  • With professional advisers, regulators, law enforcement, or courts when reasonably necessary for legal compliance, fraud prevention, safety, or dispute handling.
  • In connection with a merger, acquisition, financing, reorganization, or asset sale, subject to appropriate confidentiality and legal safeguards.

6. International Transfers

Adventour serves travelers and suppliers in Mongolia and may use service providers or partners located in other countries. Your information may therefore be processed outside your home jurisdiction. When we do so, we aim to use providers and arrangements that offer appropriate contractual, technical, or organizational safeguards under applicable law.

7. Data Retention

We retain personal information for as long as reasonably necessary to operate your account, complete bookings, support travelers, maintain business records, resolve disputes, enforce agreements, and comply with legal obligations. Retention periods vary by record type.

For example, account and booking records may be retained after a trip ends if needed for accounting, fraud prevention, legal compliance, or support history. When retention is no longer justified, we will delete or de-identify the information where practical.

8. Cookies and Similar Technologies

Adventour currently uses cookies primarily for essential account/session handling and functional preferences. In the current implementation, these include Supabase session cookies, language and currency preference cookies, and a short-lived Google OAuth pending cookie used during sign-in redirects.

We do not currently rely on advertising cookies in the current application implementation. If that changes, this policy should be updated before those tools go live.

9. Your Choices and Rights

  • You may review or update some account information from your profile or by contacting support.
  • You may request access to, correction of, or deletion of personal data, subject to legal exceptions and records we must keep.
  • You may ask us to close your account, although some booking, payment, and compliance records may need to be retained.
  • You may control some third-party processing directly through providers such as Google.

10. Security

Adventour uses measures intended to protect personal information, including access controls, authenticated sessions, and encrypted transport channels. No internet or storage system can be guaranteed completely secure, so you should also protect your credentials and notify us promptly if you suspect unauthorized account access.

11. Children

Adventour is not intended for children to use independently without the involvement of a parent, guardian, or other legally authorized adult. If you believe a child has provided personal information to us inappropriately, contact us so we can review the request.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, or operational practices. When we make material changes, we will update the effective date and may provide additional notice where appropriate.

13. Contact

For privacy requests or questions, contact Adventour at adventourmn@gmail.com or 88878788. You can also use our contact page and include "Privacy Request" in the subject line.