Privacy policy


Last Updated: 02.12.2022

This Privacy Policy, as amended or otherwise changed from time to time (the "Privacy Policy" or “Policy”), explains the manner in which OÜ Travel Nerd (hereinafter referred to as the “Company”), the company registered in Estonia, registry code 16388532, address Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 3 // 5 // 7, 10145 (hereinafter “Travel Nerd” or the “Company”) maintains and discloses user information obtained through its website (the "Site"), apps that are downloaded to your computer, phone, tablet, or other device (the “Apps”). The terms "we," "us," and "our" refer to the Company. By using the Site, Apps, you ("User") consent to the data practices prescribed in this Privacy Policy. For the purposes of this Policy, the User as the case might be shall include the Guides being individuals or any employee or representative of the Guide if the Guide is a legal person (depending on the context). This Policy applies to any kind of personal data we collect through our Site, Apps or by any other means connected to the Site, Apps and the Platform (as defined in the General Terms and Conditions) we operate (such as when you contact our customer service team by email).

Your Personal Data is processed under this Privacy Policy and in accordance with applicable legislation, including the General Data Protection Regulation (2016/679) ("GDPR") and the applicable national data protection laws (“Data Protection Law”).

The Company acts as the data controller of your Personal Data. 

On occasion, the Company may revise this Privacy Policy to reflect changes in the law, our personal data collection and use practices, the features on the Site, Apps, or advances in technology. If material changes are made to this Privacy Policy, the changes will be prominently posted on the Site, Apps.

What if I do not want to accept this Privacy Policy?

By using thess Site, Apps, you signify your acceptance of this Policy. If you do not agree to this Policy, please do not use our Site, Apps. Your continued use of the Site, Apps following the posting of changes to this Policy will be deemed as your acceptance of those changes.

In case you disclose any Personal Data regarding any third person (e.g. your employee, management board member, co-worker, contracting party, etc.) to us, you are obliged to refer them to this Policy.

What information does the Company collect?

We collect Personal Data and Anonymous Data, as described below.

We may collect Personal Data from you, such as:

  • first and last name;
  • e-mail and mailing addresses;
  • phone number;
  • photos;
  • date of birth.

Please note that the data items in the sections above are only considered personal data when concerning a natural person (meaning, an individual human being). These data items are not considered personal data when concerning a legal person or entity.

If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.

Some information is collected automatically by our servers:

  • Our servers (which may be hosted by a third-party service provider) collect information from you, including your browser type, operating system, Internet Protocol ("IP") address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
  • As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider ("ISP"), referring/exit pages, operating system, date/time stamp, and clickstream data.
  • Like many online services, we use cookies to collect information. "Cookies" are small pieces of information that a website sends to your computer's hard drive while you are viewing the website.
  • We retain information on your behalfs, such as transactional data and other session data linked to your account.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). 

Your data is required among others to set up and manage an account for you on the Site, Apps. In this case, you conclude a (free) user agreement with us, on the basis of which we collect this data (Art. 6 para. 1 lit. b GDPR).

In order to conclude the agreement and purchase the services on the Site, Apps, you must provide us with this data. However, you have no obligation to enter into the agreement and thus provide the data.

In some cases, the User might purchase a Travel Service with other people or make a reservation on someone else’s behalf. In both those scenarios, you will provide their details as part of the booking of the Travel Service. You acknowledge and agree that it’s your responsibility to ensure that the person or people you have provided personal data about are aware that you’ve done so and that they have understood and accepted how we use their information (as described in this Policy).

How does the Company use the information it collects?

In general, Personal Data you submit is necessary for making a comfortable and safe service for clients. Also, we use your Personal Data in the following ways:

  • facilitate the creation of and secure account on a network;
  • provide improved administration of Site, Apps and services and display personalised content on our Site, Apps (Art. 6 para. 1 lit. f GDPR);
  • improve the quality of experience when interacting with the Site, Apps and services;
  • identify, prevent, and report potentially suspicious, fraudulent, or illegal activities;
  • send administrative e-mail notifications, such as account activity, transaction processing, security or support, and maintenance advisories;
  • send a welcome email to verify ownership of the e-mail address provided when the account was created.

The Company does not sell user and/or Anonymous Data to any third party.

When registering on our Platform, offer a Travel Service or book a Travel Service (as defined in our General Terms and Conditions) using our Site, Apps, we collect the data required to provide our Services. This usually includes the following information:

  • First and last name, 
  • billing address, 
  • email address, 
  • telephone number, 
  • number of participants, 
  • date and time.

[Depending on the booked Travel Service, it may also be necessary for us to collect additional data, such as the age of the participants, transportation details, etc.] The processing that takes place in connection with this is based on Art. 6 para. 1 lit. b GDPR. 

If a Travel Service is purchased through the Site, Apps, we will collect the following data:

  • information on the Travel Service purchased using the Site, Apps;
  • bank account information (bank account number and first and last name of the account owner) of the account used to conclude the transaction. 

The payment made by credit card will be processed by Stripe Payments Europe, Limited (Stripe). Stripe will forward the data provided during your payment to the respective banks or financial institutions for the purpose of processing the payment. In the case of payments by credit card, we only receive the information that payment has or has not been made. We, therefore, have no data on your credit card.

Depending on the Travel Service and the Guide, the details we share can include your name, contact and payment details, the names of the people accompanying you and any other information or preferences you specified when you made your booking of Travel Service.

Customer support 

In case you need to contact our customer support, our support personnel will handle your contact information and the contents of your communication. Please do not share any sensitive data in your communication with our customer support. You can contact our customer support through various means. Depending on the means of communication you choose, we’ll process the following contact details: - Your IP address (chat support) - Phone number (phone support, SMS support) - Email (email support) - User ID of an instant messaging app (QR code, support through an instant messaging app). We keep a record of the contents of the support tickets to make sure that you receive quality service and to develop our products and services. If you contact us by calling our support number, please note that we also record phone calls for the same purposes. The processing of your personal data in connection with your communication with our customer service is based on the service agreement between you and the Company as well as our legitimate interest to follow up on the quality of our customer service, to verify the actions taken based on your request and to develop our service in the future. 

How does the Company share my Personal Data?

It may be necessary to disclose your information to comply with any law, court orders, or government request, defend against claims, investigate or bring legal action against illegal or suspected illegal activities, enforce our Terms, or protect the rights, safety, and security of the Company, our users, or the public.

We may share your Personal Data with third-party service providers to provide you with the services that we offer you through our Site, Apps. These third-party service providers are required not to use your Personal Data other than to provide the services requested by you. 

To the extent necessary, we will transfer your data to the Guide or any third party providing the Travel Service or facilitating the provision of the Travel Service. Transfer to a third country outside the EEA is necessary in the case of Travel Services provided in such jurisdictions and such transfer is based on Art. 49 para. 2 lit. b, c GDPR. 

We can make bookings for Travel Services via partner sites, and in this case, we transfer the data required to make the booking to the partner. The primary reason we share your data is to supply the Guide with the relevant information to complete your Travel Service and fulfil the obligations under the agreement for Travel Service.

In order to support the use of our services through the Site, Apps, your information (which may include personal data) may be shared with members of the Travel Nerd’s corporate group. We rely on our legitimate interest and that of the Company’s group companies’ to receive and share personal data as described herein.

Other than as stated in this Privacy Policy, the Company does not disclose any of your personal information to third parties unless required to do so by law enforcement, court order, or in compliance with legal reporting obligations.

All third-party service providers that we share your data with shall be requested to only process your data in accordance with instructions from us and comply fully with this Privacy Policy, any applicable data protection laws and any other appropriate confidentiality and security measures. We may also share your personal data with competent authorities when this is necessary to comply with a legal obligation, court order or comparable official order issued by an authorised authority.

We may share some or all of your Personal Data in connection with or during the negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving the sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset.

If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy. 

The Site, Apps may contain links to other third-party websites which are regulated by their own privacy policies. The Company is not responsible for the privacy policies of these third-party websites even if they were accessed using the links from our Site, Apps. 

How long do we store your personal data?

We keep the data you have provided to us on your user account for the whole period of your customer relationship and as long as it is necessary with regard to the purposes of the processing described above. 

How do we transfer collected information internationally?

We may transfer the collected information we obtain from you to recipients in countries other than the country in which the information was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the information.

To the extent necessary, we will transfer your data to the Guide or any third party providing the Travel Service or facilitating the provision of Travel Service. Transfer to a third country outside the EEA is necessary in the case of Travel Services provided in such jurisdictions and such transfer is based on Art. 49 para. 2 lit. b, c GDPR. All data transfers outside the EEA are made under the General Terms and Conditions which include necessary data protection provisions.

What legal rights do you have in relation to your information?

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data: 

  • Request access to your personal data. 
  • Request correction of your personal data. 
  • Request erasure of your personal data. 
  • Object to processing of your personal data. 
  • Request restriction of processing your personal data. 
  • Request transfer of your personal data. 
  • Right to withdraw consent. 

You also have the right to lodge a complaint with a Data Protection Authority (“DPA”) if you think that your Personal Data is being processed incorrectly or your rights have been violated by the Company. The Estonian Data Protection Inspectorate is available at

The rights listed in this Section regarding the processing of their personal data are not absolute rights. In certain cases, the rights of other data subjects or legal rights of Travel Nerd may restrict the rights of the User.


You will not have to pay a fee to access your personal data (or to exercise any of the other rights).  

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. 

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. Please note that in certain circumstances it may be still lawful for us to continue processing your information even where you have withdrawn your consent if one of the other legal bases is applicable. 

How can you send requests regarding your information?

You can make a request regarding your information by emailing

Unless you have made a corresponding request, we will retain your information for as long as your account has not been closed or as needed to provide you access to your account. 

If you wish to close your account, the account may be terminated by the user in settings inside his personal account. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms.

Where do we store your Personal Data?

The information we collect is primarily stored on secure servers. We will take all steps reasonably necessary to ensure that personal information is treated securely and in accordance with this Privacy Policy and that any third parties that we share your information with are bound to employ similar organisational and technical measures to ensure your information's security. 

What security precautions does the Company take to protect me?

We take the protection of your personal information seriously. We use industry-standard data encryption technology and have implemented restrictions related to the storage of and the ability to access your personal information. However, despite all of our efforts, please note that no transmission over the Internet or method of electronic storage can not be guaranteed to be 100% secure.

Contacting Us

If you have any questions about our Privacy Policy as outlined above, please contact us at

Sign in
Sign up
Please fill in the required fields
By sending this form, i accept Terms of service and agree to the processing of my personal data in accordance with the Personal data processing policy.
Restore password Sign in
Restore password
Please list e-mail or phone number linked to your account to receive restore password link.
Sign up Sign in
To improve the service Alle! uses cookies. By continuing browsing, you agree to their use. By continuing using our website you agree with Terms of use and Privacy policy.