Reviews of Hotels, Flights and Vacation Rentals
Mediakeskus

Newsroom

Privacy and Cookie Statement

Effective: January 1, 2023

Tripadvisor LLC owns and operates an online platform that provides users with information, recommendations and services related to travel and leisure, including tools for researching and/or booking hotels, rentals and other accommodations, attractions and experiences, restaurants, flights, and cruises, among other leisure-related services. In this Statement, we refer to these as our “Services”.

The information that you and others entrust us with enhances our ability to provide more relevant, personalized  and helpful Services. We know that sharing your information with us is based on trust. We take your trust in us seriously and are committed to providing you helpful information, products and services, curated based on the information you have shared with us. Equally, and perhaps more importantly, we are committed to respecting your privacy when you visit our website or use our Services and being transparent about how we use the information you have entrusted to us.

This Statement describes how we obtain, use, and process your information – hopefully, in an easily understandable and transparent manner. It informs you of the rights you have, how you can exercise them and how you can contact us. Please review this Statement carefully to learn about our practices with respect to information and privacy. By visiting our websites and related mobile applications, as well as other online platforms such as our affiliated partners’ websites, apps and social media, whether on a computer, phone, tablet, or similar device (each of these is referred to as a “Device”), you acknowledge and confirm that you have read this Statement.

We offer our Services to users in a number of countries and territories where the laws and customs differ. This Statement provides a general overview of our privacy practices. In addition, Sections 12 through 15 of this Statement provide specific information relevant to users residing in certain regions or countries.

1. Information Collected and Processed

When you access or use our Services, we collect and process information from and about you to provide the Services in a more personalized  and relevant way. Some information we collect passively, for example, with our servers or with cookies or other similar tracking technologies. Some information we collect from different sources, including from you, affiliated entities, business partners, and other independent third-party sources. When you use our Services by “clicking-through” from a third-party website or when you visit third-party websites via our Services, those third-party websites may share information with us about your use of their service. Any information that we receive from third-party websites may be combined with the information provided by you.

Information processed may include the following:

  • Contact information, including name, phone number, and postal and email addresses (both hashed and unhashed)
  • Billing and other payment information (such as your bank account information, credit card number, cardholder name, expiration date, authentication code and billing address)
  • Documentation to support travel and planning
  • Username and password
  • Details relating to your membership with Tripadvisor
  • Photos, reviews, forum and social posts, and videos you may have provided to us
  • Geolocation information
  • Device information, such as when you accessed our Services and information about the Device used (for example, IP address, software or internet browser used, preferred languages, unique Device identifiers, and advertising identifiers)
  • Online activity, including pages you have visited, content reviewed, and apps reviewed
  • Other information about yourself that you have voluntarily disclosed
  • Purchasing and booking history
  • Information about your travel, experience and dining plans and preferences
  • Communications when you contact our customer service team, including inbound and outbound calls
  • Information that you have provided to other third party companies for the purposes of logging in to social media. This includes publicly available information, such as name, age-range as well as email addresses.

We may also collect – in instances where you have provided it – information about other travellers or guests, including their email address and other travel, dining or experience-related information. If you are sharing information with us about other individuals, you must obtain their consent and ensure that they have understood and accepted how we will use their personal information (as described in this Statement).

In addition to the categories noted above, we may also collect certain location information if you have instructed your Device to send such information via the privacy settings on that Device, or, for example, if you have uploaded photos tagged with location information.

2. Information Uses and Purposes

To the extent possible, we want to provide you with relevant content and a tailored experience when you use our Services, and we use information about you to do that, including in the following ways:

Registration, membership, and other contracts

  • Register and manage your account, including to allow you access to and use of our Services
  • Facilitate your bookings
  • Process payments or credits
  • Offer you promotional programs that may include competitions, gift cards, rewards, cash back, and discounts

Improve our Services

  • Use your information for analytical purposes and to enable us to improve our Services
  • Provide you with a tailored/optimized experience by grouping users based on, for example, usage, interests and demographics
  • Send you survey, market research invitations, or panel interviews for analytics purposes

Individualization and customization

  • Notify you about special offers and products or services available from us, our affiliates, or our partners that may be of interest to you
  • Tailor your experience, including by making inferences about your interests and preferences based on your activity and customize the ads shown to you both on and off our website

Communication

  • Communicate with you or facilitate communication between you and our partners and/or affiliates
  • Conduct, monitor and record your calls or interactions with us; for example, your communications with our customer service or sales teams, or through our use of pixels and similar technologies to monitor how you interact with our emails to you, such as whether you open or click on content in our emails
  • Host your reviews, forum posts, photos, videos, and other content
  • Respond to your questions and comments

Legal Compliance

  • Resolve disputes or troubleshoot problems
  • Prevent fraud and other potentially prohibited or unlawful activities
  • Comply with relevant laws, respond to legal requests, prevent harm, and protect our rights
  • Provide payment services, including to detect and prevent money laundering, fraud and security incidents, to comply with legal obligations, and to enforce any applicable terms of service

 

Please note, if we use automated decision-making to process your personal information, we will implement appropriate measures required to safeguard your rights and freedoms including your right to obtain human intervention.

3. Information Sharing

In order to provide some of our Services and processing activities, we use service providers and may need to share information with these service providers and certain other third parties, including our group of companies, in the following circumstances:

  • Our Group of Companies. We may share information with certain companies in our corporate family so we can provide you with information about products and services, both travel-related and others, which might interest you and to provide payment services. This sharing also allows us to better understand how you interact with the websites, apps and services of our group companies. These companies will comply with this Statement and all applicable laws governing the transmission of promotional communications.
  • Suppliers. We may share information with certain suppliers used to facilitate our Services, including where relevant to help with transactions.
  • Business Partners. We may share information about you, your Devices and your use of our Services with our trusted business partners. For example, we may share information so that we can facilitate payment for products or services you may purchase on the websites of our partners. This sharing is generally pursuant to written agreements which include confidentiality, privacy, and security obligations; please note, however, that we do not control the privacy practices of these third-party business partners.
  • Social Media Websites. When you use our Services and elect to share information with third-party social media websites, the information you share will be governed by the privacy policies of those social media websites and the privacy settings you have set with those social media websites.
  • Advertising Networks. We sometimes collect and share information about your interests with advertising networks and data aggregators. Some of these companies are members of the Network Advertising Initiative or the Digital Advertising Alliance, which offer a single location to opt out of ad targeting from member companies. To learn more about the Digital Advertising Alliance, please click here.
  • Fraud Detection Companies. Third parties may assist us by providing us with their fraud detection technologies.
  • Other third parties, such as referring websites. Third parties may also assist us in collecting information by, for example, operating features of our website or facilitating the delivery of online advertising tailored to your interests. We may share audience segments and other information, such as hashed email addresses, with third parties that use that information for tailored advertising to you. Other third parties may also provide us with their content and contract generation, management, and hosting tools. Third parties may only collect or access information as needed to perform their permitted functions. If and to the extent these third parties only assist us to perform our processing operations, we have bound them contractually to only act on our behalf as so-called data processors.

Certain Device operating system versions permit you to opt out of certain types of information sharing, including to certain advertising networks. You can change the privacy settings of your Device at any time in order to turn off the functionality that collects and shares location information. Please check your Device settings if you want to limit such tracking However, turning off location-sharing may affect certain features that we offer. If you have any questions about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.

We also may share your information if we believe, in our sole discretion, that such disclosure is necessary:

  • To comply with legitimate and enforceable subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we reserve the right to raise or waive any legal objection or right available to us.
  • To investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of Tripadvisor, our customers, or others; and in connection with our Terms of Use and other agreements.
  • In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

4. Information Choices

You have options with respect to the processing and use of your information by us. You can access, update, and even close your account by visiting the “Member Profile” section on our website or app. In addition, you can do the following:

  • Choose the way we communicate with you.
  • Choose not to provide us with certain information, although it may be needed to take advantage of certain features offered on our websites.
  • Prevent the collection of certain geolocation information (e.g. by switching off location services for our app in the settings of your phone), but note that turning off location sharing may affect certain features of our Services.
  • Close your account directly from within your Member Profile. Note that if you close your account, we will deactivate your account and remove your profile information from active view. We may retain some information associated with your account (including past transactions) for internal purposes including backups, fraud prevention, dispute resolution, investigations, our own legitimate business interests, and legal compliance for the period necessary to fulfil the purposes outlined in this Statement.
  • As a registered member, you can modify your marketing subscriptions, including email subscription choices, at any time, within your member settings.
  • Unsubscribe from promotional messages, including emails with travel-related opportunities, in any such email we send.

5. Information on Children

Our Services are not intended for children, which we consider to be: (i) individuals that are 13 years of age or under, or the age of privacy consent in your jurisdiction; or (ii) when processing data on the basis of a contract, the age of legal capacity to enter into the agreement.

We will only collect or process information belonging to children under very limited circumstances. We might need to collect personal information belonging to children as part of our Service if, for example, the personal information is required as part of a travel-related reservation. We will only collect personal information belonging to children if it is provided by and with consent of a parent or guardian. If we become aware that we have processed the personal information of a child without the valid consent of a parent or guardian, we will delete the personal information.

6. Information Transfers

We offer our Services to users located in many different jurisdictions. If we transfer your information to other countries, we will use and protect that information as described in this Statement and in accordance with applicable law.

7. Information Security

We have implemented appropriate administrative, technical, and physical security procedures to help protect your information. We only authorize specific personnel to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.

8. Information Deletion and Retention

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise, or defend any legal rights.

9. Information from Cookies

We want your access to our Services to be as easy, efficient, and useful as possible. To help us do this, we use cookies and similar technologies to improve your experience, to enhance website security, and to show you relevant advertising.

Cookies are small text files that are automatically placed on your Device when you visit almost any website. They are stored by your internet browser and contain basic information about your internet use. Your browser sends the information from these cookies back to a website every time you revisit it, so it can recognize your Device and improve your experience by, among other things, providing you with personalized content. We also use other tracking technologies, such as pixel, SDKs, or server logs, that have a similar functionality. We also use cookies and tracking technologies to remember your login details, so you don’t have to re-enter them repeatedly when you use our Services or to help us understand your preferences.

To give you control, we provide you with a Cookie Consent Tool which allows you to adjust and customize your cookie settings. You can access the Cookie Consent Tool by clicking the “Cookie consent” link at the bottom of every page and modify your preferences in our cookie banner. In addition, you can manage cookies through the settings of your internet browser. You have the right to withdraw your consent to cookies at any time by clicking on the “Cookie consent” link and modifying and saving your preferences. In the settings of your Internet browser, you can choose which cookies to accept and reject.

Most advertising networks offer you a way to opt out of advertising cookies. See www.aboutads.info/choices/ and www.youronlinechoices.com for useful information on how to do this.

If you decline certain cookies, your access to some functionality and areas of our Services might be degraded or restricted.

Our use of any information we collect through cookies is subject to this Statement, which is linked on every page of our website.

10. Information on Statement Changes

We may update this Statement in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Statement on the website. We will note at the top of this Statement when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Statement for the latest information on our privacy practices.

11. Contact

If you have a data privacy request, such as a request to delete or access your data, please visit our dedicated privacy portal by clicking here. For general data privacy inquiries or questions concerning our Privacy and Cookies Statement, please contact our privacy team by clicking here.

12. Europe and the UK

General Data Protection Regulation Privacy Statement (“GDPR Statement”)

This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Statement; however, where the Statement conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons located in the EEA.

Controller of Personal Information and Local Representative

Tripadvisor LLC is the controller of personal information we collect; however, in accordance with applicable data privacy law, we have appointed representatives within the European Union and United Kingdom.

The contact details of our European Union representative are:

Tripadvisor Ireland Limited

C/O Matheson

70 Sir John Rogerson's Quay

Dublin 2

D02 R296

Ireland

The contact details of our United Kingdom representative are:

Tripadvisor Limited

7 Soho Square

London

W1D 3QB

United Kingdom

Attn: Privacy Officer

Tripadvisor Ireland Limited and Tripadvisor Limited’s roles in this respect are limited solely to being a contact point for questions on data protection from European (including UK) residents and data protection supervisory authorities. For the avoidance of doubt, neither Tripadvisor Ireland Limited nor Tripadvisor Limited can field other communications or legal process on behalf of Tripadvisor LLC.

Information Rights Under GDPR

You have certain rights regarding your personal information.

Your rights with respect to your own personal information include the following:

  • The right to request access to your personal information. This enables you to receive a copy of the personal information we hold about you.
  • The right to request correction of your personal information if it is inaccurate. You may also supplement any incomplete personal information we have, taking into account the purposes of the processing.
  • The right to request deletion of your personal information if:
    • your personal information is no longer necessary for the purposes for which we collected or processed them; or
    • you withdraw your consent if the processing of your personal information is based on consent and no other legal ground exists; or
    • you object to the processing of your personal information and we do not have an overriding legitimate ground for processing; or
    • your personal information is unlawfully processed; or
    • your personal information must be deleted for compliance with a legal obligation.
  • The right to object to the processing of your personal information. We will comply with your request, unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal information to establish, exercise, or defend a legal claim.
  • The right to restrict the processing of personal information, if:
    • the accuracy of your personal information is contested by you, for the period in which we have to verify the accuracy of the personal information; or
    • the processing is unlawful, and you oppose the deletion of your personal information and request restriction; or
    • we no longer need your personal information for the purposes of processing, but your personal information is required by you for legal claims; or
    • you have objected to the processing for the period in which we have to verify overriding legitimate grounds.
  • The right to data portability. You may request that we send this personal information to a third party, where feasible. You only have this right if it relates to personal information you have provided to us where the processing is based on consent or necessity for the performance of a contract between you and us, and the processing is conducted by automated means.
  • You also have the right to lodge a complaint before your national data protection authority.

You will not usually have to pay a fee to access your personal information (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights).  To the extent you use a third party to submit a data request on your behalf, we may need to take reasonable steps to verify the authenticity of the request. These are security measures to ensure that personal information is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request by clicking here.

Information Uses and Legal Basis

We will only use your personal information under the circumstances permitted by the law or you.

Pursuant to GDPR, we will use your personal information in one or more of the following circumstances:

Information Uses

Information Processing Legal Basis

Registration, membership and other contracts

Where we need to perform the contract we are about to enter into or have entered into with you.

Improve our Services and customization

 

Where it is necessary for our legitimate interests (or those of a third party) to provide or improve Services, including our interest to provide you improved and personalized Services, and where your interests and fundamental rights do not override those interests.

Communication

 

Where you are a registered member, the information uses might be required to perform the contract with you.

Where it is necessary for our legitimate interests (or those of a third party) to communicate with you and your interests and fundamental rights do not override those interests.

Where we need your consent for the information use, we will seek your prior consent.

Legal Compliance

Where it is necessary to meet our legal obligations.

 

International Transfers

Your personal information may be stored or transferred to countries outside the EEA and the UK for the purposes described in this Statement. When we store or transfer your personal information outside the EEA and the UK, we take the following precautions to ensure that your personal information is properly protected.

Whenever we store or transfer your personal information outside the EEA and the UK, we will do so in accordance with applicable law, and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal information are made:

  • to a country recognised by the European Commission as providing an adequate level of protection; or
  • to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.

By using our Services, you understand that your personal information may be transferred to our facilities and those third parties with whom we share it, as described in this Statement.

13. United States

Disclosures

In addition to the further details as described in the Statement, we make the following disclosures:

  • We may collect, disclose, and use the following categories of personal information for our business and commercial purposes: Identifiers/Contact Information, transactional information, commercial information, Internet or other electronic network activity information, geolocation, visual and audio information and inferences drawn from the above.
  • We may collect the following categories of sensitive personal information: government identification cards such as driver’s license; precise geolocation data. We may also collect race, ethnicity, sexual orientation, or religion where you voluntarily disclose it to us, including, for example, in the context of diversity and inclusivity disclosures you choose to make.
  • We collect and use these categories of personal information for the business and commercial purposes described in Section 2 of this Statement.
  • We may disclose each of these categories of personal information for the commercial and business purposes described in this Statement to the extent permitted by applicable law to the categories of third parties as described in Section 3 of this Statement.
  • We collect these categories of personal information from the sources described in Section 1 of this Statement.
  • We may” sell” or “share” categories of personal information, including Identifiers/Contact Information, Internet or other electronic network activity information and inferences drawn from the above. We may “sell” or “share” these categories of personal information to or with the categories of third parties described in Section 3 of this Statement. We do so for the commercial or business purposes described in Section 2.

California Privacy Statement

This California Privacy Statement is provided pursuant to California laws. It applies to California residents and supplements our overall Statement with additional disclosures and rights.

Your California Rights

California residents are permitted one time each year to request certain details about how their personal information is shared with third parties for their direct marketing purposes. To make a request, please submit a request, or write to us at the address listed below. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.

California residents may also take advantage of the following rights:

  • Access. You may request, that we disclose to you the categories and specific pieces of personal information that we have collected about you, the categories of sources from which we collected your personal information, our business or commercial purpose for collecting your personal information, the categories of personal information that we have disclosed for a business purpose, any categories of personal information about you that we have sold, the categories of third parties with whom we have disclosed your personal information, and the business or commercial purpose for collecting, selling, or sharing your personal information, if applicable.
  • Deletion. You may request that we delete your personal information that we maintain about you, subject to certain exceptions. As described in more detail in our Statement, there are some reasons for which we will not be able to fully address your deletion request, such as if we need to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation. You can also access, update, and remove your information by visiting the Member Profile page on our website.
  • Correction. You can request that we correct inaccurate personal information that we maintain about you.
  • Do Not Sell or Share My Personal Information. You may request to opt out of our sale or sharing of your personal information to third parties. For purposes of this California Privacy Statement, “sell” means the sale of your personal information to a third party for monetary or other valuable consideration, subject to certain exceptions set forth in applicable California law. For purposes of this California Privacy Statement, “share” means disclosure of personal information to third parties for cross-context behavior al advertising purposes, subject to certain exceptions in applicable law. To effect the opt out, please click on the “Do Not Sell or Share My Personal Information” button on the bottom of the homepage or submit a request in writing to the contact information below. As described above, we, and certain other companies, place tracking technologies, such as cookies, on our websites which allow us, and those companies, to receive information about your activity on our websites that is associated with your browser or Device. We and these companies may use that data to customize content for you and to serve you more relevant ads on our websites or others. Note that if you would like to opt out of tracking for behavior al advertising purposes, you will need to set your preferences by clicking the “Cookie consent” link at the bottom of the webpage or you may broadcast an opt-out preference signal recognized by Tripadvisor, such as the Global Privacy Control opt-out preference signal (on the browsers or browser extensions that support such a signal). We do not knowingly sell or share the personal information of minors under 16 years of age.

To take advantage of any of these rights, please contact us via our dedicated privacy portal by clicking here or writing to us at Tripadvisor LLC: 400 First Avenue, Needham, Massachusetts, 02494, USA. California residents may designate an authorized agent to make a request on their behalf. When submitting the request, please ensure the authorized agent is identified as an authorized agent. We may need to verify your identity or elements of the request to enable us to process your request. We will take reasonable steps to verify your identity; these verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us. We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. We value your privacy and will not discriminate against California residents in response to your exercise of privacy rights.

13.3 Multi-State Privacy Statement for Virginia, Connecticut, Colorado

This Multi-State Privacy Statement is provided pursuant to applicable state laws and applies to Virginia, Connecticut, and Colorado residents, and supplements our overall Statement with additional disclosures and rights.

If you are a resident of Virginia, Connecticut, or Colorado you may take advantage of the following rights in accordance with applicable law:

  • Confirmation/Access. You can request to confirm whether we process your personal information. Subject to certain exceptions, you can also request a copy of your personal information you provided to us.
  • Deletion. You can request that we delete personal information we have about you.
  • Correction. You can request that we correct inaccurate personal information we maintain about you.
  • Opt Out of Sale. You can request to opt out of the sale of your personal information to a third party.
  • Opt Out of Targeted Advertising. We may display advertisements to you where the ad was selected based on personal information obtained from (or in some instances inferred) from your activities over time and across unaffiliated websites or online applications to predict your preferences or interests. To the extent permitted by law, you can request that we stop using your personal information for such targeted advertising by clicking on the “Cookie consent” link that may be in the footer of our websites. Additionally, you can opt out of certain uses of cookies for advertising purposes by visiting www.aboutads.info/choices. For more information, please see Section 9 above. Your opt-out of cookie-based tracking for advertising purposes is specific to the device, website, and browser you are using; it is deleted whenever you clear your cookies or your browser’s cache.

To take advantage of any of these rights, please contact us via our dedicated privacy portal by clicking here  or in writing at Tripadvisor LLC: 400 First Avenue, Needham, Massachusetts, 02494, USA. Note that Connecticut and Colorado residents may designate an authorized agent to request on their behalf that we stop selling or processing their personal information for targeted advertising purposes. We will take reasonable steps to authenticate your identity prior to responding to your requests. The authentication process will vary depending on the sensitivity of the personal information and whether you have an account with us. We will use commercially reasonable efforts to authenticate the identity of authorized agents and their authority to submit requests on your behalf.  

We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations. You have the right to submit an appeal if you are not satisfied with the outcome of your request by submitting a request here.

14. Korea

Korean Privacy Laws Statement

This Korea Statement applies to persons in the Republic of Korea. This Korea Statement supplements our Statement; however, where the Statement conflicts with the Korea Statement, the Korea Statement will prevail as to persons in Korea.

Purpose and Retention of Information Collected

We process the personal data we have collected for the purposes set forth below. We will retain your personal data in accordance with the Statement and as described in further detail below.

Type of personal data

Purpose and use

Retention period

Contact information, including email address, name, username (Mandatory)

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To host user generated content such as reviews, ratings, forum posts, etc.
  • To facilitate reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the Services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To measure interest in and improve our products, Services and website; and to customize user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities.

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

Contact information, including postal address, telephone number (Optional)

User submitted content (to the extent that it contains personally identifiable attributes) (Mandatory)

  • To host user generated content, such as reviews, ratings, forum posts, etc.

IP and/or browser/device data (Mandatory)

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To host user generated content such as reviews, ratings, forum posts, etc.
  • To facilitate reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To measure interest in and improve our products, Services and site; and to customize user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities

Email user subscription preferences, including unsubscribe status (Mandatory)

  • To communicate with users in general, particularly regarding the website/app and the Services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.

Session and location data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made) (Mandatory)

  • To measure interest in and improve our products, Services and site; and to customize user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited, fraudulent or illegal activities.

 

Location data (Optional)

  • To measure interest in and improve our products, Services and site; and to customize user experiences.
  • To notify users about promotions and targeted marketing campaigns.

 

 

Rights Under Korean Privacy Laws

You have certain rights regarding your personal data. Your rights with respect to your own personal data include those under the Statement and the following:

  • The right to consent to the collection of your personal data. When we request your personal data, the data that is mandatory for the services that are being provided will be marked accordingly. You can choose not to provide us with the requested data but this may impede your use or access of the relevant services.
  • The right to consent to the sharing of your personal data, delegation of processing of your personal data or international transfer of your personal data.
  • The right to request access, correction, deletion and suspension of processing of personal data to the extent permitted under Article 35, Section 5 and Article 37, and Section 2 of the Personal Information Protection Act.
  • You can exercise your rights by filing a request here. You may also appoint an attorney-in-fact to exercise your rights by submitting a power of attorney to us in the form of Appendix 11 prescribed under the Regulations of the Personal Information Protection Act. We reserve the right to request specific information from you to help us confirm your identity or verify the identify and relationship of your attorney-in-fact and ensure your right to access your personal data (or to exercise any of your other rights).

Children’s Data

Tripadvisor is a general audience site and does not offer services directed to minors. We do not knowingly collect data relating to minors. If a person whom we know is under 14 years of age sends us personal data, we will delete or destroy this information as soon as reasonably possible.

Information Sharing and International Transfers

We may share information with third parties, such as those listed below, in order to facilitate some of our Services and products. There may also be legal reasons for which we have to share your personal data. Some of our Services and products require that we share information with the third parties listed below. There may also be legal reasons that we have to share your personal data.

To efficiently provide our Services to you, we have delegated certain processing functions as described below to the third parties listed below. We will obtain your consent when you provide your information and delegate processing to such third parties pursuant to the agreements in place with such third parties.

Your personal data may be stored or transferred to countries outside Korea for the purposes described in this Statement. When we store or transfer your personal data outside Korea, we will notify you and request your consent unless such transfer is being made for the purpose of performing the services requested by you and to further your convenience.

Third Party Details

Purpose and Use

Shared/Transferred Personal Data

Retention period

Salesforce.com, Inc.

USA

Salesforce Data Protection Officer (Salesforce Privacy Team)

415 Mission St., 3rd Floor

San Francisco, CA 94105, USA

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To facilitate reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the Services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
  • User submitted content (to the extent that it contains personally identifiable attributes).

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

(Optional)

  • Contact information, including postal address, telephone number

Zendesk, Inc.

USA

Zendesk’s European Representative:

Zendesk International Ltd

Attn: Rachel Tobin, AGC, EMEA & Global Privacy Counsel

55 Charlemont Place, Saint Kevin’s, Dublin, D02 F985 Ireland

privacy@zendesk.com

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To host user generated content such as reviews, ratings, forum posts, etc.
  • To facilitate reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the Services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities

(Mandatory)

  • Contact information, including email address, number, username.
  • User submitted content (to the extent that it contains personally identifiable attributes).
  • IP and/or browser/device data
  • Email user subscription preferences, including unsubscribe status
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

Contact information, including postal address, telephone number

Amazon Web Services, Inc.

USA

AWS Korea Privacy

Email: aws-korea-privacy@amazon.com

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Snowflake Computing, Inc.

USA

privacy@snowflake.com

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Google LLC

USA

Keith Enright

Chief Privacy Officer

Google LLC

Google Data Protection Office

1600 Amphitheatre Parkway

Mountain View, California 94043

https://support.google.com/policies/troubleshooter/7575787?visit_id=637109041821835307-4099556209&rd=2

  • To manage user registration and the account, and to facilitate access to and use of the website/app.
  • To measure interest in and improve our products, services and site; and to customize user experiences.
  • To administer and protect our business, to resolve disputes or troubleshoot problems and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number
  • Location data

SYNNEX-Concentrix UK Limited

United Kingdom

Vasanthika Srinath

DPO@concentrix.com

  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Email user subscription preferences, including unsubscribe status

(Optional)

  • Contact information, including postal address, telephone number

OneTrust, LLC

USA

OneTrust, LLC

1200 Abernathy Road

Atlanta, GA 30328

United States

Andrew Clearwater

dpo@onetrust.com

  • To communicate with users in general, particularly regarding the website/app and the services; user questions, requests and comments;

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Email user subscription preferences, including consent status
  • Session data and online activity

(Optional)

  • Contact information, including postal address, telephone number

Tableau Software, Inc.

USA

Tableau Software, Inc., Attn: Tableau Legal, 1621 N 34th St., Seattle, Washington 98103

privacy@tableau.com

  • To measure interest in and improve our products, services and site; and to customize user experiences.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Email user subscription preferences, including unsubscribe status
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number
  • Location data

Twilio, Inc.

USA

375 Beale Street, Suite 300, San Francisco, CA 94105

Office of the Data Protection Officer

privacy@twilio.com

  • To notify users about promotions and targeted marketing campaigns.

(Mandatory)

  • Contact information, including email address, name, username.
  • IP and/or browser/device data
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number
  • Location data

 

 

Information Security

We want you to feel confident about using our Services so we are committed to protecting the information we collect. We have implemented the following administrative, technical, and physical security procedures to help protect the personal information that you provide us.

  • Administrative Security Procedures: Only a limited number of authorized workers are permitted access to personal data in accordance with internal access controls. Access is granted on a role permission basis only for permitted business functions.
  • Technical Security Procedures: Personal data is encrypted when it is transmitted. We use firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to personal data. Certain user data may be hashed depending on its sensitivity.
  • Physical Security Procedures: Data is secured in lockdown restricted cages. This data is stored in restricted data centres. Hard drives are physically destroyed when replaced and we have internal procedures in place to secure access to restricted server rooms and physical assets.

Destruction and Deletion of Information

We will destroy or delete your data when the data retention period has lapsed, when you no longer maintain your account or if the purpose of data collection has been achieved.

The procedure and method of destruction and deletion is as follows:

  • Procedure: Personal Information is disposed of, destroyed, or deleted for the protection of information in accordance with our internal company policy and other applicable laws, after the purpose of its collection has been fulfilled.
  • Method: Personal Information in paper format will be destroyed using paper shredder, and Personal Information stored in electronic format will be destroyed using technical methods which make the records unrecoverable.

Contact

You can exercise several of your rights through the personal information section of your account. To exercise your other rights, you can file a request by clicking here, or you can contact our representative in Korea, who has been appointed in accordance with the applicable Korean law for the purpose of handling personal data protection questions or requests in Korea.

The contact details of our representative are:

LAB Partners (Managing Partner: Youngju Kim)

Tel:                  02-6956-6311

Email:               tripadvisor@labpartners.co.kr

Address:           8th Floor, VPLEX, 501 Teheran-ro,

Gangnam-gu, Seoul, Korea 06168

LAB Partner’s role in this respect is limited solely to being a contact point for questions or requests on personal data protection from persons in Korea and data protection supervisory authorities. For the avoidance of doubt, LAB Partners cannot field other communications or legal process on behalf of Tripadvisor LLC.

15. Brazil

Brazilian General Data Protection Law (“LGPD”) Statement

This LGPD Statement is applicable whenever you access our website and application provided in Brazil. This LGPD Statement supplements our Statement; however, where the Statement conflicts with the LGPD Statement, the LGPD Statement will prevail as to persons in Brazil.

This LGPD Statement is intended to help you understand what information is collected, why we collect it, whether we share it, and with whom. In addition, this LGPD Statement is intended to inform you of your rights in connection with this information and how to exercise them.

Controller of Personal Information

Tripadvisor LLC is the data controller of personal information we collect; however, in accordance with applicable Brazilian data privacy law, we have appointed a Data Protection Officer (“DPO”) in Brazil:

Opice Blum, Bruno e Vainzof Advogados Associados

tripadvisor@opiceblum.com.br

Information Uses

We will only use your personal data when the law allows us.

Pursuant to LGPD, we may use your personal information in one of or more of the following circumstances:

  • Meet the purpose given at the time of collection, including to allow the performance of the contract we have entered into with you.
  • Comply with legal or regulatory obligations, regulations of government agencies, tax authorities, judiciary, and/or other competent authorities.
  • Allow the regular exercise of our rights guaranteed by law, including as evidence in judicial, administrative, or arbitration proceedings.
  • Enable the necessary activities for our operations involving the continuity of our operations whilst balancing against your interests and expectations so as not to cause a detriment to your interests, rights and fundamental freedoms.
  • Fulfill the purpose for which the information was provided or for other purposes compatible with them and informed to you at the time of collection of your data. For example, we may process your data when contacting our service channels, including for information about our products or for your feedback.
  • Based on our legitimate interests, we may also process your personal information, for example, to enable our communication and marketing activities and improve our products, services, and relationships with our customers and partners whilst balancing against your interests and expectations so as not to cause a detriment to your fundamental rights or freedoms.
  • Prevent fraud and ensure your safety to detect, prevent, and investigate fraudulent activity.

Your Rights Under LGPD and How to Exercise them

You have the following rights relating to your services:

  • Know if we process any of your personal information, including the types of personal information.  
  • Correct incomplete, inaccurate, or outdated personal information.
  • Request anonymization, blocking or deletion of unnecessary, excessive, or perhaps unlawful information.
  • Request the portability of your information to another service provider or product.
  • Request the deletion of the data processed with your consent.
  • When the processing activity requires your consent, you may refuse to provide your consent, and we will inform you of the consequences of your refusal.
  • When the processing activity requires your consent, at any time you can revoke it.

You may exercise these rights directly on our website and application, for example by editing your registration information directly in your member profile. You can also submit a request directly on our privacy portal by clicking here.

You may also contact our DPO, whose contact details are made available at the beginning of this LGPD Statement.

You will not have to pay fees to access your personal information (or to exercise any of the other rights described in this LGPD Statement).

We may need to request specific information from you to confirm your identity and secure your right to access your personal information (or exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to anyone who does not have the right to receive it. In an effort to speed up our response, we may also contact you to request more information regarding your request.

In specific cases, your request may not be fulfilled. In these cases, we will explain the justifications for our refusal. For example, requests involving personal information and/or documents of other individuals will not be shared so as to protect the privacy of those individuals unless permitted by applicable law.

In the case of request for deletion, we may keep your personal information if there is a legal basis that authorises us to do so, as in the case of mandatory storage for a minimum period determined by applicable laws.

Information Sharing and International Transfers

We may share information with third parties in order to facilitate some of our services and products. There may also be legal reasons that we have to share your personal information. Some of our services and products require that we share information with third parties. There may also be legal reasons that we have to share your personal information.

To efficiently provide our Services to you, we have delegated certain processing functions to third parties. Please see “Information Sharing” section above for more information.

Your personal information may be stored or transferred to countries outside Brazil for the purposes described in this Statement. Such transfers are generally made for the purpose of performing the Services made available to you and are made in accordance with any applicable legal requirements, including with the relevant safeguards and security.

Information Security

We have implemented the following administrative, technical, and physical security procedures to help protect your personal information.

  • Administrative security procedures: a limited number of authorized workers have access to personal data in accordance with internal access controls. Access is granted based on role permission only for allowed business roles.
  • Technical security procedures: The personal information is encrypted when it is transmitted. We use firewalls and intrusion detection systems to help prevent unauthorized people from accessing personal data. Certain user data can be hashed or encrypted depending on its sensitivity or processing activity.
  • Important security procedures: the data is protected and stored in restricted data centers. Hard drives are physically destroyed when replaced, and we have built-in procedures to ensure access to restricted server rooms and physical assets.

Retention of Personal Information

We may retain your information if it is necessary to comply with a legal or regulatory obligation or for our legitimate interests in connection with the purposes set out in this Statement. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

The procedure and method of destruction and exclusion are as follows:

  • Procedure: Personal information is deleted, destroyed, or deleted in accordance with our company's internal policy and other applicable laws.
  • Method: Personal information in paper format will be destroyed securely, such as using paper shredders. Personal information stored in electronic format will be destroyed using technical methods that make records unrecoverable.

Previous: https://tripadvisor.mediaroom.com/Privacy-Policy-2022

Information Collected

When you access or use our Services, we collect information from and about you to provide a more personalized and relevant experience. Some information we collect automatically. Other information we collect from different sources, including affiliated entities, business partners, and other independent third-party sources. When you use our Services by “clicking-through” from a third-party site or when you visit third-party sites via our Services, those third-party sites may share information with us about your use of their service. Information collected may include the following:

  • Contact information, including name, phone number and postal and email addresses
  • Billing or payment information (such as your credit card number, cardholder name, expiration date, authentication code, and billing address)
  • User name and password
  • Photos, reviews, forum and social posts, and videos you may have provided to us
  • Geolocation information
  • Device information, such as when you accessed our Services and information about the Device used (for example, IP address, software or internet browser used, preferred languages, unique Device identifiers and advertising identifiers)
  • Online activity, including pages you have visited, content reviewed, and apps reviewed
  • Purchasing history
  • Information about your travel plans and preferences

We may also collect, in instances where you have provided it, information about other travellers, including their email address and other travel-related information. If you are sharing information with us about other individuals, you must obtain their consent. You must obtain the consent of any other individuals if you are providing their data to us.

In addition to the categories noted above, we may also collect location information if you have instructed your Device to send such information via the privacy settings on that Device, or, for example, if you have uploaded photos tagged with location information. We may use your location information directly and/or share your location with third-parties. We collect and share location information in order to provide you with relevant content, to analyze your use of our Services, to improve our Services and to provide contextual advertising or recommendations. For example, we may use your location to show you reviews of hotels, restaurants or attractions near you when you are traveling.

You can change the privacy settings of your Device at any time in order to turn off the functionality that collects and shares location information and/or the functionality to tag your photos with location information. However, turning off location-sharing may affect certain features we offer. If you have any questions about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.

Please see the section on Cookies below for more information regarding the use of cookies and other technology described in this section, including regarding your choices relating to such technologies.

Information Uses

We are committed to providing you with relevant content on our Services and respect the data privacy laws of the different jurisdictions which we operate in. We use information about you so we can help you enjoy and use our Services, including in the following ways:

  • Register and manage your account, including to allow you access to and use of our Services
  • Facilitate your bookings
  • Measure interest in and improve our Services
  • Notify you about special offers and products or services available from us, our affiliates, or our partners that may be of interest to you
  • Communicate with you
  • Enable communication between registered users and owners/representatives of listings on our Services
  • Enable us to publish your reviews, forum posts, photos, videos and other content
  • Customize your experience, including customizing the ads shown to you on our Services and across the internet
  • Make inferences about your interests or preferences
  • Provide you with an optimized experience and to group users of our Services based on, for example, usage and demographics
  • Send you survey or market research invitations
  • Respond to your questions and comments
  • Resolve disputes or troubleshoot problems
  • Prevent potentially prohibited or unlawful activities
  • Enforce our terms of use and notices; and as otherwise described to you at the point of collection

Please note some information about you is required in order for us to provide you with relevant offerings from us, our affiliates, and our partners and to enable you to enjoy other benefits of being a registered user. Please review the “Information Choices” section below with respect to your choices related to the collection and use of your information.

Information Sharing

In order to provide some of our Services, we may need to share information with certain other third-parties, including our group of companies, in the following circumstances:

  • Our Group of Companies. We share information with companies in our corporate family so we can provide you with information about products and services, both travel-related and others, which might interest you. These companies and websites will comply with this Statement and all applicable laws governing the transmission of promotional communications.
  • Suppliers. We share information with certain suppliers used to facilitate our Services, including to help with transactions, such as any reservations you might make, for example, sharing data with a restaurant if you make a reservation using our Services.  
  • Business Partners. We may share information about you, your Devices and your use of our Services with our trusted business partners. For example, we may share information so that we can provide you with relevant content or in order to facilitate payment for products or services you may purchase on the websites of our partners. This sharing is generally pursuant to written agreements which include confidentiality, privacy and security obligations; however, note that we do not control the privacy practices of these third-party business partners.
  • Social Media Sites. When you use our Services and elect to share information with third-party social media sites, the information you share will be governed by the privacy policies of those social media sites and the privacy settings you have set with those social media websites.
  • Advertising Networks. We sometimes collect and share information about your interests with advertising networks. Some of these companies are members of the Network Advertising Initiative, or the Digital Advertising Alliance, which offer a single location to opt-out of ad targeting from member companies. To learn more, please click here.
  • Other third-parties, such as referring websites. Third-parties may also assist us in collecting information by, for example, operating features of our website or facilitating the delivery of online advertising tailored to your interests. We may share audience segments and other information with third-parties that use that information for tailored advertising to you.

Third-parties may only collect or access information as needed to perform their permitted functions.

Certain Device operating system versions permit you to opt out of certain types of information sharing, including to certain advertising networks. Please check your Device settings if you want to limit such tracking.

Information Choices

You have options with respect to the collection and use of your information. You can access, update and even close your account by visiting the Member Profile page on our website

Your options:

●    You may choose the way we communicate with you. You can choose not to provide us with certain information, although it may be needed to take advantage of certain features offered on our websites.

●    You can prevent the collection of geolocation information, but note that turning off location sharing may affect certain features of our Services.

●    You also can add or update information and close your account. If you close your account, we will deactivate your account and remove your profile information from active view. We may retain some information associated with your account (including past transactions) for internal purposes including backups, fraud prevention, dispute resolution, investigations, and legal compliance for the period necessary to fulfill the purposes outlined in this Statement.

●    As a registered member, you can modify your marketing subscriptions, including email subscription choices at any time within your member settings. You also will be given the opportunity to unsubscribe from promotional messages, including emails with travel-related opportunities, in any such email we send.

Information Transfers

We are a global company and operate in many different jurisdictions. If we transfer your information to other countries, we will use and protect that information as described in this Statement and in accordance with applicable law.

Information Security

We have implemented appropriate administrative, technical, and physical security procedures to help protect your information.

We only authorize specific employees to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.

Information Retention

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

Do Not Track Signals

Our website is not designed to currently respond to “Do Not Track” (“DNT”) signal requests from browsers. This is due to the lack of global standardized interpretation that defines “Do Not Track” signals. Once the industry has settled on standards related to this issue, we may re-evaluate this approach.

Cookies

We want your access to our Services to be as easy, efficient and useful as possible. To help us do this, we use cookies and similar technologies to improve your experience, to enhance site security and to show you relevant advertising.

What are cookies?

Cookies are small text files that are automatically placed on your Device when you visit almost any website. They are stored by your internet browser and contain basic information about your internet use. Your browser sends these cookies back to a website every time you revisit it, so it can recognize your Device and improve your experience by, among other things, providing you with personalized content. We also use cookies to remember your login details, so you don’t have to re-enter them repeatedly when you use our Services. Other cookies help us understand your preferences.

The cookies we use fall into three categories.

Category

Example
 

Essential

These cookies are necessary to help you access and move around the website and use all its features. Without these cookies, the website would not work properly and you would not be able to use certain important features. For example, we use a cookie to keep you logged in during your visit, so the site does not require you to log in repeatedly to access different pages. We may also use essential cookies for fraud detection and prevention purposes.

You cannot turn off essential cookies through the Cookie Consent Tool, as such cookies are necessary for you to access and use the features of the website.
 

Analytics and customisation

We use these cookies to help us understand how the website is being used and how we can improve your experience on it. These cookies can provide us with information to help us understand which parts of the website interest our visitors and if they experience any errors. We use these cookies to test different designs and features for our sites and we also use them to help us monitor how visitors reach the website.

We also use cookies to save your settings and preferences on the website, such as language preference and information you've previously entered when searching for travel options. Some customization cookies are essential if you want to use certain features of the website.
 

Advertising

Advertising cookies help ensure that the advertisements you see are as relevant to you as possible. For example, some advertising cookies help select ads that are based on your interests. Others help prevent the same ad from continuously reappearing for you.

We also use cookies to make it easy to share content from the website with your friends through your favorite social networks. Social media sites, may set cookies that recognize you when you view content on the website and allow you to share content across both the website and the social media site via the use of sharing settings. For further details, please check your social media site’s terms of use and privacy policy.

We also work with third-party advertisers to give you access to travel content that might be of interest, and may set cookies on our Services to provide you with advertising that matches your interests and preferences. These "third-party cookies" collect information about your browsing behaviour and interaction with ads or the Services more generally. This information also helps us limit the number of times you may see the same ads and improve your online experience.

Cookie Consent Tool

To give you control, we provide you with a Cookie Consent Tool, which allows you to review the first party and third-party cookies placed through our website and adjust your cookie settings, including whether to accept or decline such cookies.

You can access the Cookie Consent Tool by clicking the “Cookie Consent” link at the bottom of every page or by modifying your preferences in our cookie banner. In addition, you can manage cookies through the settings of your internet browser. You can have the browser notify you when you receive a new cookie, delete individual cookies or delete all cookies.

Most advertising networks offer you a way to opt out of advertising cookies. See www.aboutads.info/choices/ and www.youronlinechoices.com for useful information on how to do this.

If you delete your cookies, your access to some functionality and areas of our Services might be degraded or restricted.

Our use of any information we collect through cookies is subject to this Statement, which is linked on every page of our website.

Statement Changes and Notification

We may update this Statement in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Statement on the website. We will note at the top of this Statement when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Statement for the latest information on our privacy practices

Contact

If you have a data privacy request, such as a request to delete or access your data, please visit our dedicated privacy portal by clicking here.  For general data privacy inquiries or questions concerning our Privacy and Cookies Statement, please contact our privacy team by clicking here.

Europe

General Data Protection Regulation Privacy Statement (“GDPR Statement”)

This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Statement; however, where the Statement conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons in the EEA.

Controller of Personal Information

Tripadvisor LLC is the data controller of personal information we collect, however, in accordance with applicable data privacy law, we have appointed representatives within the European Union and United Kingdom.

The contact details of our European Union representative are:

Tripadvisor Ireland Limited
C/O Matheson
70 Sir John Rogerson's Quay
Dublin 2
D02 R296
Ireland 
Attn: Privacy Officer

The contact details of our United Kingdom representative are:

Tripadvisor Limited
7 Soho Square
London
W1D 3QB
United Kingdom
Attn: Privacy Officer
 

Tripadvisor Ireland Limited and Tripadvisor Limited’s roles in this respect are limited solely to being a contact point for questions on data protection from European residents and data protection supervisory authorities. For the avoidance of doubt, neither Tripadvisor Ireland Limited and Tripadvisor Limited can field other communications or legal process on behalf of Tripadvisor LLC.

Your rights under GDPR

You have certain rights regarding your personal data.

Your rights with respect to your own personal data include the following:

  • The right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you.
     
  • The right to request to correct your personal data if it is inaccurate. You may also supplement any incomplete personal data we have, taking into account the purposes of the processing.
     
  • The right to request deletion of your personal data if:
    • your personal data is no longer necessary for the purposes for which we collected or processed them; or
    • you withdraw your consent if the processing of your personal data is based on consent and no other legal ground exists; or
    • you object to the processing of your personal data and we do not have an overriding legitimate ground for processing; or
    • your personal data is unlawfully processed; or
    • your personal data must be deleted for compliance with a legal obligation.
       
  • The right to object to the processing of your personal data. We will comply with your request, unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal data to establish, exercise or defend a legal claim.
     
  • The right to restrict the processing of personal data, if:
    • the accuracy of your personal data is contested by you, for the period in which we have to verify the accuracy of the personal data; or
    • the processing is unlawful and you oppose the deletion of your personal data and request restriction; or
    • we no longer need your personal data for the purposes of processing, but your personal data is required by you for legal claims; or
    • you have objected to the processing, for the period in which we have to verify overriding legitimate grounds.
       
  • The right to data portability. You may request that we send this personal data to a third-party, where feasible. You only have this right if it relates to personal data you have provided to us where the processing is based on consent or necessity for the performance of a contract between you and us, and the processing is conducted by automated means.
  • You also have the right to lodge a complaint before your national data protection authority.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request by clicking here.

Information Uses

We will only use your personal data when the law allows us to.

Pursuant to GDPR, we will use your personal data in one or more of the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you
  • Where it is necessary for our legitimate interests (or those of a third-party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation
  • With your consent
International Transfers

Your personal data may be stored or transferred to countries outside the EEA for the purposes described in this Statement. When we store or transfer your personal data outside the EEA, we take the following precautions to ensure that your personal data is properly protected.

Whenever we store or transfer your personal data outside the EEA, we will do so in accordance with applicable law and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal data are made:

  • to a country recognised by the European Commission as providing an adequate level of protection; or
  • to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.

By using our services, you understand that your personal data may be transferred to our facilities and those third-parties with whom we share it as described in this Statement.

California

California Consumer Privacy Act Privacy Statement (“CCPA Statement”)

This CCPA Statement is provided pursuant to the California Consumer Privacy Act (“CCPA”) and applies to California residents and supplements our overall Statement with additional disclosures and rights.

Your rights under CCPA

As of January 1 2020, California law permits residents of California to request certain details about how their personal information is shared with third-parties or affiliated companies for direct marketing purposes.

California residents may also take advantage of the following rights:

  • You may request, up to two times each year, that we disclose to you the categories and specific pieces of personal information that we have collected about you, the categories of sources from which your personal information is collected, the business or commercial purpose for collecting your personal information, the categories of personal information that we disclosed for a business purpose, any categories of personal information about you that we sold, the categories of third-parties with whom we have shared your personal information, and the business or commercial purpose for selling your personal information, if applicable.
  • You may request that we delete any personal information that we have collected from or about you. As described in more detail in our Statement, there are some reasons we will not be able to fully address your deletion request, such as if we need to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation. You can also access, update, and remove your information by visiting the Member Profile  page on our website.
  • You may request to opt out of our sale of your personal information to third-parties for their direct marketing purposes. This means that, if you opt out, going forward, we will not share your information with such third-parties to use for their purposes unless you later direct us to do so. To effect the opt out, please click on the Do Not Sell My Personal Information link on our website footer or submit a request in writing to the contact information below.

To take advantage of your disclosure and deletion rights, please contact us via our dedicated privacy portal by clicking hereWe may need to verify your identity to enable us to process your request. We value your privacy and will not discriminate in response to your exercise of privacy rights. We will respond to your request within 45 days of receipt of your request, after proper verification, unless we need additional time, in which case we will let you know.

Disclosures

For purposes of compliance with the CCPA, in addition to the further details as described in the Statement, we make the following disclosures:

  • We collect the following categories of personal information:  Identifiers/Contact Information, transactional information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.
  • We sell the following categories of personal information:  Identifiers/Contact Information, Internet or other electronic network activity information, and inferences drawn from the above.
  • We disclose the following categories of personal information for a business purpose:  Identifiers/Contact Information, commercial information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above. 

Korea

Korean Privacy Laws Statement (“Korea Statement”)

This Korea Statement applies to persons in the Republic of Korea (“Korea”). This Korea Statement supplements our Statement; however, where the Statement conflicts with the Korea Statement, the Korea Statement will prevail as to persons in Korea.

Purpose and Retention of Information Collected

We, Tripadvisor LLC, process the personal data we have collected for the purposes set forth below. We will retain your personal data in accordance with the Statement and as described in further detail below.

Type of personal data

Purpose and use

Retention period

Contact information, including email address, name, username (Mandatory)

  • To manage user registration, the account, and facilitate access to and use of the website/app.
  • To publish user generated content such as reviews, ratings, forum posts, etc.
  • To facilitate and manage reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To measure interest in and improve our products, services and site; and to customise user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

Contact information, including postal address, telephone number (Optional)

User submitted content (to the extent that it contains personally identifiable attributes) (Mandatory)

  • To publish user generated content, such as reviews, ratings, forum posts, etc.

IP and/or browser/device data (Mandatory)

  • To manage user registration, the account, and facilitate access to and use of the website/app.
  • To publish user generated content such as reviews, ratings, forum posts, etc.
  • To facilitate and manage reservations, including sending booking confirmations and updates.
  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
  • To measure interest in and improve our products, services and site; and to customise user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities

Email user subscription preferences, including unsubscribe status (Mandatory)

  • To communicate with users in general, particularly regarding, the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.

Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made) (Mandatory)

  • To measure interest in and improve our products, services and site; and to customise user experiences.
  • To notify users about promotions and targeted marketing campaigns.
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

Location data (Optional)

  • To measure interest in and improve our products, services and site; and to customise user experiences.
  • To notify users about promotions and targeted marketing campaigns.
Rights under Korean Privacy Laws

You have certain rights regarding your personal data. Your rights with respect your own personal data include those under the Statement and the following:

  • The right to consent to the collection of your personal data. When we request your personal data, the data that is mandatory for the services that are being provided will be marked accordingly. You can choose not to provide us with the requested data but this may impede your use or access of the relevant services. 

 

  • The right to consent to the sharing of your personal data, delegation of processing of your personal data or international transfer of your personal data.

 

  • The right to request access, correction, deletion, suspension of processing of personal data to the extent permitted under Article 35, Section 5 and Article 37, Section 2 of the Personal Information Protection Act. 

 

You can exercise your rights by filing a request here. You may also appoint an attorney-in-fact to exercise your rights by submitting a power of attorney to us in the form of Appendix 11 prescribed under the Regulations of the Personal Information Protection Act. We reserve the right to request specific information from you to help us confirm your identity or verify the identify and relationship of your attorney-in-fact and ensure your right to access your personal data (or to exercise any of your other rights).

Children’s Data

Tripadvisor is a general audience site and does not offer services directed to minors. We do not knowingly collect data relating to minors. If a person whom we know is under 14 years of age sends us personal data, we will delete or destroy this information as soon as reasonably possible.

Information Sharing and International Transfers

We, Tripadvisor LLC, may share information with third-parties, such as those listed below, in order to facilitate some of our services and products.There may also be legal reasons that we have to share your personal data. Some of our services and products require that we share information with the third-parties listed below. There may also be legal reasons that we have to share your personal data.

To efficiently provide our services to you, we have delegated certain processing functions as described below to the third-parties listed below. We will obtain your consent when provide your information and delegate processing to such third-parties pursuant to the agreements in place with such third parties

Your personal data may be stored or transferred to countries outside Korea for the purposes described in this Statement. When we store or transfer your personal data outside Korea, we will notify you and request for your consent unless such transfer is being made for the purpose of performing the services requested by you and to further your convenience. 

 

Third Party Details

Purpose and Use

Shared/Transferred Personal Data

Retention period

Salesforce.com, Inc.
USA
Salesforce Data Protection Officer (Salesforce Privacy Team)
415 Mission St., 3rd Floor
San Francisco, CA 94105, USA

  • To manage user registration, the account, and facilitate access to and use of the website/app.
     
  • To publish user generated content such as reviews, ratings, forum posts, etc.
     
  • To facilitate and manage reservations, including sending booking confirmations and updates.
     
  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
     
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • User submitted content (to the extent that it contains personally identifiable attributes.

We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.

 

 

(Optional)

  • Contact information, including postal address, telephone number

Zendesk, Inc.
USA
Zendesk’s European Representative:
Zendesk International Ltd
Attn: Rachel Tobin, AGC, EMEA & Global Privacy Counsel
55 Charlemont Place, Saint Kevin’s, Dublin, D02 F985 Ireland
privacy@zendesk.com

  • To manage user registration, the account, and facilitate access to and use of the website/app.
     
  • To publish user generated content such as reviews, ratings, forum posts, etc.
     
  • To facilitate and manage reservations, including sending booking confirmations and updates.
     
  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.
     
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, number, username.
     
  • User submitted content (to the extent that it contains personally identifiable attributes).
     
  • IP and/or browser/device data
     
  • Email user subscription preferences, including unsubscribe status
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Amazon Web Services, Inc.
USA
AWS Korea Privacy
Email: aws-korea-privacy@amazon.com

  • To manage user registration, the account, and facilitate access to and use of the website/app.
     
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Snowflake Computing, Inc.
USA
privacy@snowflake.com

  • To manage user registration, the account, and facilitate access to and use of the website/app.
     
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Google LLC
USA
Keith Enright
Chief Privacy Officer
Google LLC
Google Data Protection Office
1600 Amphitheatre Parkway
Mountain View, California 94043
https://support.google.com/policies/troubleshooter/7575787?visit_id=637109041821835307-4099556209&rd=2

  • To manage user registration, the account, and facilitate access to and use of the website/app.
     
  • To measure interest in and improve our products, services and site; and to customise user experiences.
     
  • To administer and protect our business, to resolve disputes or troubleshoot problems, and to prevent potentially prohibited or illegal activities.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number
     
  • Location data

SYNNEX-Concentrix UK Limited
United Kingdom
Vasanthika Srinath
DPO@concentrix.com

  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Email user subscription preferences, including unsubscribe status

(Optional)

  • Contact information, including postal address, telephone number

OneTrust, LLC
USA
OneTrust, LLC
1200 Abernathy Road
Atlanta, GA 30328
United States
Andrew Clearwater
dpo@onetrust.com

  • To communicate with users in general, particularly regarding the website/app and the services; user questions and comments; notifying users of changes to terms, including privacy policies; prompting users to leave a review or complete a survey; and to administer the website/app and diagnose problems.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Email user subscription preferences, including unsubscribe status
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number

Tableau Software, Inc.
USA
Tableau Software, Inc., Attn: Tableau Legal, 1621 N 34th St., Seattle, Washington 98103
privacy@tableau.com

  • To measure interest in and improve our products, services and site; and to customise user experiences.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Email user subscription preferences, including unsubscribe status
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

 

(Optional)

  • Contact information, including postal address, telephone number
     
  • Location data

Twilio, Inc.
USA
375 Beale Street, Suite 300, San Francisco, CA 94105
Office of the Data Protection Officer
privacy@twilio.com

  • To notify users about promotions and targeted marketing campaigns.

(Mandatory)

  • Contact information, including email address, name, username.
     
  • IP and/or browser/device data
     
  • Session data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches, and/or reservations facilitated or made.

(Optional)

  • Contact information, including postal address, telephone number
     
  • Location data
Information Security

We want you to feel confident about using our Services so we are committed to protecting the information we collect. We have implemented the following administrative, technical, and physical security procedures to help protect the personal information you provide to us.

  • Administrative Security Procedures: Only a limited number of authorised workers are permitted access to personal data in accordance with internal access controls. Access is granted on a role permission basis only for permitted business functions.
     
  • Technical Security Procedures: Personal data is encrypted when it is transmitted. We use firewalls and intrusion detection systems to help prevent unauthorised persons from gaining access to personal data. Certain user data may be hashed depending on its sensitivity.
     
  • Physical Security Procedures: Data is secured in lockdown restricted cages. This data is stored in restricted data centers. Hard drives are physically destroyed when replaced and we have internal procedures in place to secure access to restricted server rooms and physical assets.
Destruction and Deletion of Information

We will destroy or delete your data in the event the data retention period has lapsed, you no longer maintain your account or if the purpose of data collection has been achieved. 

The procedure and method of destruction and deletion is as follows: 

  • Procedure: Personal Information is disposed of, destroyed or deleted for the protection of information in accordance with our internal company policy and other applicable laws, after the purpose of its collection has been fulfilled.
  • Method: Personal Information in paper format will be destroyed using paper shredder, and Personal Information stored in electronic format will be destroyed using technical methods which make the records unrecoverable.    
Contact

You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request by clicking here or you can contact our representative in Korea who has been appointed in accordance with the applicable Korean law for the purpose of handling personal data protection questions or requests in Korea. 

The contact details of our representative are:

LAB Partners (Managing Partner: Youngju Kim)

Tel:                  02-6956-6311

E-mail:             tripadvisor@labpartners.co.kr

Address:          8th Floor, VPLEX, 501 Teheran-ro,

Gangnam-gu, Seoul, Korea 06168

LAB Partner’s role in this respect is limited solely to being a contact point for questions or requests on personal data protection from persons in Korea and data protection supervisory authorities.  For the avoidance of doubt, LAB Partners cannot field other communications or legal process on behalf of Tripadvisor LLC.