← Back to Grizz

GRIZZLY TRAVEL AI

Privacy Policy

Effective Date: [INSERT DATE]

Last Updated: February 2026

This Privacy Policy describes how we collect, use, disclose, and protect your personal information.

1. Introduction

Grizzly Travel AI, a sole proprietorship registered in the Province of British Columbia, Canada (“Grizzly Travel AI,” “we,” “us,” or “our”), is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard personal information when you access or use our website, mobile applications, AI-powered tools, and related services (collectively, the “Platform”).

This Privacy Policy applies to all Users of the Platform, regardless of location. We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), British Columbia’s Personal Information Protection Act (PIPA), the General Data Protection Regulation (GDPR) where applicable to Users in the European Economic Area (EEA) and United Kingdom, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) where applicable to California residents, and other applicable data protection laws in the jurisdictions in which we operate.

2. Information We Collect

2.1 Information You Provide Directly

We collect personal information that you voluntarily provide when using the Platform, including account registration information (name, email address, phone number, date of birth), booking and reservation details (travel dates, destinations, traveler names, passport or identification details where required), payment information (credit/debit card number, billing address, processed via secure third-party payment processors), communication data (messages sent to customer support, chatbot interactions, feedback, and reviews), and preferences (language, currency, travel interests, notification settings).

2.2 Information Collected Automatically

When you access the Platform, we automatically collect certain technical and usage data, including device information (device type, operating system, browser type, unique device identifiers), log data (IP address, access times, pages viewed, referring URL), location data (approximate geographic location inferred from IP address; precise location only with your explicit consent), and cookies and similar technologies (as described in our Cookie Policy).

2.3 Information from Third Parties

We may receive personal information from Travel Suppliers (booking confirmation details, service updates), payment processors and fraud prevention services, social media platforms (if you choose to log in or connect via a social account), and marketing and analytics partners.

3. How We Use Your Information

We use your personal information for the following purposes:

4. AI-Specific Data Practices

4.1 AI-Powered Features

Our Platform uses artificial intelligence to power features including conversational chatbot assistance, personalized travel recommendations and search ranking, automated booking support, and content personalization. These features process your interactions, search history, preferences, and booking data to generate relevant and useful outputs.

4.2 AI Training and Improvement

Interactions with our AI features may be logged and reviewed to improve accuracy, relevance, and service quality. We do not use your personal data to train third-party AI models without your explicit consent. Where possible, data used for AI improvement is anonymized or aggregated.

4.3 Automated Decision-Making

Certain Platform features involve automated processing, including fraud detection, pricing optimization, and personalized recommendations. Where such automated processing produces legal effects or similarly significant effects on you, you have the right to request human review. To exercise this right, contact us at [privacy@grizzlytravel.ai].

5. How We Share Your Information

We share your personal information in the following circumstances:

Travel Suppliers: We share booking-related information (such as traveler names, contact details, and reservation specifics) with the relevant Travel Supplier as necessary to fulfill your booking.

Payment Processors: Payment information is transmitted to secure third-party payment processors to facilitate transactions. We do not store full credit card numbers on our servers.

Service Providers: We engage trusted third-party service providers to assist with Platform operations, including hosting, analytics, customer support tools, and marketing. These providers are contractually obligated to protect your data and use it only for the purposes we specify.

Legal and Regulatory: We may disclose personal information where required by law, regulation, legal process, or enforceable government request, or to protect the rights, property, or safety of Grizzly Travel AI, our Users, or the public.

Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of the transaction, subject to applicable privacy obligations.

We do not sell your personal information to third parties for their own marketing purposes.

6. International Data Transfers

Your personal information may be transferred to, stored, and processed in countries other than your country of residence, including Canada and other jurisdictions where our service providers operate. We implement appropriate safeguards to protect your data during such transfers, including standard contractual clauses (SCCs) approved by the European Commission, adequacy decisions by relevant authorities, and contractual obligations requiring recipients to protect personal information to a comparable standard.

7. Data Retention

We retain your personal information only for as long as reasonably necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, tax, accounting, or reporting obligations. Booking records are retained for a minimum of seven (7) years for legal and tax compliance. Account information is retained for the duration of your account and for a reasonable period thereafter. AI interaction logs are retained for up to twenty-four (24) months for service improvement purposes, after which they are anonymized or deleted.

8. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls and authentication requirements, regular security assessments and monitoring, and employee training on data protection practices. No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal information:

To exercise any of these rights, contact us at [privacy@grizzlytravel.ai]. We will respond to your request within the timeframe required by applicable law (typically thirty (30) days).

9.1 Additional Rights for California Residents

If you are a California resident, you have additional rights under the CCPA/CPRA, including the right to know what categories and specific pieces of personal information we have collected, the right to request deletion of your personal information, the right to opt out of the sale or sharing of personal information (note: we do not sell personal information), and the right to non-discrimination for exercising your privacy rights.

9.2 Additional Rights for EEA/UK Residents

If you are located in the EEA or UK, you have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal information violates the GDPR.

10. Children’s Privacy

The Platform is not directed at individuals under the age of sixteen (16). We do not knowingly collect personal information from children under sixteen (16). If we become aware that we have collected personal information from a child under this age without verifiable parental consent, we will take prompt steps to delete such information. If you believe a child has provided us with personal information, please contact us at [privacy@grizzlytravel.ai].

11. Third-Party Links

The Platform may contain links to third-party websites, services, or applications. This Privacy Policy does not apply to such third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through the Platform.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated by posting the updated policy on the Platform with a revised “Last Updated” date, and where required by law, by notifying you via email or Platform notification. Your continued use of the Platform following such changes constitutes acceptance of the revised Privacy Policy.

13. Contact Information

For questions or concerns regarding this Privacy Policy, or to exercise your privacy rights, please contact:

Business Name: Grizzly Travel AI

Privacy Inquiries: [privacy@grizzlytravel.ai]

General Support: [support@grizzlytravel.ai]

Mailing Address: [INSERT ADDRESS]

© 2026 Grizzly Travel AI. All rights reserved.

This document should be reviewed by qualified legal counsel before publication.