Legal
Privacy Policy
Last updated: 2026-05-06
1. Information we collect
We collect minimal information to operate glamping.directory:
- Cloudflare Web Analytics: aggregate page-view + referrer data, no cookies, no individual tracking.
- Server logs: IP address, user-agent, referrer, page accessed. Retained 30 days for security/abuse monitoring.
- Search queries: what you search for is logged in aggregate to improve the index. Not tied to identity.
- Email (only if you contact us): the email address and message content you send to
hello@,add@,accessibility@, orlegal@. - Account data (when accounts open): when claims and reviews launch, we'll collect email + OAuth identity for sign-in. Detailed at that time.
- Cookies: a small set used for session continuity and consent preferences. See /legal-cookies.
2. Information we do not collect
- Payment information — we don't process payments for stays
- Booking details — we don't take bookings
- Cross-site tracking pixels — we don't run them
- Sold or licensed advertising profiles
3. Lawful basis for processing (GDPR)
For visitors in the European Economic Area, our lawful basis varies by data type:
- Legitimate interest: server logs (security, abuse prevention)
- Consent: any cookie that isn't strictly necessary (we ask via the consent banner)
- Contract: account data when you sign up (once accounts open)
4. Data sharing
We share data only with infrastructure providers required to operate the site:
- Cloudflare (CDN, web analytics, edge runtime, storage) — operates within their own privacy policy
- Resend (transactional email when relevant) — operator-side only
- Stripe (operator subscriptions only, once accounts open) — never for visitors
We do not sell your data. We do not share data with advertisers.
5. Your rights
Depending on your jurisdiction (GDPR, CCPA/CPRA, similar US state laws), you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data ("right to erasure")
- Export your data in a portable format
- Opt out of any processing not required to provide the service
To exercise these rights, email privacy@glamping.directory or use the form at /legal-do-not-sell. We respond within 45 days.
6. Global Privacy Control (GPC)
We honor the Global Privacy Control signal. If your browser sends a GPC signal, we treat it as an opt-out of any non-essential processing. No banner is shown to GPC-signaled visitors; the preference is recorded silently.
7. Data retention
- Server logs: 30 days
- Email correspondence: 2 years (or until you ask us to delete it)
- Account data (once accounts open): for the duration of your account, plus 30 days after deletion
- Aggregate analytics: indefinitely (no individual identifiability)
8. Children's privacy
glamping.directory is not intended for children under 13. We do not knowingly collect data from anyone under 13. If you become aware we've collected data from a minor, email privacy@glamping.directory.
9. International transfers
Our infrastructure is operated by Cloudflare, which may transfer data internationally for processing. Cloudflare's Standard Contractual Clauses cover EU↔US transfers.
10. Changes to this policy
Material changes will be announced on the home page at least 30 days before they take effect. Non-material updates (clarification, typos) may be made silently with the last updated date at the top reflecting the change.
11. Contact
Questions or requests: privacy@glamping.directory