Privacy Policy

Last updated: 17 March 2026

Your privacy is important to us. This Privacy Policy explains how Aurea Futura LTD collects, uses, stores, shares, and protects your personal data when you use My Tour Platform. It applies to all users of the Service, including Tour Directors, Group Leaders, Travellers, Hotel Users, and visitors to our website.

1. Data Controller

The data controller for personal data processed through My Tour Platform is:

Aurea Futura LTD
Company No. 11132111
18 Spencer Road, London SW20 0QP, United Kingdom
Email: hello@mytourplatform.com

For all data protection enquiries, please contact us at the above email address.

ICO Data Protection Registration
Information Commissioner's Office — United Kingdom
Organisation Aurea Futura LTD Address 18 Spencer Road, London SW20 0QP Reference ZC103734 Date registered 9 March 2026 Expires 8 March 2027

2. Data Protection Officer

The designated Data Protection Officer (DPO) for Aurea Futura LTD is contactable at slim@aureafutura.com. For all data protection enquiries, rights requests, or complaints, you may also contact us at hello@mytourplatform.com. We will respond within 30 days.

3. Information We Collect

We collect the following categories of personal data:

CategoryDataLawful Basis
Tour Director accountName, email, phone, company, profile detailsContractual necessity (Art. 6(1)(b))
Subscription & billing dataPlan type, payment provider (Revolut), subscription ID, billing dates, payment status (we do not store card numbers or payment provider credentials)Contractual necessity (Art. 6(1)(b))
Tour dataDestinations, itineraries, hotels, room allocations, passenger names, supplier contactsLegitimate interest (Art. 6(1)(f))
Traveller dataName, room assignment, survey answers (may include dietary/medical)Consent (Art. 6(1)(a))
Group Leader dataTraveller management actions, room assignments, headcount dataConsent (Art. 6(1)(a))
Hotel User dataAccess code usage, login timestamps, room number updates, dinner confirmation details (confirmer name)Consent (Art. 6(1)(a))
Financial dataExpense records, receipt images, earnings/daily rate, tip calculations, currency preferencesContractual necessity (Art. 6(1)(b))
Supplier dataCompany name, contact phone/email, driver name, notesLegitimate interest (Art. 6(1)(f))
Usage dataLogin timestamps, IP address (hashed for anonymisation after 30 days), role type. This data is used solely for security monitoring and is never displayed in an identifiable form in the admin dashboard.Legitimate interest (Art. 6(1)(f))
Support dataContact messages, help requests, email correspondenceLegitimate interest (Art. 6(1)(f))
TD Radar dataCity-level location (derived from itinerary), availability status, status note, visibility scope preference. No GPS, hotel, or address data is collected or shared.Consent (Art. 6(1)(a)) – opt-in only

4. Special Category Data

Survey responses may include dietary requirements or medical conditions. This is special category data under Article 9 of UK/EU GDPR. We process it only with your explicit consent, which is requested before you submit any survey. Sensitive fields are encrypted at rest using AES-256 encryption.

5. Children's Data

My Tour Platform processes the names and room assignments of minors (students) as part of tour group management. This data is entered by the Tour Director or Group Leader acting in loco parentis. We do not collect data directly from children. Access to student data is restricted to authorised Tour Directors, Group Leaders, and the hotel for the purpose of room allocation only.

We do not knowingly collect personal data from children under the age of 13 without appropriate parental or guardian consent. If you believe a child's data has been entered without proper authorisation, please contact us immediately.

6. How We Use Your Data

We use your personal data for the following purposes:

  • To provide, operate, maintain, and improve the tour management service.
  • To authenticate users and enforce role-based access controls.
  • To process subscription payments and manage membership plans.
  • To generate confirmation emails, vouchers, reports, and other documents for suppliers.
  • To provide AI-powered text generation services (available to enabled accounts, via OpenAI or Anthropic).
  • To provide the Marvis AI assistant via Telegram (available to enabled accounts), which processes your messages, tour data, passenger names, supplier contacts, and conversation history via Anthropic (Claude) to assist with tour management.
  • To display weather information (via OpenWeatherMap).
  • To respond to support, help-desk, and customer service requests.
  • To send transactional communications (subscription confirmations, payment receipts, service notifications).
  • To produce aggregated, anonymised usage statistics for the purpose of improving the Service.
  • To detect, prevent, and address fraud, security incidents, and technical issues.
  • To comply with legal obligations and enforce our Terms and Conditions.

6A. Data Minimisation in Platform Administration

We follow the principle of data minimisation (Article 5(1)(c) UK GDPR) in the design and operation of our administrative tools. Specifically:

  • The platform administration dashboard displays only aggregate, anonymous statistics (e.g. total number of Tour Directors, total travellers, tours completed, cities visited). No individual names, email addresses, login patterns, location data, or any other personally identifiable information is shown to platform administrators via the dashboard.
  • Platform administrators cannot browse individual Tour Director tour data, itineraries, passenger lists, supplier details, expense records, or financial information through the admin panel.
  • Login and access records are retained for security purposes only and are not displayed in any identifiable or per-user format in the administration interface.
  • Tour Directors, tour companies, and their travellers can be confident that their personal and operational data is not monitored, profiled, or reviewed by Aurea Futura LTD staff as part of normal platform operations.

Access to the underlying database for the purpose of technical maintenance, debugging, or responding to a data subject rights request is performed only when strictly necessary, by authorised personnel, and is logged in the platform audit trail.

7. Data Sharing

We do not sell, rent, or share personal information with third parties for marketing purposes.

No cross-tenant access: Each Tour Director's tours, travellers, and data are strictly isolated. One Tour Director cannot access, view, or export another Tour Director's data unless they have been explicitly added as a collaborator to that specific tour (co-tour feature). Access codes (traveller, Group Leader, hotel) grant access only to the tour for which they were generated.

Tour data is accessible only to users granted access by the Tour Director (Group Leaders, Hotels) via access codes. Supplier contact information is used solely for booking confirmations and tour management.

We may share limited data with third parties in the following circumstances:

  • Payment processing: When you purchase a Season Pass or Tour Credits, your billing data is shared with Revolut to process payments. We do not have access to your full account details, card numbers, or bank details held by Revolut.
  • AI services: When you use the AI text generation feature, relevant text prompts are sent to OpenAI or Anthropic for processing. No personally identifiable information is included in AI prompts unless you explicitly type it. Neither provider uses your data for training their models.
  • Marvis (Telegram): When you use the Marvis AI assistant via Telegram, your messages, tour data (including passenger names, supplier contacts, hotel and restaurant details), and conversation history are sent to Anthropic (Claude) to provide tour management assistance. This data is processed solely to answer your questions and perform requested actions; Anthropic does not use it for model training.
  • Legal requirements: We may disclose your data if required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety, or the rights, property, or safety of others.
  • TD Radar: If you opt in to TD Radar, your name, company, city (derived from your tour itinerary for that day), availability status, and status note will be visible to other opted-in Tour Directors in the same city. By default, only colleagues from your own tour company can see you; you may expand this to all platform TDs with explicit confirmation. Hotel names, addresses, and GPS coordinates are never shared. You can disable TD Radar or set your status to invisible at any time. Opt-in consent resets if you opt out.

8. Data Processors

We use the following third-party data processors:

ProcessorPurposeData SharedLocation
IONOS (1&1)Web hostingAll platform data (stored on their servers)EU
Revolut LtdPayment processingCustomer ID, subscription ID, plan type, billing amounts, name, emailUK / EU
OpenAI, Inc.AI text generationText prompts (no PII unless user-entered)US
Anthropic PBCAI text generation; Marvis Telegram assistantIn-app: text prompts. Marvis: TD profile, tour data, passenger names, supplier contacts, conversation historyUS
OpenWeather LtdWeather dataCity/location names (no PII)UK
TelegramMarvis AI assistant messagingMessages you send to and receive from MarvisEU

All processors are bound by data processing agreements that require them to handle data in accordance with applicable data protection laws.

We do not use any analytics, advertising, tracking, or behavioural profiling services. There is no Google Analytics, no Meta Pixel, no Hotjar, and no equivalent. We do not track your behaviour across sessions, pages, or devices for any purpose other than essential security logging.

9. International Data Transfers

Our primary servers are located in the European Union. However, some of our third-party processors (OpenAI, Anthropic, Revolut) may process data in the United States or other countries outside the UK/EU.

Where personal data is transferred outside the UK/EU, we ensure that appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • The UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs.
  • Adequacy decisions where applicable.

Tour Directors may access data while travelling internationally; appropriate security measures (HTTPS encryption) protect data in transit at all times.

10. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected:

  • Tour Director accounts: Retained while the account is active. Deleted upon request or after 24 months of inactivity (following notice).
  • Tour data (passengers, rooms, suppliers): Retained for 90 days after the tour end date, then automatically anonymised. Passenger names are replaced with generic identifiers; sensitive supplier data is cleared.
  • Subscription and billing data: Retained for 6 years after the last transaction to comply with UK tax and accounting obligations (HMRC requirements).
  • Expense records and receipts: Retained for the duration of the associated tour data retention period, then deleted.
  • Survey responses: Deleted when tour data is anonymised.
  • Login and access logs: Retained for 12 months for security purposes, then deleted. IP addresses are hashed after 30 days. These logs are never displayed in an identifiable form to any user, including platform administrators.
  • Support correspondence: Retained for 24 months after the last communication, then deleted.
  • Consent records: Retained for 3 years to demonstrate compliance, then deleted.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:

  • Passwords are stored using industry-standard one-way hashing (bcrypt).
  • Sensitive fields (dietary requirements, survey responses, supplier contacts, Wi-Fi passwords) are encrypted at rest using AES-256 encryption.
  • All data in transit is protected by HTTPS (TLS 1.2+) encryption.
  • Session cookies are configured with HttpOnly, SameSite=Lax, and Secure (on HTTPS) flags.
  • CSRF protection is enforced on all state-changing requests.
  • Content Security Policy (CSP) headers are implemented to prevent cross-site scripting attacks.
  • Rate limiting is applied to prevent brute-force attacks on login and API endpoints.
  • Role-based access control restricts data visibility by user type (Tour Director, Group Leader, Hotel User, Traveller).
  • Access codes are generated with sufficient entropy and are scoped to individual tours.
  • Regular backups are maintained by our hosting provider.
  • Data minimisation by design: the platform administration dashboard is engineered to display only aggregate, anonymous metrics. No personal data from Tour Directors, travellers, or tour companies is surfaced in the admin interface.

12. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will:

  • Notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach, as required by Article 33 of UK GDPR.
  • Where the breach is likely to result in a high risk to the rights and freedoms of affected individuals, we will notify those individuals without undue delay, as required by Article 34 of UK GDPR.
  • Document all breaches, including the facts, effects, and remedial actions taken, in our internal breach register.
  • Take immediate steps to contain and remediate the breach, including changing access credentials, patching vulnerabilities, and reviewing access controls.

13. Your Rights

Under UK GDPR and EU GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15) — Request a copy of all personal data we hold about you. Tour Directors can export their data directly from their profile.
  • Right to Rectification (Art. 16) — Request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17) — Request deletion of your personal data ("right to be forgotten"). Tour Directors can delete their account from their profile. Travellers, Group Leaders, and Hotel Users can request data removal by contacting us at hello@mytourplatform.com or by asking their Tour Director to remove their data from the tour.
  • Right to Restrict Processing (Art. 18) — Request limitation of processing in certain circumstances (e.g., while we verify the accuracy of your data).
  • Right to Data Portability (Art. 20) — Receive your personal data in a structured, commonly used, machine-readable format (JSON). Tour Directors can export their data via the profile page.
  • Right to Object (Art. 21) — Object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
  • Right to Withdraw Consent — Where processing is based on consent, you may withdraw it at any time. This does not affect the lawfulness of processing carried out before withdrawal.
  • Rights Related to Automated Decision-Making (Art. 22) — You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently engage in such automated decision-making.

To exercise any of these rights, contact us at hello@mytourplatform.com or use the self-service options in your profile. We will respond within 30 days. If your request is complex, we may extend this period by a further 60 days, and we will inform you of any such extension within the initial 30-day period.

14. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on any individual. Plan-based feature access is determined by your chosen subscription tier and administrative settings, not by automated profiling.

15. Cookies

My Tour Platform uses only essential cookies:

  • Session cookie (PHPSESSID) — Required for authentication and maintaining your login session. Expires when you close your browser.
  • Cookie consent cookie (cookie_consent) — Remembers your acceptance of our cookie notice. Expires after 1 year.

We do not use analytics, advertising, or third-party tracking cookies. If you choose to pay with Revolut, you will be redirected to Revolut's hosted payment page, which may set cookies governed by Revolut's Cookie Policy.

For full details, please see our dedicated Cookie Policy.

16. Legitimate Interest Assessment

Where we rely on legitimate interest as our lawful basis for processing, we have conducted a Legitimate Interest Assessment (LIA) to ensure that our interests do not override the rights and freedoms of data subjects. The key areas where we rely on legitimate interest are:

  • Tour data processing: Necessary to provide the core tour management service that Tour Directors expect and rely upon.
  • Usage logging: Necessary for security monitoring, fraud prevention, and service improvement.
  • Supplier data: Necessary to facilitate booking confirmations and tour logistics on behalf of Tour Directors.
  • Support communications: Necessary to respond to enquiries and maintain service quality.

You may object to processing based on legitimate interest at any time by contacting us.

17. Payment Provider Data Sharing

When you purchase a Season Pass or Tour Credits, the following data is shared with Revolut for the purpose of processing your payment:

Revolut

  • Your full name and email address (used to create a Revolut customer record).
  • The subscription plan selected and its price.
  • Billing cycle dates and payment status.

We receive from Revolut: your Revolut customer ID, subscription ID, payment status, and billing dates. We do not receive or store your card numbers, bank account details, or Revolut account credentials.

Revolut processes your payment data in accordance with their own Privacy Policy. We encourage you to review it.

18. Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority:

  • United Kingdom: Information Commissioner's Office (ICO) — ico.org.uk, Tel: 0303 123 1113
  • European Union: Your local Data Protection Authority in the EU member state where you reside, work, or where the alleged infringement occurred.

We ask that you contact us first so that we have the opportunity to address your concerns before you escalate to a supervisory authority.

19. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last updated" date at the top of this page.
  • For material changes, we will provide notice via email or a prominent notice on the Platform.
  • Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

20. Contact

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Aurea Futura LTD
Company No. 11132111
18 Spencer Road, London SW20 0QP, United Kingdom
hello@mytourplatform.com