Privacy Policy

Privacy Policy

Last updated: March 2026

Privacy at a Glance

We collect only what we need to generate your World Cup trip plans. We never sell your data. You can delete your account and all associated data at any time. We use industry-standard encryption and work only with GDPR-compliant partners.

1

Information We Collect

When you create an account and use WorldCup Planner, we collect the following categories of personal information:

Data TypePurposeRetention
Name & EmailAccount creation, communicationUntil account deletion
Country of OriginVisa requirements, travel recommendationsUntil account deletion
Travel PreferencesBudget, dates, teams β€” used for plan generationUntil account deletion
Payment InformationProcessed by Paddle β€” we never store card detailsHandled by Paddle
Usage DataPages visited, features used β€” analytics only26 months (anonymized)

We do not collect biometric data, social security numbers, or any sensitive personal information beyond what is listed above.

2

How We Use Your Information

Your information is used strictly for the following purposes:

  • AI Trip Plan Generation β€” Your travel preferences, budget, and dates are sent to our AI system to build a personalized World Cup itinerary.
  • Payment Processing β€” Transactions are handled securely by Paddle (our payment processor). We never see or store your full credit card number.
  • Communication β€” We send transactional emails (plan delivery, receipts) and optional marketing emails (which you can unsubscribe from at any time).
  • Service Improvement β€” Anonymized analytics help us improve features and fix bugs. Individual user behavior is never analyzed or sold.

We never sell, rent, or share your personal data with advertisers or data brokers.

3

Data Storage

We take the security of your data seriously:

Encryption

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Passwords are hashed with bcrypt.

Infrastructure

Hosted on secure cloud infrastructure with automated backups, firewall protection, and intrusion monitoring.

Retention

Your data is retained as long as your account is active. Upon account deletion, all personal data is removed within 30 days.

Access Control

Only authorized team members with a legitimate business need can access user data. Access is logged and regularly audited.

4

Third Parties

We work with a small number of trusted service providers to deliver our product. Each partner is contractually bound to handle your data securely and in compliance with applicable privacy laws:

Anthropic (Claude AI)

Powers our AI trip plan generation. Your travel preferences are sent to Anthropic's API to create your personalized itinerary. Anthropic does not use your data for training.

Paddle

Our Merchant of Record for payment processing. Paddle handles all billing, tax, and compliance. We never see your full credit card details.

Email Service Provider

We use a transactional email service to send plan deliveries, receipts, and optional newsletters. You can unsubscribe at any time.

Google Analytics & Microsoft Clarity

Used for anonymous website analytics to understand how users interact with our site. No personally identifiable information is shared with these services.

5

Your Rights

Under GDPR and applicable privacy laws, you have the following rights regarding your personal data:

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct any inaccurate or incomplete data via your account settings.

Right to Deletion

Request complete deletion of your account and all associated data.

Right to Portability

Export your data in a machine-readable format.

Right to Opt-Out

Unsubscribe from marketing emails and decline non-essential cookies.

Right to Restrict Processing

Limit how we use your data in certain circumstances.

To exercise any of these rights, email us at privacy@worldcupplanner.com or use the settings in your account dashboard. We respond to all requests within 30 days.

6

Contact

If you have any questions, concerns, or requests regarding this privacy policy or how we handle your data, you can reach us through the following channels:

Email: privacy@worldcupplanner.com
Contact Form: worldcupplanner.com/contact

We aim to respond to all privacy-related inquiries within 48 hours. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.