Cookies Policy

Cookies are small text files stored on your device by your browser. They allow a website to recognise you across requests so it can keep you logged in, remember your preferences, and measure how the site is used. We also use related technologies — localStorage, sessionStorage, and pixel tags — which we cover in this policy.

Strictly necessary. Required for the website to work. You cannot disable these without breaking core functionality. Examples:

• Authentication session (so you stay logged in).
• CSRF protection token (security).
• Stripe fraud-prevention cookies (PCI compliance).
• Affiliate attribution token (so we get paid commission when your booking succeeds — this is what funds the free planner).
• Your cookie consent decision itself.

Analytics (consent required). Help us understand how the Service is used so we can improve it. No cross-site tracking. Examples:

• Anonymous identifier for funnel analysis (e.g. PostHog).
• Page-view counts and feature-usage events.
• Performance metrics (page load time, error rates).

Marketing (consent required). Used to measure the effectiveness of our campaigns and to personalise offers. Examples:

• Conversion tracking pixels from advertising platforms (only loaded if you opt in).
• Audience identifiers used to suppress ads to existing customers.

Some pages embed third-party services that set their own cookies under their own privacy policies:

• Stripe (payment processing) — strictly necessary when you reach checkout.
• Google Maps (when you click an itinerary location) — strictly necessary for routing.
• Booking.com, Expedia, Vrbo, Viator (when you click an outbound booking link) — they set their own cookies under their own policies.
• Analytics providers (only with your consent).

You can change your consent at any time using the button below. Your preference is stored for 12 months, after which we’ll ask again.

You can also block or delete cookies in your browser settings. Note that if you block strictly-necessary cookies the Service will not function (you cannot stay logged in, payments will fail, etc.).

Most browsers honour the Global Privacy Control signal. We treat GPC as an opt-out of analytics and marketing cookies where local law requires it.

Browser-level “Do Not Track” is no longer maintained as a standard. We do not respond to DNT headers but we do respect Global Privacy Control as described above.

As we add or remove integrations, this list will change. Material changes will be announced in-app. The “Effective” date at the top reflects the current version.

For details on what personal data we process and your rights, see our Privacy Policy.