Privacy Policy
We process personal data only to run bookings, accounts, support, security, payments, and lawful reporting. Analytics and marketing are separate and used with consent where required.
Data we process
- Contact data: name, email, phone, country or region, interface language, and currency.
- Booking data: property, room, dates, guests, price, payment status, messages, and support requests.
- Security data: IP address, user-agent, device, sign-in events, errors, and suspicious activity.
- Payment data: payment status, provider, payment identifier, card brand, and last digits if returned by the provider. FirstTrip does not store CVV or full card numbers.
Purposes and legal bases
- Booking performance, account creation, property communication, and customer support.
- Legal obligations for consumer protection, accounting, fraud prevention, and security.
- Legitimate interest in preventing abuse, protecting accounts, and auditing admin and partner actions.
- User consent for optional analytics, marketing, push notifications, and separate preferences.
Sharing and retention
We share data with accommodation providers, payment providers, notification services, hosting, analytics after consent, and public authorities only where legally required. Cross-border transfers use contractual and technical safeguards.
User rights
Users may request access, correction, deletion, restriction, consent withdrawal, portability, and information about processing sources. Requests are handled through the privacy email or support channel.