Privacy Policy

Introduction

Tourist SOS ("we," "our," or "us") operates a professional emergency response coordination platform designed exclusively for adults aged 18 and over. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

By accessing or using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our services.

1. Information We Collect

1.1 Information You Provide

We collect information you directly provide to us, including:

• Account Information: Full name, email address, phone number, professional title, organization name, work address, emergency contact details
• Professional Credentials: Certifications, training records, professional licenses, employment verification
• Emergency Case Data: Incident reports, case notes, communications, photos, videos, audio recordings, location coordinates, timestamps
• Communication Data: Messages, calls, video conferences, file attachments sent through our platform
• Payment Information: Billing address, payment method details (processed by third-party payment processors)

1.2 Information We Collect Automatically

• Device Information: IP address, device type, operating system, browser type and version, device identifiers
• Usage Data: Pages visited, features used, time spent, click patterns, search queries, session recordings
• Location Data: GPS coordinates, Wi-Fi network information, cell tower data (when location services are enabled)
• Technical Data: Log files, cookies, web beacons, analytics data, performance metrics

1.3 Information from Third Parties

• Professional verification services and background check providers
• Emergency services and first responder organizations
• Hotel management systems and property management platforms
• Insurance companies and legal representatives
• Government agencies and regulatory bodies

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Provision

• Facilitate real-time emergency response coordination
• Connect hospitality staff with qualified first responders
• Provide training programs and certification management
• Maintain emergency case records and documentation
• Enable secure communication channels during emergencies

2.2 Platform Operations

• Verify professional credentials and maintain user safety
• Process payments and manage subscriptions
• Provide customer support and technical assistance
• Send service notifications, updates, and emergency alerts
• Analyze usage patterns to improve our services

2.3 Legal and Safety

• Comply with legal obligations and regulatory requirements
• Protect against fraud, abuse, and security threats
• Enforce our terms of service and user agreements
• Respond to legal requests and court orders
• Maintain records for insurance and liability purposes

3. Information Sharing and Disclosure

We may share your information in the following circumstances:

3.1 Emergency Response

During active emergency situations, we share relevant information with:

• Certified first responders and emergency medical personnel
• Local emergency services (police, fire, ambulance)
• Hospital emergency departments and medical facilities
• Hotel management and security personnel
• Insurance companies and legal representatives (as required)

3.2 Service Providers

We work with trusted third-party service providers who assist us in operating our platform:

• Cloud hosting and data storage providers (AWS, Google Cloud)
• Payment processors and financial institutions
• Communication service providers (SMS, email, video calling)
• Analytics and performance monitoring services
• Professional verification and background check services

3.3 Legal Requirements

We may disclose your information when required by law or when we believe disclosure is necessary to:

• Comply with legal process, court orders, or government requests
• Protect the rights, property, or safety of Tourist SOS, our users, or the public
• Investigate potential violations of our terms of service
• Respond to claims of illegal activity or intellectual property infringement

4. Data Security and Protection

We implement comprehensive security measures to protect your information:

4.1 Technical Safeguards

• End-to-end encryption for all emergency communications
• AES-256 encryption for data at rest and TLS 1.3 for data in transit
• Multi-factor authentication for all user accounts
• Regular security audits and penetration testing
• Automated threat detection and response systems
• Secure API endpoints with rate limiting and access controls

4.2 Organizational Safeguards

• Role-based access controls with principle of least privilege
• Regular employee training on data protection and security
• Confidentiality agreements with all staff and contractors
• Incident response procedures and breach notification protocols
• Regular backup and disaster recovery testing

5. Data Retention and Deletion

We retain your information for different periods based on the type of data and legal requirements:

• Account Information: Until you delete your account, plus 30 days for account recovery
• Emergency Case Records: 10 years for legal, insurance, and regulatory compliance
• Training and Certification Records: 7 years for professional compliance requirements
• Communication Data: 3 years for quality assurance and legal purposes
• Usage and Analytics Data: 2 years for service improvement and analytics
• Financial Records: 7 years for tax and accounting purposes

After the retention period expires, we securely delete or anonymize your information. Some information may be retained longer if required by law or for legitimate business purposes.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

6.1 Access and Portability

• Request a copy of all personal information we hold about you
• Receive your data in a structured, machine-readable format
• Transfer your data to another service provider

6.2 Correction and Updates

• Update or correct inaccurate or incomplete information
• Add missing information to your profile
• Verify the accuracy of your professional credentials

6.3 Deletion and Restriction

• Request deletion of your personal information (subject to legal retention requirements)
• Restrict or limit how we process your information
• Object to certain types of processing activities

7. International Data Transfers

Tourist SOS operates globally, and your information may be transferred to and processed in countries other than your own, including the United States, European Union, and other jurisdictions where our service providers operate.

When we transfer your information internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with equivalent data protection laws
• Binding Corporate Rules for transfers within our corporate group
• Certification schemes and codes of conduct where applicable

8. Age Restrictions and Children's Privacy

If we become aware that we have collected personal information from someone under 18, we will:

• Immediately delete the information from our systems
• Terminate the account and block future access
• Notify relevant parties if required by law
• Implement additional verification measures to prevent future occurrences

Parents or guardians who believe their child has provided information to us should contact us immediately at privacy@touristsos.com.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

9.1 Types of Cookies

• Essential Cookies: Required for basic platform functionality and security
• Performance Cookies: Help us analyze usage and improve our services
• Functional Cookies: Remember your preferences and settings
• Security Cookies: Detect suspicious activity and prevent fraud

9.2 Managing Cookies

You can control cookies through your browser settings, but disabling certain cookies may affect platform functionality. We also provide cookie preference controls in your account settings.

10. Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Post the updated policy on our website with a new "Last updated" date
• Send email notifications to registered users about significant changes
• Provide in-app notifications for material changes affecting your rights
• Maintain previous versions for your reference

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

11. Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us: