Conway Travel Collective
  • Services
  • Our Approach
  • Our Story
  • Press
  • The Atelier
  • Commission
Begin Your Journey
  • Services
  • Our Approach
  • Our Story
  • Press
  • The Atelier
  • Commission Your Journey

Legal

Privacy Policy

Conway Travel Collective LLC · Effective June 6, 2026

Florida Seller of Travel  |  Reg. No. ST46413

Contents

  1. Introduction / Who We Are
  2. Information We Collect
  3. How We Use Your Information
  4. How We Share Your Information
  5. Sensitive Personal Information
  6. International Data Transfers
  7. Data Retention
  8. Your Rights and Choices
  9. Cookies and Tracking
  10. Children’s Privacy
  11. Data Security
  12. Links to Third-Party Sites
  13. Changes to This Policy
  14. Florida Seller of Travel Disclosure
  15. Contact Us

1. Introduction / Who We Are

Conway Travel Collective LLC (“CTC,” “we,” “us,” or “our”) is a travel booking agency organized under the laws of the State of Florida. We are registered with the State of Florida as a Seller of Travel (Registration No. ST46413) as required by Florida Statutes §§ 559.927–559.9355.

What we do. CTC acts solely as a booking agent. We do not own, operate, or control airlines, hotels, cruise lines, tour operators, car rental companies, or other travel suppliers. When you ask us to arrange travel on your behalf, we transmit your information to the relevant suppliers so they can provide the services you have requested. The suppliers operate under their own terms of service and privacy policies, and CTC is not responsible for their independent data practices.

What this policy covers. This Privacy Policy describes:

  • The personal information we collect about you when you visit our website, contact us, or use our booking services;
  • How we use, share, and protect that information;
  • How long we keep it;
  • Your rights under applicable federal and state law; and
  • How to contact us with questions or privacy requests.

This policy applies to all personal information collected through our website at www.conwaytravelcollective.com (the “Site”), by email, by phone, and through any other interaction with CTC. By using our Site or services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

When you inquire about travel, request a quote, make a booking, or otherwise communicate with us, you may provide us with:

Identity and Travel Document Information

  • Full legal name, date of birth, and gender (as required for airline tickets)
  • Passport number, expiration date, and country of issue
  • Visa information (when applicable)
  • Known Traveler Number / TSA PreCheck / Global Entry number

Contact Information

  • Email address, phone number(s), and mailing or billing address

Payment Information

  • Credit or debit card number, expiration date, and security code

Important: CTC transmits your payment card information directly and securely to travel suppliers and payment processors. We do not store your full card number or security code on our own systems. Payment processing is handled consistent with PCI-DSS standards.

Travel Preferences and Loyalty Programs

  • Airline, hotel, or cruise loyalty program numbers
  • Seat, meal, and cabin preferences
  • Destination and activity preferences

Health and Disability Accommodation Requests

  • Medical conditions, disabilities, or special assistance needs shared with us for the purpose of arranging accommodations with suppliers

This information is treated as sensitive personal information. See Section 5.

Emergency Contact Information

  • Name, relationship, and phone number of an emergency contact

2.2 Information Collected Automatically

When you visit our Site, our systems and third-party service providers automatically collect certain technical information, including:

  • IP address and approximate geographic location
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on pages, referring URLs, and click paths
  • Cookies and similar tracking technologies (see Section 9)

2.3 Information We Receive from Third Parties

In limited circumstances, we may receive information about you from travel suppliers (such as booking confirmation numbers or itinerary change notifications), Global Distribution Systems (GDS), and other agents acting on your behalf. We do not purchase data from data brokers.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

Booking and Service Fulfillment

  • To process and confirm travel reservations on your behalf
  • To transmit required traveler details to suppliers
  • To communicate changes, cancellations, and updates to your itinerary

Identity Verification and Legal Compliance

  • To verify your identity and the identity of travelers in your group
  • To comply with TSA Secure Flight requirements and similar government mandates
  • To comply with applicable federal, state, and international laws, including the Florida Seller of Travel Act

Communications

  • To respond to your inquiries and requests
  • To send booking confirmations, receipts, and trip-related notifications
  • To send marketing communications about travel offers and services — only to the extent you have not opted out (see Section 8)

Payment and Fraud Prevention

  • To process payments and handle refunds
  • To detect, investigate, and prevent fraudulent transactions and other illegal activity

Website Operation and Improvement

  • To operate, maintain, and improve our Site
  • To analyze usage trends and enhance the user experience

Legal Defense and Dispute Resolution

  • To establish, exercise, or defend legal claims
  • To comply with court orders, subpoenas, or other lawful process

We rely on the following legal bases for processing (particularly relevant to EU/UK residents):

  • Performance of a contract: Processing necessary to fulfill your booking request.
  • Legal obligation: Processing required to comply with applicable law.
  • Legitimate interests: Fraud prevention, IT security, and service improvement.
  • Consent: Processing of health/disability information and, where required, marketing communications.

4. How We Share Your Information

4.1 Travel Suppliers

As a booking agent, we necessarily share your personal information with the travel suppliers required to fulfill your reservation, including airlines, hotels, cruise lines, tour operators, car rental companies, ground transportation providers, and travel insurance providers. The information shared is limited to what each supplier requires to complete your booking.

Each supplier operates under its own privacy policy. CTC is not responsible for how suppliers use your information once it has been transmitted. We encourage you to review the privacy policies of the suppliers who will be providing your travel services.

4.2 Service Providers

We may share your information with third-party companies providing services on our behalf, including IT infrastructure and hosting providers, email and communications platforms, website analytics providers, payment processors, and CRM software providers. These service providers are authorized to use your information only as necessary to provide services to CTC.

4.3 Legal Requirements

We may disclose your information when required by law, including to comply with a subpoena, court order, or lawful government request; to protect the rights, property, or safety of CTC, our clients, or the public; or to detect or prevent fraud or other illegal activity.

4.4 Business Transfers

If CTC is involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will notify you if a transfer materially changes how your information is used.

4.5 With Your Consent

We may share your information for any other purpose with your explicit consent.

4.6 CTC Does Not Sell Your Personal Data

Conway Travel Collective LLC does not sell, rent, or trade your personal information to third parties for their own marketing or other commercial purposes. We do not engage in the sale of personal data as defined under the Florida Digital Bill of Rights, the California Consumer Privacy Act, or any other applicable law.

5. Sensitive Personal Information

5.1 Health and Disability Information

If you share medical information, disability status, or special assistance needs with us for the purpose of arranging travel accommodations, we treat this information as sensitive personal information. We:

  • Use it only to arrange the specific accommodations you requested;
  • Share it only with suppliers who need it to fulfill those accommodations;
  • Do not use it for marketing or profiling; and
  • Retain it only as long as necessary for your trip and our legal obligations.

You are never required to disclose health or disability information to us. However, if you choose not to share information necessary for a specific accommodation, we may not be able to arrange that accommodation on your behalf.

5.2 Passport and Government-Issued Identification Data

Passport numbers and other government-issued identification numbers are sensitive personal information. We collect this information only when required for international travel bookings, transmit it securely to the relevant airlines and government authorities, and do not store passport numbers beyond the period necessary for the booking and any applicable legal retention requirement.

5.3 Payment Card Data

Although we collect payment card information in the course of processing bookings, we do not retain full card numbers or CVV/security codes in our own systems following transmission to the payment processor. See Section 11 for details on our PCI-DSS approach.

6. International Data Transfers

Because we book travel worldwide, we necessarily share your personal information with travel suppliers and service providers located outside the United States, including in the European Union, the United Kingdom, and other countries. These countries may have different data protection laws than the United States or your home country.

When we transfer your data internationally in connection with a travel booking, such transfers are necessary for the performance of a contract between you and the relevant travel supplier, or made with your explicit consent (for certain sensitive data transfers).

EU and UK Residents

If you are located in the European Union or the United Kingdom:

  • We process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and, where applicable, the UK GDPR.
  • Where we transfer personal data outside the EEA or UK to a country that has not received an adequacy decision, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, the UK International Data Transfer Addendum.
  • You have the right to obtain a copy of the relevant safeguards governing such transfers by contacting us at the address in Section 15.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, to comply with legal obligations, and to resolve disputes or enforce agreements.

Category of Information Retention Period
Booking records and itineraries 7 years from the date of travel (Florida Seller of Travel & federal tax requirements)
Payment records (transaction details, not card numbers) 7 years from the date of transaction
Passport and government ID data Duration of booking process, plus 2 years (or longer if required by law)
Health and disability accommodation data Duration of the relevant trip, plus 2 years for dispute resolution
Website analytics and log data 13 months from collection
Marketing communications (opt-in records) Duration of consent plus 3 years after opt-out
General correspondence and email 5 years from the date of the communication
Emergency contact information Duration of the relevant trip; deleted promptly thereafter unless otherwise requested

When we no longer have a lawful basis to retain your data, we securely delete or de-identify it. We may retain certain information for longer periods when required to do so by a litigation hold, government investigation, regulatory directive, or applicable law.

8. Your Rights and Choices

Depending on where you live, you may have specific legal rights regarding your personal information. We will respond to verifiable requests as described in Section 15.

8.1 Florida Residents — Florida Digital Bill of Rights (FDBR)

Effective July 1, 2024, Florida residents have the following rights under the Florida Digital Bill of Rights, Fla. Stat. Ch. 501, Part II:

  • Right to Access: Request confirmation of whether we process your personal data and obtain a copy.
  • Right to Correction: Request that we correct inaccurate personal data we hold about you.
  • Right to Deletion: Request that we delete personal data we hold about you, subject to certain exceptions.
  • Right to Data Portability: Request your personal data in a portable, readily usable format.
  • Right to Opt Out of Targeted Advertising: Opt out of the processing of your personal data for targeted advertising.
  • Right to Opt Out of Profiling: Opt out of profiling that produces legal or similarly significant effects.

Note: Because CTC does not sell personal data, there is no right to opt out of sale that applies.

8.2 California Residents — CCPA / CPRA

California residents have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of categories and specific pieces of personal information we have collected about you.
  • Right to Delete: Request deletion of personal information we hold about you, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information we hold about you.
  • Right to Opt Out of Sale or Sharing: CTC does not sell or share your personal information for cross-context behavioral advertising.
  • Right to Limit Use of Sensitive Personal Information: Request that we limit our use of sensitive personal information to uses necessary to provide the services you requested.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

California residents may exercise these rights by contacting us as described in Section 15. We will acknowledge your request within 10 business days and respond substantively within 45 calendar days.

8.3 EU and UK Residents — GDPR / UK GDPR

If you are located in the EEA or the United Kingdom, the following rights apply:

  • Right of Access (Art. 15): Obtain confirmation of whether we process your personal data and receive a copy.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Art. 17): Request deletion of your personal data where there is no longer a lawful basis for processing.
  • Right to Restriction (Art. 18): Request restriction of processing in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format where processing is based on consent or contract.
  • Right to Object (Art. 21): Object to processing based on legitimate interests, with an absolute right to object to direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Lodge a Complaint: Contact your national supervisory authority. In the UK, you may contact the Information Commissioner’s Office (ICO).

We will respond to GDPR/UK GDPR requests within 30 days, with a possible 60-day extension for complex requests.

8.4 All Users — Marketing and Communications Choices

Regardless of your location, you may opt out of marketing emails at any time by clicking the “unsubscribe” link in any marketing email we send you, or by contacting us at concierge@conwaytravelcollective.com. Even if you opt out of marketing communications, we will still send you transactional messages related to active bookings.

9. Cookies and Tracking Technologies

9.1 What We Use

Our Site uses cookies and similar technologies, including:

  • Essential cookies: Required for the Site to function. These cannot be disabled without impairing Site functionality.
  • Analytics cookies: Used to understand how visitors interact with our Site (e.g., Google Analytics).
  • Functional cookies: Used to remember your preferences (e.g., saved search criteria).
  • Advertising and targeting cookies: May be used by third-party services to display relevant advertising on other websites.

9.2 Third-Party Analytics

Our Site may use Google Analytics or similar services to collect anonymized usage data. You can learn about Google’s data practices at policies.google.com/privacy.

9.3 Your Cookie Choices

  • Browser controls: Most web browsers allow you to manage or disable cookies through your browser settings.
  • Opt-out tools: You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.
  • Do Not Track: Our Site currently does not respond to “Do Not Track” signals, as there is no industry-wide standard for such signals.
  • Florida FDBR opt-out: Florida residents may opt out of targeted advertising that relies on cookies by contacting us at concierge@conwaytravelcollective.com.

10. Children’s Privacy

Our services are intended for adults (18 years of age and older) or minors booking travel under the supervision of a parent or legal guardian. Conway Travel Collective LLC does not knowingly collect personal information directly from children under the age of 13 without verifiable parental consent, in compliance with the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.

When a booking includes a minor traveler, we collect the minor’s name, date of birth, gender, and passport information as required by the airline or other supplier. This information is provided by the parent or guardian making the booking, not collected directly from the minor.

If you believe we have inadvertently collected personal information from a child under 13 without appropriate consent, please contact us immediately at concierge@conwaytravelcollective.com so that we can take appropriate steps to delete such information.

11. Data Security

We implement technical, physical, and organizational measures designed to protect your personal information against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encrypted transmission of data (TLS/HTTPS) on our Site and in communications with suppliers and payment processors;
  • Access controls that limit employee access to personal information to those with a business need;
  • Secure, password-protected systems with multi-factor authentication requirements for internal access;
  • Regular review of our information collection, storage, and processing practices.

PCI-DSS Compliance

CTC handles payment card transactions in a manner designed to be consistent with the Payment Card Industry Data Security Standard (PCI-DSS). We do not store your full card number, security code (CVV), or magnetic stripe data on our own systems. Payment information is transmitted directly to PCI-DSS-compliant payment processors and travel suppliers.

Data Breach Notification

Despite our security measures, no system is 100% secure. In the event of a data breach that triggers notification requirements under the Florida Information Protection Act (FIPA), Fla. Stat. § 501.171, we will notify affected Florida residents within 30 days of determining that a breach occurred. If the breach affects more than 500 Florida residents, we will also notify the Florida Department of Legal Affairs.

We will also comply with applicable breach notification requirements under federal law and the laws of other states and jurisdictions, including GDPR Article 33 (72-hour notification to the supervisory authority) and Article 34 (notification to affected individuals without undue delay).

12. Links to Third-Party Sites and Supplier Websites

Our Site may contain links to the websites of airlines, hotels, cruise lines, tour operators, and other travel suppliers, as well as links to general third-party websites. These linked sites operate independently of CTC and are not covered by this Privacy Policy. We have no control over the content or data practices of third-party websites and are not responsible for their privacy policies or practices.

We encourage you to review the privacy policy of every website you visit, particularly any travel supplier website through which you may transact directly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or the services we provide. When we make material changes, we will:

  • Post the revised policy on our Site with a new “Effective Date” at the top of the document; and
  • Send an email notification to clients with active booking relationships where we have a valid email address on file.

We encourage you to review this Privacy Policy periodically. Your continued use of our Site or services after the effective date of any revised policy constitutes your acknowledgment of the updated terms.

14. Florida Seller of Travel Disclosure

Conway Travel Collective LLC is registered as a Seller of Travel with the State of Florida. Registration No.: ST46413.

Conway Travel Collective LLC is registered with the State of Florida as a Seller of Travel pursuant to Florida Statutes §§ 559.927–559.9355. Registration as a seller of travel does not constitute approval by the State of Florida.

As a booking agent only, Conway Travel Collective LLC arranges travel services provided by independent travel suppliers. We do not own, operate, or control the suppliers whose services we book, and we are not responsible for the acts or omissions of those suppliers. Travel suppliers may have their own financial and insolvency risks. We strongly recommend that travelers purchase travel insurance, including trip cancellation and interruption coverage, to protect against unforeseen events.

  • Airline tickets purchased through us are non-refundable once issued unless the airline’s own fare rules provide otherwise.
  • Additional restrictions may apply depending on the specific travel products booked. Please review all terms and conditions provided at the time of booking.

15. Contact Us / How to Exercise Your Rights

If you have questions about this Privacy Policy, wish to exercise any of your privacy rights, or need to report a privacy concern, please contact us:

Conway Travel Collective LLC

Attn: Privacy Request

411 Walnut Street #23894
Green Cove Springs, FL 32043-3443

Email: concierge@conwaytravelcollective.com

Website: www.conwaytravelcollective.com

How to Submit a Verifiable Consumer Request

To protect your personal information, we must verify your identity before processing a privacy rights request. We will ask you to provide information sufficient to identify you as the person whose data is in our records (e.g., name, email address, and details of a prior booking).

  • Authorized agents: If you are submitting a request on behalf of another person, you must provide written authorization signed by the data subject, or proof of legal guardianship.
  • Third-party verification: We will not fulfill a request that we cannot reasonably verify. We will let you know if we are unable to verify your identity and what additional steps may resolve the issue.

Response Timeframes

Jurisdiction Initial Acknowledgment Substantive Response Extension Available
Florida (FDBR) As soon as practicable 45 days +45 days (with notice)
California (CCPA/CPRA) 10 business days 45 calendar days +45 calendar days (with notice)
EU / UK (GDPR / UK GDPR) Without undue delay 30 calendar days +60 calendar days (with notice)
All other users As soon as practicable 45 days +45 days if necessary

We will never charge a fee for a first verifiable request in any 12-month period. We may charge a reasonable fee or decline to act on requests that are manifestly unfounded, excessive, or repetitive.


This Privacy Policy is effective as of June 6, 2026.
© 2026 Conway Travel Collective LLC · Fla. Seller of Travel Reg. No. ST46413
411 Walnut Street #23894, Green Cove Springs, FL 32043-3443

Conway Travel Collective

“Conway Travel Collective was born
to make the world your private collection.”

Worldwide

Navigate

  • Our Approach
  • Services
  • Our Story
  • Press
  • The Atelier
  • Commission

Specialties

  • Honeymoons
  • Safari
  • Wellness Retreats
  • Destination Weddings
  • River Cruises

Connect

  • Instagram
  • Facebook
  • LinkedIn
  • X / Twitter
  • Email Us

© 2026 Conway Travel Collective LLC · Fla. Seller of Travel Reg. No. ST46413

Privacy Policy Terms of Service Accessibility