Privacy Policy

    Last updated: April 7, 2026

    We're committed to handling your personal information responsibly and keeping it safe. This Privacy Policy explains what data we collect when you use our website (www.herenowadventures.com), how we use it, who we share it with, and your rights. It's straightforward because we believe in transparency—no surprises.

    The short version

    We don't sell your data. Ever. We only collect what's needed to run the site, handle enquiries/bookings, and send updates if you've asked for them. We give you control over your preferences (like cookies and marketing). We share minimal info with trusted partners (e.g., payment processors and trip suppliers) only when necessary. Questions? Use our data request form.

    The full version

    Who we are

    Here Now Adventures is a small team curating proper adventures worldwide. We're the data controller for personal information collected via this website.

    What information we collect

    Information you provide to us

  1. Identity: Name, username, title (if given).
  2. Contact: Email, phone, address.
  3. Booking/Traveller: Preferences, travel details, dietary/medical needs, feedback/reviews, account login info.
  4. Marketing: Preferences for emails/offers from us.
  5. Payment: Card/bank details (handled securely by third-party processors like Stripe; we don't store them ourselves).

    6. Information we collect automatically

  6. Technical: IP address, browser/device type, pages visited, and basic referral information (via Vercel Analytics — see our Cookie Policy). We do not use invasive tracking or behavioural analytics tools.
  7. Usage: Which pages are visited and how users navigate between them.

    8. How we use your information

    We use data only for legitimate reasons, based on contract, consent, legitimate interests, or legal obligations.

    To fulfil bookings and services (contractual)

  8. Manage enquiries, create accounts, process bookings.
  9. Send booking updates, confirmations, essential info.
  10. Share necessary details (e.g., name, dietary needs) with trip suppliers once you book—we tell you who they are upfront, and you agree by proceeding. We can't control their privacy practices, but we require them to handle data securely.

    11. With your consent (you can withdraw anytime via account or form)

  11. Send marketing emails about adventures/offers we think you'd like.
  12. Publish your reviews (with your OK).
  13. Run feedback/surveys.

    14. For our legitimate interests (balanced against your rights)

  14. Improve the site, fix issues, analyse usage.
  15. Provide support and customer care.
  16. Send service updates (e.g., policy changes).
  17. Prevent fraud/security issues.

    18. Legal obligations

  18. Comply with laws, respond to authorities, detect fraud.

    19. Who we share data with

    We never sell or rent your data. We share only when needed:

  19. Trip suppliers: for bookings, limited to what's required to fulfil your adventure (e.g. name, dietary/medical needs, emergency contact).
  20. Payment processors: Stripe handles all payment processing. We don't store your card details. See Stripe's privacy policy for how they handle your data.
  21. Analytics: we use Vercel Analytics for anonymous page view data. No personal data is shared.
  22. Infrastructure providers: we use Supabase (database) and Vercel (hosting) to operate the platform. These providers process data only as necessary to run the service.

    23. All third-party providers are bound by data processing agreements. We may share anonymised, aggregated statistics that cannot identify you. In rare cases we may also share data where required by law, to prevent fraud, or in connection with a business transfer.

    Where your data is stored Data is stored securely in the cloud (possibly outside the UK/EEA). We use appropriate safeguards for transfers. Transmission over the internet isn't 100% secure, but we take reasonable steps to protect it once received. Keep your passwords confidential.

    How long we keep data

  23. Active customers: As long as needed for services, plus up to 7 years for legal/tax reasons.
  24. Marketing consents: Up to 3 years after last interaction, or until you unsubscribe. We delete sooner if you request (subject to legal holds).

    25. Your rights

    You have rights under UK GDPR. You can:

  25. Access or correct your personal data
  26. Request deletion (subject to legal retention requirements — some booking data must be kept for up to 7 years)
  27. Restrict or object to how we process your data
  28. Port your data in some circumstances
  29. Object to marketing at any time

    30. To exercise any of these rights, email us at hello@herenowadventures.com. We'll respond within 30 days.

    We don't currently send marketing emails or use non-essential cookies, so there's nothing to opt out of right now. When we introduce either, you'll be able to manage your preferences directly in your account.

    If you're unhappy with how we've handled your data, you have the right to complain to the ICO.

    Changes to this policy We may update this policy. Changes are posted here with a new date. Significant updates get a clear notice (e.g., email). Continued use means you accept changes—check back occasionally.

    Contact us Questions? Use our data request form or email [insert your email, e.g., hello@herenowadventures.com]. We're a small team, so we'll get back promptly.

    ← Back to Help Centre