Partner Privacy Policy

1. Scope

This policy applies to all individuals and businesses who register for or participate in any Routri partner program, including the Supplier Program, Affiliate Program, and Travel Agent Program. It covers data collected through the partner registration process, the Supplier Portal, the Affiliate Dashboard, the Agent Portal, and any communication between you and Routri.

2. Data We Collect

2.1 Registration Data

When you register as a partner, we collect:

• Full name and job title of the authorized representative.
• Business name, legal entity name, and registration number.
• Business address and country of operation.
• Email address, phone number, and WhatsApp number.
• Tax identification number (TIN) or VAT number.
• Bank account details for payout processing.
• Website URL and social media profiles (for affiliates).
• Travel agency license number (for travel agents).
• Insurance policy details (for suppliers).

2.2 Operational Data

During your participation in our programs, we collect:

• Booking and transaction data, including amounts, dates, and status.
• Commission and payout records.
• Communication history (emails, support tickets, chat messages).
• Portal usage data (login times, pages visited, features used).
• Performance metrics (booking volume, cancellation rates, review scores).

2.3 Automatically Collected Data

When you access the Supplier Portal, Affiliate Dashboard, or Agent Portal, we automatically collect IP address, browser type and version, device information, and session data through cookies and similar technologies.

3. How We Use Your Data

We use your personal data for the following purposes:

• Account management: To create and maintain your partner account, verify your identity and business credentials, and process your application.
• Payment processing: To calculate commissions, process payouts, and maintain financial records as required by law.
• Booking fulfillment: To share necessary information with travelers and suppliers to facilitate the delivery of booked experiences.
• Communication: To send booking notifications, payout confirmations, program updates, and respond to your support inquiries.
• Platform improvement: To analyze usage patterns, improve our partner tools, and develop new features.
• Compliance: To comply with legal obligations, tax reporting requirements, and anti-fraud measures.
• Quality assurance: To monitor service quality, investigate complaints, and enforce our terms and conditions.

4. Traveler Data Shared with Partners

4.1 What We Share

When a traveler makes a booking, we share limited personal data with the relevant supplier or travel agent to facilitate the experience. This includes the traveler's name, contact details, booking details, and any special requirements specified during booking.

4.2 Your Obligations

As a partner receiving traveler data, you must:

• Use traveler data solely for the purpose of fulfilling the specific booking.
• Not use traveler data for marketing, promotional, or any other purpose without the traveler's explicit consent.
• Not share traveler data with any third party except as necessary for booking fulfillment (e.g., sharing with a guide or driver).
• Delete or anonymize traveler data within 90 days after the experience date, unless retention is required by law.
• Implement appropriate technical and organizational measures to protect traveler data from unauthorized access, loss, or disclosure.

5. Data Sharing & Third Parties

We may share your data with:

• Payment processors: To process payouts and manage financial transactions (e.g., Stripe, bank transfer providers).
• Cloud infrastructure providers: To host and operate our platform (e.g., AWS, Supabase).
• Communication tools: To send notifications and support messages (e.g., email service providers, WhatsApp Business).
• Analytics providers: To analyze platform usage and improve our services (data is aggregated and anonymized where possible).
• Legal and regulatory authorities: When required by law, court order, or to protect our legal rights.

We do not sell your personal data to third parties. All third-party service providers are bound by data processing agreements that require them to protect your data in accordance with applicable laws.

6. Data Retention

We retain your data for the following periods:

• Active accounts: Data is retained for the duration of your participation in our programs.
• After termination: Account data is retained for 3 years after account closure for legal, tax, and audit purposes.
• Financial records: Transaction and payout records are retained for 7 years as required by Egyptian tax law.
• Communication records: Support tickets and correspondence are retained for 2 years after resolution.

7. Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS 1.2+) and at rest.
• Row-Level Security (RLS) policies ensuring suppliers can only access their own data.
• Regular security audits and vulnerability assessments.
• Access controls limiting employee access to partner data on a need-to-know basis.
• Secure authentication with password hashing and optional two-factor authentication.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your data, subject to legal retention requirements.
• Restriction: Request that we limit the processing of your data in certain circumstances.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing of your data for specific purposes.

To exercise any of these rights, contact us at support@routri.com. We will respond to your request within 30 days. We may request additional information to verify your identity before processing your request.

9. Cookies & Tracking

Our partner portals use essential cookies for authentication and session management. We also use analytics cookies to understand how partners use our tools and to improve the experience. For affiliates, we use tracking cookies to attribute bookings to the correct affiliate link (30-day cookie window). You can manage cookie preferences through your browser settings, though disabling essential cookies may prevent you from accessing the partner portals.

10. International Transfers

Your data may be transferred to and processed in countries outside your country of residence, including Egypt (where Routri is based) and the European Union (where some of our infrastructure is hosted). Where data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant data protection authorities.

11. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes via email and through the partner portals at least 30 days before the changes take effect. Your continued use of our partner programs after the effective date constitutes acceptance of the updated policy.

12. Contact

For questions or concerns about this privacy policy or how we handle your data:

• Email: support@routri.com
• Partner Support: partners@routri.com
• Mailing Address: Routri, Cairo, Arab Republic of Egypt