Privacy Policy
Know.Travel respects your privacy. This Policy explains what data we collect, why we collect it, how we use it, and what rights you have under the General Data Protection Regulation (GDPR). We keep this as short and clear as possible.
1. Data Controller
1.1. The data controller responsible for your personal data is Know.Travel, operated under Spanish law.
1.2. For all privacy-related requests, contact us at [email protected]. We respond within 30 days.
2. What Data We Collect
2.1. Technical data. When you visit Know.Travel, our servers and Cloudflare (our CDN and security provider) automatically process your IP address, browser type, operating system, referring URL, and pages visited. This data is processed to deliver the Service securely and is not linked to your identity.
2.2. Analytics data. We use Cloudflare Analytics and Google Analytics (GA4) to understand how visitors use the site. This includes pages viewed, time on site, and general geographic region. Analytics data is aggregated and anonymised — we cannot identify you personally from it.
2.3. Cookies and local storage. We use cookies to remember your language preference (stored for 1 year), to maintain your session, and to collect anonymised analytics. See Section 5 for a full cookie breakdown.
2.4. Contact form. If you submit a message through our contact form, we collect your email address and message content solely to respond to your inquiry. This data is not used for marketing and is deleted once your request is resolved.
2.5. Email subscription. If you subscribe to our newsletter, we collect your email address and store it to send you travel content updates. You may unsubscribe at any time via the link in any email we send, or by contacting us at [email protected]. Your email is processed by our email delivery provider (see Section 6).
2.6. Blog comments. If you leave a comment on a Know.Travel article, we collect your name (or chosen display name) and email address. Your name is displayed publicly alongside your comment. Your email address is not published and is used only to notify you of replies. WordPress may also store your IP address for spam prevention purposes.
2.7. We do not collect phone numbers, payment data, government IDs, or any sensitive personal data as defined under GDPR Article 9.
3. Legal Basis for Processing
3.1. Under GDPR, we process your data on the following legal bases:
3.2. Legitimate interest (Art. 6(1)(f)) — for technical data and security logging necessary to operate and protect the Service.
3.3. Consent (Art. 6(1)(a)) — for non-essential analytics cookies and for email subscription. You may withdraw your consent at any time by clearing cookies, adjusting browser settings, or unsubscribing from our mailing list.
3.4. Contract / pre-contractual steps (Art. 6(1)(b)) — when you contact us and we need to process your data to respond.
4. How Long We Store Data
4.1. Server and Cloudflare logs — up to 30 days, then automatically deleted.
4.2. Analytics data — retained in aggregated, anonymised form for up to 26 months (Google Analytics default), or until you request deletion.
4.3. Language preference cookie — 1 year from the date of last visit.
4.4. Email correspondence and contact form submissions — retained for as long as necessary to resolve your inquiry, then deleted upon request.
4.5. Newsletter subscriptions — your email is retained until you unsubscribe or request deletion.
4.6. Blog comments — retained indefinitely as part of the article unless you request removal at [email protected].
5. Cookies
5.1. Cookies are small text files stored in your browser. Know.Travel uses the following cookies:
| Cookie | Purpose | Type | Duration |
|---|---|---|---|
kt_lang |
Remembers your language preference | Functional | 1 year |
kt_sid |
Anonymous session identifier for feedback and voting features | Functional | 1 year |
comment_author_* |
WordPress — remembers your name and email if you leave a blog comment | Functional | 1 year |
_ga, _ga_* |
Google Analytics GA4 — anonymised usage statistics | Analytics | 2 years |
| Cloudflare Analytics | Privacy-first analytics — no cookies set, no personal data collected | Analytics | No cookie |
__cf_bm, cf_clearance |
Bot detection and DDoS protection — set automatically by Cloudflare | Security | Session / 1 year |
5.2. You can disable or delete cookies at any time via your browser settings. Note that disabling functional cookies (such as kt_lang) may affect your experience on the site.
5.3. Cloudflare cookies are set automatically as part of our security infrastructure. For details on how Cloudflare handles data, see the Cloudflare Privacy Policy.
6. Third Parties and Data Sharing
6.1. We do not sell your personal data to any third party under any circumstances.
6.2. We work with the following third-party services that may process data on our behalf:
6.3. Cloudflare — CDN, image delivery, DDoS protection, and privacy-first analytics. Processes IP addresses and request metadata. Data may be stored in the EU and USA under Cloudflare’s standard contractual clauses. Cloudflare Privacy Policy →
6.4. Google Analytics (GA4) — website analytics. Anonymised and aggregated data is transferred to Google LLC (USA) under standard contractual clauses with IP anonymisation enabled. Google Privacy Policy →
6.5. Email delivery provider — your email address (if you subscribe to our newsletter) is stored and processed by our email delivery provider. We use this provider solely to send you travel content updates you have subscribed to. You may request deletion of your email at any time.
7. Your Rights under GDPR
7.1. As a resident of the European Economic Area, you have the following rights regarding your personal data:
- Right of Access — request a copy of the personal data we hold about you.
- Right to Rectification — ask us to correct any inaccurate or incomplete data.
- Right to Erasure — request deletion of your personal data (“right to be forgotten”).
- Right to Restriction — ask us to limit how we process your data in certain circumstances.
- Right to Portability — receive your data in a structured, machine-readable format.
- Right to Object — object to processing based on our legitimate interests.
7.2. To exercise any of these rights, email us at [email protected]. We will respond within 30 days. We may ask you to verify your identity before processing the request.
7.3. If you believe your data has been processed unlawfully, you have the right to lodge a complaint with the Spanish Data Protection Authority: Agencia Española de Protección de Datos (AEPD).
8. Children’s Privacy
8.1. Know.Travel is not directed at children under 16 years of age, in accordance with GDPR Article 8. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.
9. Changes to This Policy
9.1. We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For significant changes, we will make reasonable efforts to notify users.
9.2. Continued use of Know.Travel after any changes constitutes acceptance of the updated Policy.
10. Contact
10.1. For any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data:
Know.Travel
Email: [email protected]
Response time: within 30 days
This Policy is governed by the laws of the Kingdom of Spain and the General Data Protection Regulation (EU) 2016/679.