This site uses no tracking cookies beyond PostHog analytics. Privacy Policy

← Back to TourismIntel

Legal

Privacy Policy

Last updated: March 2026 · Effective immediately

1. Data Controller

TourismIntel is operated by Mirko Lalli (hereinafter "we", "us", "Controller"). For any privacy-related requests, contact: mirko@bereadyfor.ai

2. What data we collect

We collect and process the following personal data: • Email address (provided at subscription) • IP address at the time of consent (stored for GDPR audit purposes) • Consent timestamp and source • Login activity (last login date)

3. Purpose and legal basis

Your data is processed for the following purposes: • Sending the TourismIntel newsletter (travel industry AI & technology news) • Granting access to the TourismIntel members-only platform Legal basis: Explicit consent per Article 6(1)(a) and Article 7 of the GDPR.

4. Newsletter subscription = platform access

Access to the TourismIntel platform is tied to an active newsletter subscription. By subscribing you agree to receive the TourismIntel newsletter. If you unsubscribe at any time, your platform access will be automatically revoked. To regain access after unsubscribing, contact mirko@bereadyfor.ai.

5. Data processors & sub-processors

We use the following third-party services: • Brevo (Sendinblue) — email delivery and subscriber list management. Data stored in EU. • MongoDB Atlas — database hosting (EU region) • Emergent Labs — infrastructure hosting

6. Data retention

Your email address and consent record are retained for as long as you hold an active subscription. Upon unsubscription and confirmed deletion request, all personal data is erased within 30 days.

7. Your rights (GDPR Articles 15–22)

As a data subject in the EU/EEA, you have the right to: • Access · Rectification · Erasure ("right to be forgotten") · Restriction · Portability · Withdraw consent · Lodge a complaint (Garante Privacy — garante.privacy.it) To exercise any right: mirko@bereadyfor.ai

8. Cookies

TourismIntel uses two first-party cookies for session management: a secure HttpOnly cookie storing your authentication token (invisible to JavaScript and inaccessible to other websites), and a paired CSRF token cookie to protect against cross-site request forgery. No tracking cookies, no third-party advertising cookies, no analytics cookies.

9. International transfers

Your data is processed within the European Economic Area (EEA) or countries with an adequacy decision by the European Commission.

10. Changes to this policy

We may update this policy. Material changes will be communicated by email to all subscribers.

Contact

For any data protection enquiry: mirko@bereadyfor.ai

Made with Emergent