Privacy Policy

We collect the following, depending on how you use Horizon:

• Account information — your name and email address. If you sign up with email and password, we store a securely hashed password (never the password itself). If you sign in with Google or Apple, we receive your name and email from that provider.
• Trip and planning data — the destinations, dates, travelers, budget, preferences, and itineraries you create, plus saved trips, favorites, and packing-list state.
• Booking and payment information — traveler details you enter to complete a booking. Card payments are processed by Stripe; we never receive or store your full card number.
• Technical data — basic request information (IP address, device/browser type) used for security, rate limiting, and diagnostics.

• To search live travel inventory and generate, save, and display your itineraries.
• To process bookings and payments you authorize.
• To create and secure your account and keep your trips available across devices.
• To operate, protect, and improve the Service.
• To respond to support requests and send service-related messages.

Horizon is built on third-party providers. We share only the data needed for each to perform its function, and each handles your data under its own privacy policy:

• Stripe — payment processing.
• Duffel — flight search and booking (we send route, dates, traveler counts, and, at booking, passenger details).
• LiteAPI — hotel rates and bookings.
• Viator — activities and experiences.
• OpenAI — generating your itinerary from the trip parameters you provide. We do not send your name, email, or payment details to OpenAI.
• Supabase — database hosting for your account and saved trips.
• Google and Apple — authentication, if you choose to sign in with them.
• Vercel — application hosting.

We do not sell your personal information.

We use strictly-necessary cookies to keep you signed in and secure your session. We do not use advertising or cross-site tracking cookies.

We keep your account and trip data for as long as your account is active. You can ask us to delete your data at any time (see “Your rights”); some records may be retained where required for legal, tax, or fraud-prevention purposes.

Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, email support@thehorizontravel.com from your account address.

We use industry-standard measures including encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Your information may be processed in the United States and other countries where our providers operate. Where required, we rely on appropriate safeguards for these transfers.

The Service is not directed to children under 16, and we do not knowingly collect their data.

We may update this policy from time to time. Material changes will be reflected by updating the date above and, where appropriate, notifying you.