Privacy Policy

Warisan Nusantara ("we", "us", "our") respects your privacy. This policy explains what data we collect, why, how long we keep it, and the rights you have over it. We have written this in plain language because legal jargon helps no one. If anything is unclear, email us at privacy@warisannusantara.com and a human will respond.

We collect four categories of data, and only the minimum needed to run the service: **1. Account data (only if you sign in):** Your name, email, profile photo, and OAuth provider ID (Google). Stored in Appwrite, encrypted at rest. You can delete your account at any time from /account/settings. **2. Usage data (local to your device):** Your favorites, ratings, reviews, visited destinations, and saved trips are stored either in Appwrite (if signed in) or in your browser's localStorage (if not signed in). We do not use third-party tracking cookies. **3. Content you create:** Reviews, ratings, comments, and uploaded photos. Linked to your account, deletable by you, never shared without consent. **4. Server logs:** IP address, browser type, page requested, timestamp. Retained for 30 days for security and debugging. We do not sell logs, do not share them with advertisers, and do not use them to profile you.

We use the minimum cookies possible: - **Authentication cookie** (1 cookie, httpOnly, secure, signed): identifies you to the admin panel. Required for the service. - **Session cookie** for the Appwrite SDK: keeps you signed in. Required for the service. - **No third-party tracking cookies.** No Facebook Pixel, Google Analytics, or advertising cookies. You can refuse non-essential cookies in our consent banner, but the service will not work without the authentication cookie.

We share data only with the following processors, all of whom are GDPR-compliant: - **Appwrite** (Hetzner, Germany) — auth, favorites, ratings, reviews - **Backblaze B2** (US, EU regions available) — media files only, no personal data - **OpenRouter** (US) — only if you use the AI trip planner. Your trip preferences are sent to OpenRouter to generate a recommendation. We do not log your queries. - **Booking.com, Agoda, Klook** — only when you click through to book. They set their own cookies once you leave our site. - **Plausible Analytics** (self-hosted on EU infrastructure) — if enabled. Cookieless, no personal data, no IP storage. We do not sell, rent, or share your data with data brokers, advertising networks, or social media companies.

Regardless of where you live, you have these rights: - **Access** — Request a copy of all data we hold about you - **Rectification** — Correct inaccurate data - **Erasure** — Delete your account and all associated data - **Portability** — Export your reviews, favorites, and trips as JSON - **Object** — Object to processing (e.g. for marketing) - **Restrict** — Limit how we process your data - **Withdraw consent** — For newsletter, marketing, AI trip planner To exercise any right, email privacy@warisannusantara.com or use the controls in /account/settings. We respond within 30 days.

Our service is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect data from children. If you believe a child has created an account, email privacy@warisannusantara.com and we will delete it within 7 days.

We use servers in Germany (Appwrite), the EU and US (Backblaze B2), and the US (Dokploy hosting). For users in the EU/EEA/UK, we rely on Standard Contractual Clauses for any data transfer outside the EU. You can request a copy of these clauses by emailing privacy@warisannusantara.com.

We use industry-standard security measures: TLS 1.3 in transit, AES-256 at rest, httpOnly cookies, JWT signing, role-based access control, and regular backups. No system is 100% secure; if we discover a breach affecting your data, we will notify you within 72 hours. See our security.txt for how to report a vulnerability.

We keep data only as long as needed: - **Account data** — until you delete your account, then deleted within 30 days - **Reviews and ratings** — until you delete them, or when you delete your account - **Server logs** — 30 days, then automatically deleted - **Backups** — 90 days rolling, then overwritten - **Newsletter data** — until you unsubscribe, then removed within 7 days We do not retain data "just in case". If you stop using the service, your data goes away on the schedule above.

Some links on our site are affiliate links. If you book a hotel through Booking.com via our link, or a tour through Klook, we may earn a small commission. This costs you nothing extra, and is how we keep the site free. We only recommend services we would use ourselves, and we never accept payment for positive coverage. See our full affiliate disclosure.

We will notify you by email (if you have an account) and by a banner on the home page at least 30 days before any material change. The "last updated" date at the top reflects when this version took effect.

For privacy questions, data requests, or complaints: - **Email:** privacy@warisannusantara.com - **Data Protection Officer:** dpo@warisannusantara.com - **Postal:** Warisan Nusantara, Jakarta, Indonesia If you are in the EU and believe we have not handled your data properly, you have the right to lodge a complaint with your local data protection authority.