Legal

Privacy Policy

Last updated: 23 March 2026

This Privacy Policy explains how Tagoora Ltd ("Tagoora", "we", "us", or "our") collects, uses, and protects your personal data when you use our services. This policy applies to:

  • Our marketing website at tagoora.com
  • Our booking platform at bookings.tagoora.com
  • The Tagoora Wallet mobile application

Tagoora Ltd is registered in England and Wales. We are the data controller for personal data collected through these services. This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data We Collect

Website visitors (tagoora.com)

  • IP address and approximate location (country or city level)
  • Browser type, device type, and operating system
  • Pages visited, time on page, and referral source
  • Cookie identifiers (see Section 9)

Buyers (bookings.tagoora.com)

  • Name, email address, and account credentials
  • Profile information you choose to provide
  • Booking details, including experience, date, number of participants, and special requests
  • Payment information (processed by Stripe — we do not store card details)
  • Family and Friends profiles you add for group bookings
  • Communications with suppliers or Tagoora support

Suppliers (Tagoora Wallet mobile app)

  • Name, email address, and account credentials
  • Business name, address, and contact details
  • Bank account or payment details for settlement purposes
  • Experience listings, availability, and pricing you provide
  • Booking records and transaction history
  • Device identifiers and push notification tokens

2. How We Use Your Data

  • To create and manage your account
  • To process bookings and payments
  • To facilitate communication between buyers and suppliers
  • To calculate and process supplier earnings and settlements
  • To send transactional emails (booking confirmations, receipts, updates)
  • To respond to enquiries and provide customer support
  • To improve and personalise our services
  • To detect and prevent fraud or abuse
  • To comply with our legal obligations
  • To send marketing communications, where you have given consent or where we have a legitimate interest and you have not opted out

3. Legal Basis for Processing

Under UK GDPR, we rely on the following legal bases:

  • Contract — processing necessary to fulfil our agreement with you (e.g. processing a booking or settling supplier earnings)
  • Legitimate interests — analytics, fraud prevention, and improving our services, where your interests do not override ours
  • Consent — marketing communications and non-essential cookies, which you may withdraw at any time
  • Legal obligation — where we are required to process data to comply with UK law

4. Who We Share Your Data With

We do not sell your personal data. We share data only where necessary with the following trusted third parties:

  • Stripe — payment processing (buyer payments and supplier payouts)
  • Amazon Web Services (AWS) — cloud infrastructure and data storage
  • Algolia — experience and onboarding search indexing
  • Email and notification providers — for transactional and marketing communications
  • Legal and regulatory authorities — where required by law

All third-party processors are bound by data processing agreements and are required to protect your data in accordance with UK GDPR.

5. International Data Transfers

Some of our third-party service providers operate outside the UK. Where data is transferred internationally, we ensure appropriate safeguards are in place, such as UK-approved standard contractual clauses or adequacy decisions, in accordance with UK GDPR requirements.

6. How Long We Keep Your Data

  • Account data — retained for the duration of your account and for up to 7 years after closure, to comply with financial record-keeping obligations
  • Booking and transaction records — retained for 7 years to meet legal and tax requirements
  • Marketing preferences — retained until you withdraw consent or opt out
  • Analytics data — retained in aggregated or anonymised form

When data is no longer required, it is securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — ask us to correct inaccurate or incomplete data
  • Right to erasure — request deletion of your data, subject to legal obligations
  • Right to restriction — ask us to limit how we use your data in certain circumstances
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@tagoora.com. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted data transmission (HTTPS), access controls, and regular security reviews. No method of transmission over the internet is completely secure, but we take reasonable steps to protect your information.

9. Cookies

We use cookies and similar technologies on tagoora.com and bookings.tagoora.com. Cookies are small text files stored on your device that help us operate and improve our services.

  • Essential cookies — required for the platform to function (e.g. authentication, session management)
  • Analytics cookies — used to understand how visitors use our site, in aggregate
  • Preference cookies — used to remember your settings and choices

You can control non-essential cookies through your browser settings. Disabling certain cookies may affect the functionality of our services.

10. Children's Privacy

Our services are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email. Continued use of our services after changes are published constitutes your acceptance of the updated policy.

12. Contact Us

For any questions about this Privacy Policy or to exercise your rights, please contact our privacy team at privacy@tagoora.com. Tagoora Ltd is the data controller for all personal data collected through our services.

Tagoora
Secure Payments By
Search Powered By

Follow Us

Facebook Instagram X / Twitter YouTube TikTok
©2026 TAGOORA
Tagoora Ltd · Registered in England & Wales