Newsroom
Last Updated: November 27, 2023
Tripadvisor LLC owns and operates an online platform that provides users with information, recommendations and services related to travel and leisure, including tools for researching and/or booking hotels, rentals and other accommodations, attractions and experiences, restaurants, flights, and cruises, among other leisure-related services. In this Statement, we refer to these as our “Services”.
The information that you and others entrust us with enhances our ability to provide more relevant, personalized and helpful Services. We know that sharing your information with us is based on trust. We take your trust in us seriously and are committed to providing you helpful information, products and services, curated based on the information you have shared with us. Equally, and perhaps more importantly, we are committed to respecting your privacy when you visit our website or use our Services and being transparent about how we use the information you have entrusted to us.
This Statement describes how we obtain, use, and process your information – hopefully, in an easily understandable and transparent manner. It informs you of the rights you have, how you can exercise them and how you can contact us. Please review this Statement carefully to learn about our practices with respect to information and privacy. By visiting our websites and related mobile applications, as well as other online platforms such as our affiliated partners’ websites, apps and social media, whether on a computer, phone, tablet, or similar device (each of these is referred to as a “Device”), you acknowledge and confirm that you have read this Statement.
We offer our Services to users in a number of countries and territories where the laws and customs differ. This Statement provides a general overview of our privacy practices. In addition, Sections 12 through 15 of this Statement provide specific information relevant to users residing in certain regions or countries.
When you access or use our Services, we collect and process information from and about you to provide the Services in a more personalized and relevant way. Some information we collect passively, for example, with our servers or with cookies or other similar tracking technologies. Some information we collect from different sources, including from you, affiliated entities, business partners, and other independent third-party sources. When you use our Services by “clicking-through” from a third-party website or when you visit third-party websites via our Services, those third-party websites may share information with us about your use of their service. Any information that we receive from third-party websites may be combined with the information provided by you.
Information processed may include the following:
We may also collect – in instances where you have provided it – information about other travellers or guests, including their email address and other travel, dining or experience-related information. If you are sharing information with us about other individuals, you must obtain their consent and ensure that they have understood and accepted how we will use their personal information (as described in this Statement).
In addition to the categories noted above, we may also collect certain location information if you have instructed your Device to send such information via the privacy settings on that Device, or, for example, if you have uploaded photos tagged with location information.
To the extent possible, we want to provide you with relevant content and a tailored experience when you use our Services, and we use information about you to do that, including in the following ways:
Registration, membership, and other contracts
Improve our Services
Individualization and customization
Communication
Legal Compliance
Please note, if we use automated decision-making to process your personal information, we will implement appropriate measures required to safeguard your rights and freedoms including your right to obtain human intervention.
In order to provide some of our Services and processing activities, we use service providers and may need to share information with these service providers and certain other third parties, including our group of companies, in the following circumstances:
Certain Device operating system versions permit you to opt out of certain types of information sharing, including to certain advertising networks. You can change the privacy settings of your Device at any time in order to turn off the functionality that collects and shares location information. Please check your Device settings if you want to limit such tracking However, turning off location-sharing may affect certain features that we offer. If you have any questions about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help.
We also may share your information if we believe, in our sole discretion, that such disclosure is necessary:
You have options with respect to the processing and use of your information by us. You can access, update, and even close your account by visiting the “Member Profile” section on our website or app. In addition, you can do the following:
Our Services are not intended for children, which we consider to be: (i) individuals that are 13 years of age or under, or the age of privacy consent in your jurisdiction; or (ii) when processing data on the basis of a contract, the age of legal capacity to enter into the agreement.
We will only collect or process information belonging to children under very limited circumstances. We might need to collect personal information belonging to children as part of our Service if, for example, the personal information is required as part of a travel-related reservation. We will only collect personal information belonging to children if it is provided by and with consent of a parent or guardian. If we become aware that we have processed the personal information of a child without the valid consent of a parent or guardian, we will delete the personal information.
We offer our Services to users located in many different jurisdictions. If we transfer your information to other countries, we will use and protect that information as described in this Statement and in accordance with applicable law.
We have implemented appropriate administrative, technical, and physical security procedures to help protect your information. We only authorize specific personnel to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.
We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise, or defend any legal rights.
We want your access to our Services to be as easy, efficient, and useful as possible. To help us do this, we use cookies and similar technologies to improve your experience, to enhance website security, and to show you relevant advertising.
Cookies are small text files that are automatically placed on your Device when you visit almost any website. They are stored by your internet browser and contain basic information about your internet use. Your browser sends the information from these cookies back to a website every time you revisit it, so it can recognize your Device and improve your experience by, among other things, providing you with personalized content. We also use other tracking technologies, such as pixel, SDKs, or server logs, that have a similar functionality. We also use cookies and tracking technologies to remember your login details, so you don’t have to re-enter them repeatedly when you use our Services or to help us understand your preferences.
To give you control, we provide you with a Cookie Consent Tool which allows you to adjust and customize your cookie settings. You can access the Cookie Consent Tool by clicking the “Cookie consent” link at the bottom of every page and modify your preferences in our cookie banner. In addition, you can manage cookies through the settings of your internet browser. You have the right to withdraw your consent to cookies at any time by clicking on the “Cookie consent” link and modifying and saving your preferences. In the settings of your Internet browser, you can choose which cookies to accept and reject.
We allow third parties to collect and use information obtained during your browsing activities in order to deliver tailored advertisements to you. These parties are listed in our Cookie Consent tool where we provide you with their details and links to their privacy notices.
When you enter your email address on our website (either to log in, or to sign up to a newsletter, or similar) or when you use our app, we may share personal data or other information that we collect from you, such as your email (in hashed, pseudonymous form), mobile advertising identifier, IP address, or information about your browser or operating system, with our advertising partners, like LiveRamp and the Trade Desk and their group companies, acting as joint controllers. LiveRamp and the Trade Desk use this information to create an online identification code for the purpose of recognising you on your devices. The online identification code does not contain any of your identifiable personal data and will not be used by LiveRamp or the Trade Desk to re-identify you. We place the online identification code in our first-party cookie, a LiveRamp or the Trade Desk cookie, and allow it to be used for online and cross-channel advertising. It may be shared with our advertising partners and other third-party advertising companies globally for the purpose of enabling interest-based content or targeted advertising throughout your online experience (e.g. web, email, connected devices, and in-app, etc). These third parties may, in turn, use the online identification code link to demographic or interest-based information that you have provided in your interactions with them. You can find detailed information on LiveRamp’s data processing activities, including how to opt-out in their privacy here and for the LiveRamp privacy policy with other available country links here. You can also learn more about how Trade Desk uses unique identifiers, your rights, and how to contact them here.
Most advertising networks offer you a way to opt out of advertising cookies. See www.aboutads.info/choices/ and www.youronlinechoices.com for useful information on how to do this.
If you decline certain cookies, your access to some functionality and areas of our Services might be degraded or restricted.
Our use of any information we collect through cookies is subject to this Statement, which is linked on every page of our website.
We may update this Statement in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Statement on the website. We will note at the top of this Statement when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Statement for the latest information on our privacy practices.
This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Statement; however, where the Statement conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons located in the EEA.
Tripadvisor LLC is the controller of personal information we collect; however, in accordance with applicable data privacy law, we have appointed representatives within the European Union and United Kingdom.
The contact details of our European Union representative are:
Tripadvisor Ireland Limited
C/O Matheson
70 Sir John Rogerson's Quay
Dublin 2
D02 R296
Ireland
The contact details of our United Kingdom representative are:
Tripadvisor Limited
7 Soho Square
London
W1D 3QB
United Kingdom
Attn: Privacy Officer
Tripadvisor Ireland Limited and Tripadvisor Limited’s roles in this respect are limited solely to being a contact point for questions on data protection from European (including UK) residents and data protection supervisory authorities. For the avoidance of doubt, neither Tripadvisor Ireland Limited nor Tripadvisor Limited can field other communications or legal process on behalf of Tripadvisor LLC.
You have certain rights regarding your personal information.
Your rights with respect to your own personal information include the following:
You will not usually have to pay a fee to access your personal information (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). To the extent you use a third party to submit a data request on your behalf, we may need to take reasonable steps to verify the authenticity of the request. These are security measures to ensure that personal information is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request by clicking here.
We will only use your personal information under the circumstances permitted by the law or you.
Pursuant to GDPR, we will use your personal information in one or more of the following circumstances:
			 Information Uses 			 | 						 Information Processing Legal Basis 			 | 		
			 Registration, membership and other contracts 			 | 						 Where we need to perform the contract we are about to enter into or have entered into with you. 			 | 		
			 Improve our Services and customization 						 | 						 Where it is necessary for our legitimate interests (or those of a third party) to provide or improve Services, including our interest to provide you improved and personalized Services, and where your interests and fundamental rights do not override those interests. 			 | 		
			 Communication 						 | 						 Where you are a registered member, the information uses might be required to perform the contract with you. 			Where it is necessary for our legitimate interests (or those of a third party) to communicate with you and your interests and fundamental rights do not override those interests. 			Where we need your consent for the information use, we will seek your prior consent. 			 | 		
			 Legal Compliance 			 | 						 Where it is necessary to meet our legal obligations. 			 | 		
Your personal information may be stored or transferred to countries outside the EEA and the UK for the purposes described in this Statement. When we store or transfer your personal information outside the EEA and the UK, we take the following precautions to ensure that your personal information is properly protected.
Whenever we store or transfer your personal information outside the EEA and the UK, we will do so in accordance with applicable law, and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal information are made:
By using our Services, you understand that your personal information may be transferred to our facilities and those third parties with whom we share it, as described in this Statement.
In addition to the further details as described in the Statement, we make the following disclosures:
This California Privacy Statement is provided pursuant to California laws. It applies to California residents and supplements our overall Statement with additional disclosures and rights.
Your California Rights
California residents are permitted one time each year to request certain details about how their personal information is shared with third parties for their direct marketing purposes. To make a request, please submit a request, or write to us at the address listed below. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.
California residents may also take advantage of the following rights:
To take advantage of any of these rights, please contact us via our dedicated privacy portal by clicking here or writing to us at Tripadvisor LLC: 400 First Avenue, Needham, Massachusetts, 02494, USA. California residents may designate an authorized agent to make a request on their behalf. When submitting the request, please ensure the authorized agent is identified as an authorized agent. We may need to verify your identity or elements of the request to enable us to process your request. We will take reasonable steps to verify your identity; these verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us. We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. We value your privacy and will not discriminate against California residents in response to your exercise of privacy rights.
This Multi-State Privacy Statement is provided pursuant to applicable state laws and applies to Virginia, Connecticut, and Colorado residents, and supplements our overall Statement with additional disclosures and rights.
If you are a resident of Virginia, Connecticut, or Colorado you may take advantage of the following rights in accordance with applicable law:
To take advantage of any of these rights, please contact us via our dedicated privacy portal by clicking here or in writing at Tripadvisor LLC: 400 First Avenue, Needham, Massachusetts, 02494, USA. Note that Connecticut and Colorado residents may designate an authorized agent to request on their behalf that we stop selling or processing their personal information for targeted advertising purposes. We will take reasonable steps to authenticate your identity prior to responding to your requests. The authentication process will vary depending on the sensitivity of the personal information and whether you have an account with us. We will use commercially reasonable efforts to authenticate the identity of authorized agents and their authority to submit requests on your behalf.
We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations. You have the right to submit an appeal if you are not satisfied with the outcome of your request by submitting a request here.
This Korea Statement applies to persons in the Republic of Korea. This Korea Statement supplements our Statement; however, where the Statement conflicts with the Korea Statement, the Korea Statement will prevail as to persons in Korea.
We process the personal data we have collected for the purposes set forth below. We will retain your personal data in accordance with the Statement and as described in further detail below.
			 Type of personal data 			 | 						 Purpose and use 			 | 						 Retention period 			 | 		
			 Contact information, including email address, name, username (Mandatory) 			 | 						
| 						 We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights. 			 | 		
			 Contact information, including postal address, telephone number (Optional) 			 | 		||
			 User submitted content (to the extent that it contains personally identifiable attributes) (Mandatory) 			 | 						
| 		|
			 IP and/or browser/device data (Mandatory) 			 | 						
| 		|
			 Email user subscription preferences, including unsubscribe status (Mandatory) 			 | 						
| 		|
			 Session and location data and online activity (such as content viewed, how you interacted with our website(s), pages visited, searches and/or reservations facilitated or made) (Mandatory) 			 | 						
| 						 			 | 		
			 Location data (Optional) 			 | 						
| 						 			 | 		
You have certain rights regarding your personal data. Your rights with respect to your own personal data include those under the Statement and the following:
Tripadvisor is a general audience site and does not offer services directed to minors. We do not knowingly collect data relating to minors. If a person whom we know is under 14 years of age sends us personal data, we will delete or destroy this information as soon as reasonably possible.
We may share information with third parties, such as those listed below, in order to facilitate some of our Services and products. There may also be legal reasons for which we have to share your personal data. Some of our Services and products require that we share information with the third parties listed below. There may also be legal reasons that we have to share your personal data.
To efficiently provide our Services to you, we have delegated certain processing functions as described below to the third parties listed below. We will obtain your consent when you provide your information and delegate processing to such third parties pursuant to the agreements in place with such third parties.
Your personal data may be stored or transferred to countries outside Korea for the purposes described in this Statement. When we store or transfer your personal data outside Korea, we will notify you and request your consent unless such transfer is being made for the purpose of performing the services requested by you and to further your convenience.
			 Third Party Details 			 | 						 Purpose and Use 			 | 						 Shared/Transferred Personal Data 			 | 						 Retention period 			 | 		
			 Salesforce.com, Inc. 			USA 			Salesforce Data Protection Officer (Salesforce Privacy Team) 			415 Mission St., 3rd Floor 			San Francisco, CA 94105, USA 			 | 						
| 						 (Mandatory) 			
| 						 We will retain copies of your information for as long as you maintain your account or as necessary in connection with the purposes set out in this Statement, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights. 			 | 		
			 (Optional) 			
| 		|||
			 Zendesk, Inc. 			USA 			Zendesk’s European Representative: 			Zendesk International Ltd 			Attn: AGC, EMEA & Global Privacy Counsel 			55 Charlemont Place, Saint Kevin’s, Dublin, D02 F985 Ireland 			privacy@zendesk.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			Contact information, including postal address, telephone number 			 | 		|||
			 Amazon Web Services, Inc. 			USA 			AWS Korea Privacy 			Email: aws-korea-privacy@amazon.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 Snowflake Computing, Inc. 			USA 			privacy@snowflake.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 Google LLC 			USA 			Chief Privacy Officer 			Google LLC 			Google Data Protection Office 			1600 Amphitheatre Parkway 			Mountain View, California 94043 			https://support.google.com/policies/troubleshooter/7575787?visit_id=637109041821835307-4099556209&rd=2 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 SYNNEX-Concentrix UK Limited 			United Kingdom 			DPO@concentrix.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 OneTrust, LLC 			USA 			OneTrust, LLC 			1200 Abernathy Road 			Atlanta, GA 30328 			United States 			dpo@onetrust.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 Tableau Software, Inc. 			USA 			Tableau Software, Inc., Attn: Tableau Legal, 1621 N 34th St., Seattle, Washington 98103 			privacy@tableau.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
| 		|||
			 Twilio, Inc. 			USA 			375 Beale Street, Suite 300, San Francisco, CA 94105 			Office of the Data Protection Officer 			privacy@twilio.com 			 | 						
| 						 (Mandatory) 			
| 		|
			 (Optional) 			
			 | 		
We want you to feel confident about using our Services so we are committed to protecting the information we collect. We have implemented the following administrative, technical, and physical security procedures to help protect the personal information that you provide us.
We will destroy or delete your data when the data retention period has lapsed, when you no longer maintain your account or if the purpose of data collection has been achieved.
The procedure and method of destruction and deletion is as follows:
You can exercise several of your rights through the personal information section of your account. To exercise your other rights, you can file a request by clicking here, or you can contact our representative in Korea, who has been appointed in accordance with the applicable Korean law for the purpose of handling personal data protection questions or requests in Korea.
The contact details of our representative are:
LAB Partners (Managing Partner: Young Hee Jo)
Tel: 02-6956-6311
Email: tripadvisor@labpartners.co.kr
Address: 8th Floor, VPLEX, 501 Teheran-ro, Gangnam-gu, Seoul, Korea 06168
LAB Partner’s role in this respect is limited solely to being a contact point for questions or requests on personal data protection from persons in Korea and data protection supervisory authorities. For the avoidance of doubt, LAB Partners cannot field other communications or legal process on behalf of Tripadvisor LLC.
This LGPD Statement is applicable whenever you access our website and application provided in Brazil. This LGPD Statement supplements our Statement; however, where the Statement conflicts with the LGPD Statement, the LGPD Statement will prevail as to persons in Brazil.
This LGPD Statement is intended to help you understand what information is collected, why we collect it, whether we share it, and with whom. In addition, this LGPD Statement is intended to inform you of your rights in connection with this information and how to exercise them.
Tripadvisor LLC is the data controller of personal information we collect; however, in accordance with applicable Brazilian data privacy law, we have appointed a Data Protection Officer (“DPO”) in Brazil:
Opice Blum, Bruno e Vainzof Advogados Associados
tripadvisor@opiceblum.com.br
We will only use your personal data when the law allows us.
Pursuant to LGPD, we may use your personal information in one of or more of the following circumstances:
You have the following rights relating to your services:
You may exercise these rights directly on our website and application, for example by editing your registration information directly in your member profile. You can also submit a request directly on our privacy portal by clicking here.
You may also contact our DPO, whose contact details are made available at the beginning of this LGPD Statement.
You will not have to pay fees to access your personal information (or to exercise any of the other rights described in this LGPD Statement).
We may need to request specific information from you to confirm your identity and secure your right to access your personal information (or exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to anyone who does not have the right to receive it. In an effort to speed up our response, we may also contact you to request more information regarding your request.
In specific cases, your request may not be fulfilled. In these cases, we will explain the justifications for our refusal. For example, requests involving personal information and/or documents of other individuals will not be shared so as to protect the privacy of those individuals unless permitted by applicable law.
In the case of request for deletion, we may keep your personal information if there is a legal basis that authorises us to do so, as in the case of mandatory storage for a minimum period determined by applicable laws.
We may share information with third parties in order to facilitate some of our services and products. There may also be legal reasons that we have to share your personal information. Some of our services and products require that we share information with third parties. There may also be legal reasons that we have to share your personal information.
To efficiently provide our Services to you, we have delegated certain processing functions to third parties. Please see “Information Sharing” section above for more information.
Your personal information may be stored or transferred to countries outside Brazil for the purposes described in this Statement. Such transfers are generally made for the purpose of performing the Services made available to you and are made in accordance with any applicable legal requirements, including with the relevant safeguards and security.
We have implemented the following administrative, technical, and physical security procedures to help protect your personal information.
We may retain your information if it is necessary to comply with a legal or regulatory obligation or for our legitimate interests in connection with the purposes set out in this Statement. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.
The procedure and method of destruction and exclusion are as follows:
Previous version: https://tripadvisor.mediaroom.com/privacy-policy-2022-hken