Privacy Policy

Effective date: 5 July 2026

In short: Korea Travel For You works without accounts and without tracking cookies. Your saved itineraries and settings live in your own browser, not on our servers. Your trip inputs are sent to our AI and map providers only to generate your itinerary. We only receive your email address if you type it in and tick the consent box — we currently show no ads, and the only analytics is a cookieless page-view counter. Optional Google Analytics would only ever run after you explicitly accept it.

1. Who we are

Korea Travel For You ("we", "our") operates the website koreatravelforyou.com, an AI-powered travel planner for trips to South Korea. For any privacy question or request, contact us at contact@koreatravelforyou.com.

2. What we process, and where it goes

2.1 Trip planning inputs

When you generate an itinerary, the details you enter (destination, departure city, trip length, optional companion and pace preferences, interface language) are sent to our server, which forwards them to Anthropic (the AI provider) to draft your itinerary. Map locations from the result are also sent to Kakao (place details) and ODsay (public-transit routes) to enrich the plan. These inputs are used solely to produce your itinerary. We do not store them in any database of our own.

2.2 Data stored on your device (localStorage)

To keep the site fast and light to operate, we keep the following in your browser's localStorage only — it never leaves your device unless you regenerate a trip:

This is functional storage, not tracking. You can clear it at any time via your browser settings; the site keeps working.

2.3 Email address (optional, consent-based)

If the email option is available and you both enter your address and actively tick the consent checkbox, we relay your address to our mailing-list provider to send you travel tips. We do not keep a copy on our own servers. Consent is never pre-ticked, and every email we send will include an unsubscribe link. If you do not tick the box, your PDF downloads work exactly the same and no email is collected.

2.4 Server logs and rate limiting

Our serverless functions read your IP address transiently in memory to enforce fair-use rate limits (protecting the service from abuse). We do not write IP addresses to a database. Our hosting provider, Vercel, generates standard infrastructure logs (IP address, request time, user agent) retained for a short period for security and operations.

2.5 What we do not do

3. Third-party services

Loading and using the site involves these processors, each receiving only what is technically necessary (typically your IP address and the specific request):

ServicePurposeWhat it receives
Vercel Inc. (USA)Hosting, CDN, serverless functionsStandard request logs (IP, user agent)
Anthropic PBC (USA)AI itinerary generationYour trip inputs (relayed via our server)
Kakao Corp. (KR)Place details (address, phone)Place coordinates/keywords (relayed via our server)
ODsay LAB (KR)Public-transit routesRoute coordinates (relayed via our server)
Google Fonts (USA)Web font deliveryYour IP address on font download
Cloudflare cdnjs (USA)Map/PDF JavaScript librariesYour IP address on script download
CARTO / OpenStreetMapMap tilesYour IP address and viewed map area
Frankfurter (ECB data)Currency exchange ratesYour IP address on the rate request
Vercel Web AnalyticsAnonymous, cookieless page-view countsAnonymised request data; no cookies, no cross-site identifiers
Google LLC (USA) — optionalGoogle Analytics 4 (only after your consent)Usage events with IP anonymisation; nothing loads if you decline

Some of these providers are located outside your country (notably in the United States and South Korea). Where GDPR applies, transfers rely on safeguards such as the EU–US Data Privacy Framework or Standard Contractual Clauses maintained by those providers.

4. Advertising (future)

We plan to fund the site with Google AdSense. Before any advertising cookies or personalised ads are activated for visitors in the EEA, UK or Switzerland, we will show a Google-certified consent banner (CMP) and honour your choice; visitors elsewhere will see clearly labelled ads. This policy will be updated when advertising goes live. Some outbound links are affiliate links — see our Affiliate Disclosure; these links do not transmit personal data from our site beyond the standard referral URL.

5. Legal bases (GDPR)

6. Retention

We keep no personal data on our own systems beyond the transient in-memory processing described above. Data in your browser's localStorage stays until you clear it (itineraries are capped at your 20 most recent). Mailing-list data is retained by the mailing provider until you unsubscribe or ask us to delete it.

7. Your rights

Depending on where you live, you have rights under the EU/UK GDPR, the California CCPA/CPRA, South Korea's Personal Information Protection Act (개인정보 보호법), Japan's Act on the Protection of Personal Information (個人情報保護法, APPI), or similar laws. These typically include the right to access, correct, delete, or receive a copy of your personal information, to object to or restrict processing, to withdraw consent, and to not be discriminated against for exercising these rights.

Because we store almost nothing about you, most requests are satisfied by clearing your browser storage or unsubscribing from emails — but you can always write to contact@koreatravelforyou.com and we will act on your request within the legally required time (e.g., 30 days under GDPR, 45 days under CCPA). You also have the right to lodge a complaint with your local supervisory authority (e.g., your EU data-protection authority, the California AG, Korea's PIPC, or Japan's PPC).

8. Children

The service is not directed at children under 13 (or the higher age of consent in your jurisdiction, e.g. under 16 in parts of the EEA), and we do not knowingly collect personal information from them. If you believe a child has provided us an email address, contact us and we will delete it.

9. Security

All traffic is encrypted with HTTPS/TLS. API keys for third-party services are kept server-side and never exposed to your browser. Our functions apply strict input validation and security headers (CSP, HSTS, X-Frame-Options).

10. Changes to this policy

We will post any changes on this page with a new effective date. Material changes (such as activating advertising or analytics) will be highlighted on the site.

11. Contact

Korea Travel For You — contact@koreatravelforyou.com

This policy is provided in English; if translated versions are ever offered, the English text prevails.

HomeGuidesBlogPrivacyTermsAffiliate Disclosure© 2026 Korea Travel For You