Privacy Policy and Cookie Notice

Please read this Privacy Policy carefully before using our Website or submitting any personal information.

Last updated: June 9, 2026

Infinity Web Solutions LLC, a California limited liability company doing business as Infinity Travels, is referred to in this Privacy Policy as “Infinity Travels", "we," "us," or "our." We are committed to respecting your privacy and protecting your personal information. In support of our commitment, we developed this privacy policy (together with our Cookie Notice and Controls, collectively, "Privacy Policy") in order to be transparent about how we collect, use, disclose and safeguard your (and/or the members of your group/traveling party’s) personal information submitted by you at https://infinitytravels.com ("Website"), as well as any sub-domains and affiliated sites, or any other media form, media channel (including, without limitation, email), mobile website, mobile application, or call center, related or connected there to our Website, regardless of whether they directly display or link to this Privacy Policy (individually, a "connected service", and collectively, "connected services").

This Privacy Policy applies to the following:

All connected services relating to Infinity Travels, including all information collected through our connected services.
Information collected by us (or on our behalf) but excluding instances where your information is collected under a different Privacy Policy or notice made available to you at the time your information is collected.
Information shared with us by third parties for our own use, as well as publicly available information collected by us.

The collection, use, and disclosure (collectively, "processing") of information described in this Privacy Policy is controlled by Infinity Travels. If you have any questions or concerns about this Privacy Policy or our practices with regard to the information processed under this notice, please contact us using the contact information and methods provided under How To Contact Us below. By using the Website, you are accepting the practices described in this Privacy Policy. These practices may be changed from time to time, but any changes will be posted to our website, and we will take the appropriate steps to inform you consistently of the significance of the changes, in accordance with applicable law. As it deems necessary, Infinity Travels reserves the right to amend or make revisions to this Privacy Policy at any time and for any reason in its sole discretion. You can see the date the policy was last updated by looking at the "Last updated" date shown at the beginning of this Privacy Policy document. You are encouraged to review the Privacy Policy whenever you visit the site to make sure that you understand how any personal information you provide will be used. Your continued use of our services (including, without limitation, using our Website or submitting any personal information) after any changes to the Privacy Policy constitutes your consent to said changes.

Note: The privacy practices set forth in this Privacy Policy are for this Website only. If you link to or utilize other websites, you must review the privacy policies posted at those sites.

Individuals with Disabilities
If you have a disability and need access to our Privacy Policy in a different format, please email us at support@infinitytravels.com. We will make every attempt to assist you.

Information We Process
We collect information that can be used to identify or contact a particular person (we refer to this type of data as "personal information"). Personal information includes information that does not directly identify you by name or include your contact information, but which may be used to identify that a specific computer or device has accessed our connected services, and which, if combined with certain other information, could be used to identify you. We collect personal information when you provide it to us directly (e.g., when you submit a contact form through our connected services); when generated by your activity on our connected services (e.g., the amount of time spent on a particular page of our Website); and when shared with us by our business partners (e.g., email marketing vendors or collected from other sources (e.g., publicly-available sources).

Information You Give To Us
We collect personal information that you provide to us, such as name, address, contact information, passwords and security data, and payment information. You may visit our connected services without submitting any information about yourself. However, we do collect personal information that you voluntarily provide to us when registering with us, expressing an interest in obtaining information about us, when engaging with us, or otherwise contacting us or utilizing our connected services. This includes:

Registering an account as one of our members, a family member of a member, or a guest of a member.
Requesting our communications.
Participating in one of our events.
Purchasing products or services from us.
Participating in member profiles and directories, apps, message boards, chat rooms, surveys, or other connected services where registration is required.
Communicating by any other means with us.

The personal information that we collect depends on the context of your interactions with us, the choices you make, and the products and features you use. The personal information we collect can include the following:

Name and Contact Data. We may collect your first and last name, email address, postal address, phone number, and other similar contact data.
Biographical Data. We may collect your birthday, country of citizenship, name, and contact data for your emergency contact.
Proof of Identity Data. We may collect information from identification documents such as a driver’s license and/or passport.
Credentials. We may collect passwords, password hints, and similar security information used for authentication and account access. We reserve the right to remove, reclaim, or change a username you select if we determine, in our sole discretion, that such username is inappropriate, obscene, or otherwise objectionable
Photos. We may collect profile photos and other pictures and videos you share with us.
Social Media Handles and Account Information. We may collect third-party social media handles and account information that you choose to share with us, such as LinkedIn, YouTube, Facebook, Instagram, and Twitter account names and profile data.
Event Data. We may collect information regarding the events in which you participate.
Health and Insurance Data. We may collect health information, including physical and/or mental disabilities, pre-existing medical conditions, and dietary restrictions or allergies, in addition to information regarding insurance policies.
Payment Data. We may collect data necessary to process your payment if you make purchases or donations, such as your payment instrument number (such as a credit card number) and the security code associated with your payment instrument. All payment data is stored by our payment processor, and you should review its privacy policies and contact the payment processor directly to respond to your questions.

In addition, the terms herein apply if you provide us with any personal information of the members of a group you are traveling with. It is your responsibility to ensure that they are aware that you have done so, and that they accept how we use and process their information. ALL PERSONAL INFORMATION THAT YOU PROVIDE TO US MUST BE TRUE, COMPLETE, AND ACCURATE, AND YOU MUST NOTIFY US OF ANY CHANGES TO SUCH PERSONAL INFORMATION.

Information We Collect Automatically
Some information – such as IP address and/or browser and device characteristics and device geolocation data – is collected automatically when you visit our connected services. We use cookies and similar technologies on our connected services that automatically receive and track certain data about how you and other visitors interact with our connected services, preferences expressed, and chosen settings. For example, we may collect information about your device (such as your device and browser type, operating system, IP address, mobile network carrier, and device and advertising identifiers), and your use of our connected services (such as access dates and times, online features or pages viewed, system activity and the third-party site or service you were using before interacting with our connected services). In some cases, we do this through the use of cookies, pixel tags, local storage, statistical identifiers, software development kits, and similar technologies that create and maintain unique identifiers.

PLEASE SEE OUR COOKIE NOTICE AND CONTROLS TO LEARN MORE ABOUT OUR USE OF COOKIES AND SIMILAR TECHNOLOGIES, THE TYPES OF DATA COLLECTED THROUGH THESE TECHNOLOGIES, AND YOUR CHOICES REGARDING THEIR USE ON OUR ONLINE SERVICES.

Information Collected From Other Sources
We may obtain information about you from other sources, such as public databases, marketing partners, event organizers, and other third parties. Examples of the information we receive from other sources include social media profile information and registration information submitted to third-party event sponsors and organizers.

Combining Information
Where permitted by law, we may combine the personal information you provide to us through our connected services with information we collect through other connected services, information collected offline, and information provided to us by third parties. Where permitted by law and feasible, we may also combine your personal information with data collected automatically through your use of our connected services, in which case we will treat any information that is combined or associated with your personal information as personal information for as long as it can reasonably be linked with your personal information. We use this consolidated information to improve our connected services and products and service offerings, enhance our marketing and research activities, communicate information to you, and for any other legitimate purpose described in this Privacy Policy.

How We Use Your Information
We process your information for a variety of legitimate business purposes described below, such as providing access to and securing your account, organizing and administering events, contacting you, and other operational purposes.

We use your personal information for a variety of legitimate business purposes, including the following:

To facilitate account creation and the logon process, and administer user accounts. We use your registration information and information collected automatically through cookies and similar technologies to create, administer, and provide you with access to your account. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes to fulfill our obligations under an agreement with you. In other cases, we process your information for these purposes based on our legitimate interest in providing members with a forum and mechanism to connect.
To supplement account profiles and sharing. If you choose to link your account with us to a third-party account, such as your Google or Facebook account, we use the information you allowed us to collect from those third parties to supplement your profile information and to enable you to easily share information with others on the applicable third-party services. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes based on our legitimate interest in enhancing our products and services.
To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time (see Your Privacy Rights below). In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes based on our legitimate interest in direct marketing.
To send administrative information to you. We may use your personal information to send you products, services, and new feature information, and/or information about changes to our terms, conditions, and policies. In some cases, we process your information for these purposes to fulfill our obligations under an agreement with you. In other cases, we process your information for these purposes based on our legitimate interest in providing you with relevant information about our products, services, and events.
To send periodic emails. The email address you provide for order processing will be used to send you information and updates pertaining to your order. It may also be used to respond to your inquiries, and/or other requests or questions. If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, related product or service information, etc. If at any time you would like to unsubscribe from receiving future emails, we include detailed instructions to do so at the bottom of each email, or you may contact us via our Website and/or mobile application.
Administer events. We may use your information to administer events when you elect to participate in events. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes to fulfill our obligations under an agreement with you, such as a registration agreement. In other cases, we process your information for these purposes based on our legitimate interest in facilitating events.
Request feedback. We may use your information to request feedback and to contact you about your use of our connected services. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes based on our legitimate interest in product, service, and event development.
To protect our connected services. We may use your information as part of our efforts to keep our connected services safe and secure (for example, for fraud monitoring and prevention). We process your information for these purposes based on our legitimate interest in preventing fraud and securing our connected services and information.
To enforce our terms, conditions, and policies. In some cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement or membership agreement. In other cases, we process your information for these purposes based on our legitimate interest in ensuring network and information security and preventing fraud. In other cases, we process your information for these purposes to comply with or enforce our rights under applicable law.
To receive and issue payments. In some cases, we process your information for these purposes to fulfill our obligations under an agreement with you. In other cases, we process your information for these purposes based on our legitimate interest in debt collection and facilitating payments.
To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond. In some cases, we process your information for these purposes based on our legitimate interest in complying with applicable laws and preventing harm. In other cases, we process your information for these purposes to comply with or enforce our rights under applicable law.
For the purposes identified in our Cookie Notice and Controls. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes based on our legitimate interests in performing connected service analytics, product development, direct marketing, understanding user preferences, and securing our connected services. In other cases, we process your information for these purposes to comply with or enforce our rights under applicable law.
For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our ventures, products, services, marketing, and your experience. In some cases, we process your information for these purposes pursuant to your consent. In other cases, we process your information for these purposes based on our legitimate interests in performing connected service analytics, product development, direct marketing, and understanding user preferences. We may generate aggregate or de-identified data that does not contain your personally identifiable information. We are not restricted in how we use or share such aggregated or de-identified data.

How We Share Your Information
We share information with our affiliates, service providers, marketing partners, business partners, with other members or users of our connected services, in the event of a business transfer, and for legal purposes.

We may share or otherwise disclose your personal information with/to the categories of recipients identified below for the following purposes:

Infinity Travels and Our Affiliates. Any information collected by Infinity Travels will be shared with other Affiliates of Infinity Travels to jointly engage in the activities described in this Privacy Policy and otherwise provide you with our travel-related products and services. We may also share your information with our other affiliates, in which case we will require those affiliates to honor this Privacy Policy. "Affiliates" include any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us. In some cases, we share your information for these purposes pursuant to your consent. In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement or membership agreement. In other cases, we share your information for these purposes based on our legitimate interest in supporting our internal administrative operations.
Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to provide such services. Examples include payment processing, data analysis, email delivery, hosting services, customer service, and marketing efforts. We may allow selected third parties to use tracking technology on the connected services, which will enable them to collect data about how you interact with the connected services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, and better understand online activity. In some cases, we share your information for these purposes pursuant to your consent. In other cases, we share your information for these purposes to fulfill our obligations under an agreement with you. In other cases, we share your information for these purposes based on our legitimate interest in supporting our operational activities.
Third-Party Advertisers. We may use third-party advertising companies to serve ads when you visit our connected services. These companies may use information about your visits to our connected services and other websites that are contained in or generated by cookies and similar technologies to provide advertisements about goods and services of interest to you. Please see our Cookie Notice and Controls below for additional information. In some cases, we share your information for these purposes pursuant to your consent. In other cases, we share your information for these purposes based on our legitimate interest in marketing and improving our products, services, and events.
Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions. If we offer products, services, events, or content on a ‘co-branded’ basis, you may see both our logo and the logo of the co-branded partner. To access, use, or participate in co-branded products, services, events, or content, you may have to provide certain requested information, which may be shared with our co-branded partners. You should read the individual privacy policies and terms of use of our co-branded partners, as these may differ in some respects from this Privacy Policy. Remember, you can always opt out of sharing your information with a co-branded partner by choosing not to use or participate in the product, service, event, or content provided. In some cases, we share your information for these purposes pursuant to your consent. In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement or membership agreement. In other cases, we share your information for these purposes based on our legitimate interest in promoting and facilitating our products, services, and events.
Other Members and Users. Your member profile information and posted content (if any) may be shared with other registered members through account directories, apps, message boards, chat rooms, or other interactive connected services in which you participate. In some cases, we share your information for these purposes pursuant to your consent. In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement or membership agreement. In other cases, we share your information for these purposes based on our legitimate interest in providing members with a forum and mechanism to connect.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We share your information for these purposes based on our legitimate interest or in order to comply with or enforce our rights under applicable law.
Legal Purposes. We may also disclose information we collect to legal counsel, law enforcement, and other appropriate authorities in special cases, including when we have a reason to believe that such disclosure is necessary to identify, contact, or bring a legal action against someone who may be causing injury to or interference with our rights and property or those of any other person; or when we believe that it is required by applicable laws, court orders, or government regulations. We share your information for these purposes to comply with or enforce our rights under applicable law.
Marketing. You agree that we may send marketing or advertising materials to you via email or mail, including but not limited to newsletters, blog updates, travel developments, etc. If you do not wish to receive marketing materials from us or any company we are affiliated with, please contact us and submit a request to remove your personal information from our marketing list. Any personal information shared with our affiliates (including, without limitation, our host agency, if applicable) will be protected by and subject to this Privacy Policy as well as the privacy policies of our affiliates. We also may share your information with third-party travel service providers -- including airlines, hotels, car rental companies, cruise lines, tour operators, and airport parking providers -- who need your information to fulfill your bookings, and their privacy policies apply to the information they receive from us. We may also share your information with travel agencies, insurance companies, and marketing partners to bring you additional services such as travel insurance or bundled deals.

Use Of Cookies and Similar Technologies
We may use cookies and other tracking technologies (like web beacons and pixels) to collect and store your information. Specific information about how we use such technologies, how you can refuse certain cookies or manage and change your cookie preferences, or delete cookies entirely, can be found in our Cookie Notice and Controls.

International Transfers
We may transfer, store, and process your information in, to, through, or with countries other than your own.

Infinity Travels and our servers are located in the United States. If you are engaging with us from outside the United States, please be aware that your information will be transferred to, stored, and processed by us in our facilities located in the United States and by those third parties with whom we may share your personal information, which third parties may be located in the United States or in other countries. The level of protection for your information in the United States or such other countries may not be the same as the level of protection in your country.

If you are a resident in the European Economic Area, then these countries may not have data protection or other laws as comprehensive as those in your country. We will, however, take all necessary measures to protect your personal information in accordance with this Privacy Policy and applicable law. Please see the Supplemental Information and Rights for European Residents section for more information.

In particular, we comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), each as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland, respectively, to the United States, and have certified our compliance with each applicable framework. As such, we are committed to subjecting all personal information received from EU member countries, the UK, and Switzerland, in reliance on the applicable Data Privacy Framework, to the Framework’s applicable principles. To learn more about the Data Privacy Framework, visit https://www.dataprivacyframework.gov/Program-Overview.

Should any of these frameworks lose validity for data transfers, we commit to enforcing the European Commission’s Standard Contractual Clauses (SCCs) to protect transfers from the EEA/UK to the United States. We ground transfers to travel suppliers outside the EEA/UK, such as airlines or hotels, in GDPR Article 49(1)(b) and/or 49(1)(c), as essential to execute a booking or fulfill your specific request.

Infinity Travels is responsible for the processing of personal information it receives, under the Data Privacy Framework, and subsequently transfers to a third-party acting as an agent on its behalf. With respect to personal information received or transferred pursuant to the Data Privacy Framework, Infinity Travels is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (FTC). In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. For unresolved DPF concerns, you may contact BBB National Programs Data Privacy Framework Services at https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers. In instances where it is legally mandated, binding arbitration may serve as a definitive option for resolving any unresolved complaints.

Links To Third-Party Websites
We are not responsible for and do not endorse the content of third-party websites or resources available through our connected services. This Privacy Policy only applies to our connected services that link to this Privacy Policy. However, our connected services may contain links to third-party sites or services. We do not endorse and are not responsible for the content of third-party websites or resources, and our Privacy Policy does not apply to any sites that are not controlled by Infinity Travels, even if you access such sites via a link on our connected services. You should review the privacy policies and terms of use of any third-party site before providing any information to the controller of such site.

Artificial Intelligence (AI) and Automated Processing
We use artificial intelligence (AI), machine learning, and other automated technologies to help deliver, improve, and personalize our services. These technologies may be used for purposes including, without limitation: analyzing usage patterns to enhance the user experience; providing personalized content, recommendations, itineraries, or travel services; supporting customer service through AI-powered chatbots or virtual assistants; detecting, preventing, and investigating fraud, abuse, security incidents, and policy violations; flagging potentially harmful or inappropriate content; and supporting internal analytics, research, and service optimization.

In connection with these activities, Infinity Travels may process information you provide to us, information collected automatically through your use of our services, and information obtained from third parties, as described in this Privacy Policy. Where permitted by applicable law, we may use such information to infer

We may also engage third-party service providers to support AI and automated processing activities. These providers may process personal information on our behalf in accordance with contractual restrictions and applicable law and may also process data in accordance with their own privacy policies where applicable. A list of such service providers may be made available upon request. We encourage you to review their privacy policies for additional information.

In some cases, our AI technologies may act on your instructions to assist with or complete bookings, itinerary changes, or other travel-related transactions. Where you direct an AI-enabled feature to take such actions, it may select, reserve, modify, or confirm services based on your inputs, preferences, and other available information, either automatically or with limited human involvement. In some instances, transactions may require your review and confirmation before completion.

To the extent we use automated processing, including profiling, to make decisions that produce legal or similarly significant effects, we will provide any notices, disclosures, and rights required under applicable law. Where required, you may have the right to request human review or intervention, express your point of view, and contest such decisions. Where required by applicable law, we will obtain your consent before using personal information for certain AI-related purposes and will provide any additional disclosures or opt-out rights required by law. If you have questions or concerns about our use of AI technologies or wish to exercise your rights, please contact us at support@infinitytravels.com.

Retention Of Your Personal Information
Infinity Travels keeps your information only for as long as reasonably necessary to fulfill the purposes for which it was collected, to provide our connected services, to comply with our legal, accounting, tax, and reporting obligations, to resolve disputes, to enforce our agreements, and to protect against fraudulent, abusive, or unlawful activity. In determining the appropriate retention period for personal information, Infinity Travels considers the amount, nature, and sensitivity of the personal information; the potential risk of unauthorized use or disclosure; the purposes for which we process the information and whether we have an ongoing business need to process your personal information; whether we can achieve those purposes through other means; and the applicable legal, regulatory, tax, accounting, or other requirements. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. Please see the Retention Periods by Category information chart that follows for more details.

Retention Periods by Category:

Category of Personal Information	Retention Period / Criteria
Account registration and profile information	Retained for as long as your account remains active, and for a reasonable period thereafter as necessary to support account recovery, fraud prevention, dispute resolution, and legal compliance.
Identity and contact information	Retained for the duration of the business relationship and thereafter for the period necessary to comply with legal, tax, accounting, and recordkeeping obligations, and to resolve disputes.
Booking, travel, transaction, and order information	Retained for the period necessary to complete the transaction, provide related services, handle post-service support, prevent fraud, and satisfy legal, accounting, and tax obligations.
Payment information	Stored by our payment processor and retained by us only as necessary for transaction administration, fraud prevention, chargeback handling, and legal compliance. We do not retain full payment card data on our servers after a transaction, except where permitted or required by law.
Communications and customer support records	Retained for as long as reasonably necessary to respond to inquiries, maintain service records, train staff, resolve disputes, and comply with legal obligations.
Marketing and preference data	Retained until you withdraw your consent, opt out, or otherwise update your preferences, plus a reasonable period to process and document the change and maintain suppression records.
Website, device, and usage data	Retained for a period reasonably necessary to support analytics, security, service improvement, and troubleshooting, after which it is deleted, aggregated, or de-identified, unless a longer period is required for legal, security, or dispute-related purposes.
Cookie and similar tracking data	Retained for the lifespan of the cookie or similar technology, or for the period described in our Cookie Notice and Controls, unless deleted earlier through your settings or browser controls.
AI and personalization inputs and outputs	Retained for as long as reasonably necessary to provide recommendations, personalize services, improve system performance, detect abuse, and support legal or operational needs, subject to any applicable consent, deletion, or opt-out rights.
Security logs and fraud-prevention records	Retained for a period reasonably necessary to detect, investigate, and prevent security incidents, fraud, misuse, or unauthorized access, and to meet legal and compliance obligations.
De-identified or aggregated information	Retained and used without a fixed retention period, provided it is maintained in a form that does not reasonably identify you and is not re-identifiable except where permitted by law.

How We Protect Your Information
We have implemented appropriate technical and organizational data security measures designed to protect the security of any personal information we process from unauthorized access, loss, or misuse. To the extent appropriate or required by applicable law, these security measures include the following:

Access to personal information is limited to authorized employees and service providers who need access to perform the activities described in this Privacy Policy on our behalf.
Personal information is pseudonymized where appropriate or required by law, and sensitive personal information transferred to or stored on any mobile device is encrypted using industry-accepted encryption solutions.
Personnel engaged in the processing of personal information are informed of the confidential nature of personal information, receive appropriate training on their responsibilities, and are obligated pursuant to our policies to maintain the confidentiality of personal information.
The effectiveness of our security measures is regularly tested, assessed, and evaluated to ensure the ongoing security of processing systems.
Internet-connected databases containing personal information are monitored for unauthorized intrusions using network-based and/or host-based intrusion detection mechanisms.
Service providers and other third parties engaged by us to process personal information on our behalf are contractually obligated to process personal information only on our documented instructions and must provide similar security measures as those used by us or as required under applicable law.
We also maintain industry-standard security frameworks, including ISO 27001. Cardholder data is safeguarded via PCI DSS compliance. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider's database, only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

Although we strive to provide reasonable and appropriate security for the personal information we process, no security system can prevent all potential security breaches. In particular, email or forms sent using our connected services may not be secure. You should take special care before deciding to send us information via email, and the transmission of personal information to and from our connected services is at your own risk. Further, if you create an account through our connected services, it is your responsibility to protect your access credentials from unauthorized access or use.

Data Breach Response and Notification
We have implemented and continue to maintain a reasonable incident response program designed to detect, investigate, contain, and remediate unauthorized access to, acquisition of, disclosure of, alteration of, or destruction of personal information. If Infinity Travels becomes aware of a potential or actual security incident involving personal information, we will take commercially reasonable steps to investigate the nature and scope of the incident, contain and remediate the incident, and determine whether notice is required under applicable law.

Our response to any such incident may include prompt internal escalation to our legal, privacy, security, compliance, and technical personnel, and, where appropriate, third-party forensic and incident response specialists. We may investigate the types of information involved, the number of affected individuals, the likely consequences of the incident, whether the information was encrypted, rendered unusable, or otherwise protected, and whether any unauthorized person actually accessed or acquired the information. We will assess whether the incident creates a risk to the rights and freedoms of individuals, or otherwise triggers a notice obligation under applicable law, and we will document the incident, our investigation, our findings, and any corrective actions taken.

To the extent we are acting as a controller under the GDPR, and a personal data breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the appropriate supervisory authority without undue delay and, where feasible, within seventy-two (72) hours after becoming aware of the breach, unless a longer period is permitted under applicable law. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify affected individuals without undue delay, unless an exception applies under applicable law.

To the extent we are subject to California law or other applicable U.S. state breach notification laws, we will provide any notices required by such laws to affected individuals and, where applicable, to regulators, consumer reporting agencies, or other governmental authorities, in each case within the timeframes required by applicable law. If direct notice is impracticable, we may provide substitute notice or other notice permitted by applicable law.

We may delay notification if law enforcement determines that such notice would impede a criminal investigation or compromise national security, or if otherwise permitted by applicable law. If we determine that notice is not required, we may nevertheless retain records of the incident and our assessment in accordance with our legal and business obligations.

This section is intended to describe our general incident response and notification practices and does not create any contractual right or guarantee. Nothing in this section limits any rights you may have under applicable law.

Account Information
Please contact us if you would like to review or change the information in your account or terminate your account. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use, and/or comply with legal requirements.

SMS Communications
By providing your mobile phone number, you consent to receive SMS (text) messages from Infinity Travels. These may include one-time passwords, booking confirmations, service updates, promotional content, and other travel-related information. Message frequency varies based on the nature of your interaction with us, including account activity, booking confirmations, and promotional updates. Consent to receive SMS is not a condition of purchase.

You can reply HELP for help, and you may opt out at any time by replying STOP to any message we send you, or by contacting our customer support team. Your opt-out request will be processed promptly and honored for the defined time period. Standard message and data rates may apply.

Cookies and SMS Abandoned Cart Disclosure. We use cookies to track items you add to your shopping cart, including when you begin but do not complete checkout ("cart abandonment"). This information is only used to trigger a single cart reminder SMS per abandoned cart event, as described above, and such SMS will be sent within 24 hours of the abandonment.

Third-Party Data Sharing. Your opt-in status and consent to receive SMS will not be shared with any third party except those vendors, platform providers, or carriers directly involved in delivering SMS services. Text messages are sent through third-party providers, and their delivery may be subject to delays or failures beyond our control. We are not responsible for undelivered texts or transmission delays. Our text message service may not be available across all U.S. mobile carriers. Your mobile provider is not responsible for delays or non-delivery of text messages. For further details on data collection, use, and protection, please see the other sections of this Privacy Policy.

We retain records of your consent, opt-out requests, and message events in accordance with applicable consumer protection laws.

Text Message Security and Data Collection. Text messages, including one-time passwords, are transmitted using standard cellular protocols without end-to-end encryption and may be subject to interception or unauthorized access. You should not rely on SMS as a secure means of communicating sensitive personal information. In connection with providing our text message service, we collect your mobile phone number, mobile carrier name, and message metadata, including the date, time, and content of messages sent and received. This information is used to deliver, administer, and improve our SMS communications and is handled in accordance with the data practices described in this Privacy Policy.

Automated Messaging and Usage Terms. By consenting to receive text messages from Infinity Travels, you acknowledge that messages may be sent through an automated system. Infinity Travels does not charge you for text messages; however, your mobile carrier’s standard message and data rates, including any applicable roaming charges, may apply. You are responsible for promptly notifying us if you change or deactivate your mobile phone number to ensure messages are not sent to a reassigned number. For questions about our text message service, reply HELP to any message or contact us using the information in the How To Contact Us section below.

Changes in Preference and Opting Out of Email Marketing
We comply with the CAN-SPAM Act of 2003 and do not spam or send misleading information. Should you wish to no longer receive communication from us, you have the option of unsubscribing by clicking "unsubscribe" at the bottom of the email we send to you or by contacting us using the details provided under How To Contact Us below. You will then be removed from the marketing email list; however, we will still need to send you service-related emails that are necessary for the administration and use of your account. As for third-party websites, please contact them directly to unsubscribe and/or opt out of their communications. We comply with the GDPR, along with the email marketing service we use to collect your data.

Jurisdiction-Specific Rights
In some regions and jurisdictions (such as California and other U.S. states, and the European Economic Area), you may have certain additional rights under applicable data protection laws. To the extent that relevant jurisdictions grant additional privacy rights to individuals, these rights are described separately under the applicable Supplemental Information and Rights sections included with and incorporated in this Privacy Policy below.

Controls For Do-Not-Track Features
Our connected services do not respond to "do not track" requests or signals at this time. However, we will actively respect opt-out preferences communicated through the Global Privacy Control (GPC) signal. Certain web browsers may allow you to enable a "do not track" option that sends signals to the websites you visit, indicating that you do not want your online activities tracked. Right now, there is no industry standard for how companies should respond to "do not track" signals, although one may be adopted in the future. If we do so in the future, we will modify this Privacy Policy accordingly. More information about "do not track" is contained in our Cookie Notice and Controls below.

Important Information Regarding Minors, Children & Family Bookings
Our connected services are intended for general audiences and are not directed to children. We comply with the requirements of the Federal Trade Commission’s Children's Online Privacy Protection Act (COPPA), and as such, we do not knowingly collect any personal information from children under the age of 13 through our connected services, except after obtaining verifiable parental consent or as otherwise permitted under applicable law. However, we understand that our services may be used in connection with family travel and group bookings, and in some cases, a parent, legal guardian, or other authorized adult may provide us with information relating to a child or minor traveler in order to book, manage, or support travel-related services.

Where a parent, legal guardian, or other authorized adult submits information on behalf of a child or minor traveler, or otherwise authorizes us to process such information, we may collect, use, disclose, and retain that information as described in this Privacy Policy for purposes of providing, administering, and supporting the requested services, including reservation processing, itinerary management, customer support, travel coordination, safety, fraud prevention, and compliance with applicable legal obligations. We do not knowingly use children’s personal information for targeted marketing to a child where prohibited by law, and we do not knowingly collect personal information from children under the age of 13 through our connected services except where permitted by law and, where required, after obtaining verifiable parental consent.

If Infinity Travels learns that we have collected personal information from a child under the age of 13 in a manner that is not permitted by applicable law, we will take appropriate steps to delete such information or to obtain verifiable parental consent, as applicable. If a parent or legal guardian believes that a child has provided us with personal information without permission, the parent or legal guardian should contact us using the information provided in the section entitled How To Contact Us herein to request access to, correction of, or deletion of such information, where required by applicable law.

To the extent required by applicable law, including applicable European Union and United Kingdom data protection laws, we will obtain any necessary parental or guardian consent before processing a child’s personal information for the relevant service. Where we rely on a parent, legal guardian, or authorized adult to provide information about a child or minor traveler, it is that person’s responsibility to ensure that they have the authority to do so and that the information provided is accurate and complete.

IF YOU ARE NOT OLD ENOUGH TO FORM LEGALLY BINDING OBLIGATIONS IN YOUR APPLICABLE JURISDICTION, PLEASE TALK TO YOUR PARENTS OR GUARDIANS BEFORE USING OUR ONLINE SERVICES OR PROVIDING YOUR NAME OR OTHER PERSONAL INFORMATION TO Infinity Travels. YOU CANNOT SUBMIT INFORMATION TO OUR ONLINE SERVICES WITHOUT YOUR PARENTS’ OR GUARDIAN’S PERMISSION. If the parent or guardian of a child believes that their child has provided us with personal information without permission, the parent or guardian should contact us using the details provided under How To Contact Us below to request access to the information and deletion of such information where required. For more information regarding protecting children’s privacy online, visit https://www.ftc.gov/business-guidance/privacy-security/childrens-privacy. This section is intended to supplement, and not limit, the other provisions of this Privacy Policy.

Sensitive Personal Information
We recommend that you avoid sharing personal sensitive information -- such as medical conditions, religious beliefs, political opinions, or biometric information -- unless required for your travel arrangements. If you choose to share such information, we will process it only as necessary to fulfill the purpose for which it was provided and in compliance with applicable law.

Governing Law and Jurisdiction
This Privacy Policy shall be governed by and construed in accordance with the laws of the State of California, without regard to conflict of law principles. Any controversy or claim arising out of or relating to these terms shall be brought exclusively in a court of competent jurisdiction located in Orange County in the State of California.

How To Contact Us
If you have any questions or comments about this Privacy Policy, or to submit a request or otherwise exercise your privacy rights under this Privacy Policy, please contact us at: Infinity Web Solutions LLC (d/b/a Infinity Travels)

Address: 17875 Von Karman Ave, Suite 150 & 250, Irvine, California 92614, United States of America

Email: support@infinitytravels.com

Phone: 1-800-645-3851

Infinity Travels

Cookie Notice and Controls

Our connected services use cookies and similar technologies to help us understand how you interact with our products and connected services, to improve your experience, and to allow you to use certain features made available through our connected services (such as sharing content via social networks or other communication channels).

This Cookie Notice describes how cookies and similar technologies are used with our connected services, as well as your choices regarding the use of cookies on our services and the tools available to you to exercise your preferences. For more information regarding the collection and use of information via our connected services, please read our Privacy Policy.

Overview of Cookies and Similar Technologies
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site, either for the duration of your visit (a session cookie) or for repeat visits (a persistent cookie). Session cookies are deleted from your computer or device once you leave the connected service. Persistent cookies remain on your device and are sent back to the originating website on subsequent visits (or to another website that recognizes the cookie) to notify the website of your previous online activity. Cookies on this connected service may be delivered by Infinity Travels (a first-party cookie) or a third-party (a third-party cookie) and may also be set in association with emails you receive from us. Cookies help us enhance your experience when using our connected services. They also help us understand how people use our connected services (such as which pages or features are most popular) so that we can better serve our users and members.

In addition to cookies, we may also use other similar technologies with our connected services, such as pixel tags (also known as clear GIFs, web beacons, pixels, or web bugs), local storage, statistical identifiers, and software development kits. Pixel tags are small blocks of code installed on a website that allow a third party to deliver its third-party cookies when a visitor goes to the website, and are generally used by third parties to monitor and track user activity on a website. Local storage (such as HTML5) allows a website to store and retrieve data on an individual’s device with no expiration date. Statistical identifiers refer to identifiers created using certain device and server data. Collectively, this information makes a user’s browser or device sufficiently distinct for a website to reasonably determine that it is encountering the same browser or device over time and used for the same purposes as cookies. Software development kits (also called SDKs) function like third-party cookies and pixel tags, but operate in the mobile app environment where cookies and pixel tags do not function as effectively. Instead of using cookies and pixel tags, an app developer can install pieces of code provided by third parties (such as analytics providers) in its mobile app in order for the third parties to monitor and analyze the use and performance of the mobile app.

These technologies enable us and our partners to recognize when someone has visited our connected services or opened an email, allowing us to do things such as monitor the traffic patterns of users from one page within our Website to another, understand whether a visitor has come to our Website from an online advertisement displayed on a third-party site or in an email, and measure and improve the performance of our connected services. In many instances, these technologies are reliant on cookies to function properly, and so disabling or declining cookies will also disable their functioning.

Cookies Used with Our Online Services
Like most websites, we use certain cookies and similar technologies with our connected services that allow us to collect various information that does not (on its own) identify any particular individual. This helps us identify visitors who return to our connected services, informs us of things such as how many users visited our connected services, the services, web pages, and features accessed, and whether there were any technical problems in loading pages or navigating through our connected services. By collecting this information, we learn what parts of our connected services are the most interesting or valuable to our users and members, and can monitor overall interest in our products and services. It also lets us spot technical problems with our connected services so we can address them right away, and helps us upgrade our services and improve our offerings for our users and members.

We use the following categories of cookies on our connected services: (a) strictly necessary cookies, required for fundamental operations such as secure access and processing travel arrangements; (b) performance and analytics cookies, which gather information about how you interact with our Platform to improve its effectiveness; (c) functional cookies, which remember your preferences such as past itineraries and authentication information; (d) advertising and targeting cookies, used by us and select third-party partners to show you ads based on your browsing history; and (e) social media cookies, which enable sharing features on social media platforms. The types of information typically collected through cookies and similar technologies include IP address (which is used to infer approximate location); Internet service provider; browser type and settings; device information (for example, type of device, operating system, device manufacturer); referring/exiting URL; request/response date and time; clickstream data; device ID or advertising ID; and your name, email address and password if you are logging into your account. We may use Google Analytics cookies to collect information about how visitors use our connected services. These cookies collect information in the aggregate to give us insight into how our connected services are being used. We anonymize IP addresses in Google Analytics, and the anonymized data is transmitted to and stored by Google on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. In addition to Google Analytics, we allow cookies from other trusted third parties, including Google Ads and ad networks (to supply customized promotions and track their impact) and social media services (for integration of sharing capabilities and interaction tools). The following table has more information about these cookies.

For an overview of these Google Analytics cookies, please visit: https://support.google.com/analytics/answer/6004245.

You may install a Google Analytics Opt-out Browser Add-on by going here: https://tools.google.com/dlpage/gaoptout.

Geolocation Information
Depending on the connected services and your computer or device permissions, we may collect information about your device’s approximate (for example, country or zip code) or precise location. Various technologies may be used to collect this location information, such as IP addresses, GPS, and other sensors that may provide information on nearby devices, Wi-Fi access points, and cell towers. We will only collect your computer’s or device’s precise location with your consent. In addition, some photos or other content you place within the connected services (such as your profile picture or competition videos) may contain recorded location information. Location information is used to measure and improve the performance of our connected services and to optimize your experience.

How to Manage and Disable Cookies
When you first visit our Website, a cookie consent notification will appear. You may: (a) accept all cookies for the full range of features and tailored recommendations; (b) reject non-essential cookies while retaining basic functionality; or (c) manage your preferences to tailor your choices based on cookie types. You may adjust or revoke your approval at any time via the "Cookie Settings" link in the Website footer. As long as you have not expressed your choice, no cookies (other than strictly necessary cookies) will be installed on your device. You can manage and change your cookie preferences or delete cookies entirely as discussed below.

Website and/or Browser Settings
Our Website may feature a pop-up or other means to allow you to opt out of certain cookies. Browser settings allow you to choose whether or not to accept cookies or limit certain cookies. Most browsers also provide functionality that lets you review and erase cookies. To disable cookies through your browser, follow the instructions usually located within the "Help," "Tools," or "Edit" menus in your browser. If you need additional assistance, information on how to manage a disabled cookies on commonly used browsers is available in this guide. If you use our connected services without changing your browser settings, we will assume that you are ok to receive all cookies on the connected services. Please be aware that if cookies are disabled, not all features of our connected services may operate as intended. Also, please note that disabling a cookie or category of cookies does not delete the cookie from your browser unless manually completed through your browser function.

Cookies Used for Personalized Advertising
If you would prefer that we not sell or share information that may be used to help determine which advertisements to serve you, opt out by clicking the applicable "OPT-OUT" button, which can be found on most of our connected services. You may also opt out or change your behavioral advertising cookie preferences by visiting the opt-out page for the Digital Advertising Alliance at https://optout.aboutads.info (U.S. residents and those not in the EU or Canada), the Network Advertising Initiative at https://optout.networkadvertising.org, the European Interactive Digital Advertising Alliance (European residents), or the Digital Advertising Alliance of Canada (Canadian residents). You may also manage ad customization through your social media platform settings.

Flash Cookies
Flash cookies, also known as Local Shared Objects or LSOs, were used by Adobe Flash to store information on a user’s device. They have since been discontinued, and modern browsers no longer support Flash content by default. As a result, Flash cookies are generally obsolete. If any legacy Flash storage remains on an older device or in a legacy environment, it may be removed through the relevant device or application settings.

Mobile Devices
Your mobile operating system may let you opt out of having your information collected or used for interest-based advertising on mobile devices. You should refer to the instructions provided by your mobile device’s manufacturer, but this functionality is usually available in the "Settings" section of your device.

Do Not Track (DNT)
Certain web browsers may allow you to enable a "do not track" option that sends signals to the websites you visit, indicating that you do not want your online activities tracked. This is different from blocking cookies, as browsers with the "do not track" option selected may still accept cookies. Right now, there is no industry standard for how companies should respond to "do not track" signals, although one may be adopted in the future. We do not respond to "do not track" signals at this time. However, we will actively respect opt-out preferences from browser tools, including the Global Privacy Control (GPC) signal. If a recognized GPC signal is detected, we will treat it as a valid opt-out request under applicable law. If we do so in the future, we will modify this Cookie Notice accordingly. More information about "do not track" is available at www.allaboutdnt.com.

Cookie Notice Changes
We may update this Cookie Notice from time to time. Any changes will be posted on this page with an updated revision date. If we make any material changes, we will provide notice through the connected service or by other means.

Supplemental Information for U.S State Privacy Rights

State consumer privacy laws may provide their residents with additional rights regarding our use of their Personal Information.

CALIFORNIA RESIDENTS
If you are a California resident, the following additional information and rights apply to you, subject to the California Consumer Privacy Act (CCPA), with respect to Infinity Travels’s collection, use, and disclosure of personal information about you. For purposes of this section, "personal information" means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household. "Personal information" does not include publicly available information or information that is deidentified or in the aggregate.

Collection, Use, and Disclosure of Personal Information

Categories of Personal Information Collected

Infinity Travels has collected the following categories of personal information about California consumers in the preceding 12 months:

Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, account name, Social Security Number, driver’s license number or state identification card number, passport number, or other similar identifiers.
Other identifiers or consumer information, such as physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Characteristics of protected classifications under California or federal law, such as race, color, sex, age (40 and older), religion, national origin, disability, citizenship status, genetic information, marital status, sexual orientation and identity, political affiliations or activities, military or veteran status, medical condition, or status as a victim of domestic violence, assault, or stalking.
Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
Geolocation data.
Audio, electronic, visual, thermal, olfactory, or similar information.
Professional or employment-related information.
Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Infinity Travels uses these categories of personal information for the purposes described under How We Use Your Information above.

Categories of Personal Information Disclosed for Business Purposes

Infinity Travels has disclosed for a business purpose the following categories of personal information about California consumers in the preceding 12 months:

Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, account name, Social Security Number, driver’s license number or state identification card number, passport number, or other similar identifiers.
Other identifiers or consumer information, such as physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Characteristics of protected classifications under California or federal law, such as race, color, sex, age (40 and older), religion, national origin, disability, citizenship status, genetic information, marital status, sexual orientation and identity, political affiliations or activities, military or veteran status, medical condition, or status as a victim of domestic violence, assault, or stalking.
Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
Geolocation data.
Audio, electronic, visual, thermal, olfactory, or similar information.
Professional or employment-related information.
Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

"Business purposes" include the use of personal information as reasonably necessary and proportionate for operational purposes, such as performing services on our behalf (e.g., maintaining or servicing accounts, providing customer service, processing orders, verifying member information, processing payments, or providing marketing or analytic services), auditing related to a current interaction with you and concurrent transactions, detecting and protecting against security incidents, debugging to identify and repair errors, conducting research, and undertaking activities to verify or maintain the quality or safety of our products and services.

Categories of Personal Information Sold

Infinity Travels has not sold personal information about California consumers in the preceding 12 months.

Your Privacy Rights Under California Law

In addition to the Personal Information rights described above, California residents also have the rights described below.

Right to Notice and Access
You have the right to request that Infinity Travels disclose additional information regarding our collection and use of your personal information, including the following:

The categories of personal information we have collected about you.
The categories of sources from which personal information is collected.
The purpose for collecting or selling personal information.
The categories of third parties with whom we share personal information.

In addition, you have the right to request access to the specific pieces of personal information we have collected about you. To request this additional information or to access your personal information, please submit a request to Infinity Travels using one of the methods described below under How to Exercise Your California Privacy Rights.

Right to Deletion of Personal Information
You have the right to request that Infinity Travels delete any personal information about you that we have collected from you. To request deletion of your personal information, please submit your request to Infinity Travels using one of the methods described below under How to Exercise Your California Privacy Rights. Please be aware that such a request does not ensure complete or comprehensive deletion of your personal information and that there may be circumstances in which the law does not require or allow deletion even if requested.

Right to Transparency Regarding Disclosure or Sale of Personal Information
You have the right to request that Infinity Travels disclose additional information regarding the disclosure or sale of your personal information, including the following:

The categories of personal information that Infinity Travels disclosed about you for a business purpose.
The categories of personal information that Infinity Travels sold about you and the categories of third parties to whom the personal information was sold (by category or categories of personal information for each third-party to whom the personal information was sold).

In addition, you have the right to request information regarding the disclosure of your personal information by Infinity Travels to third parties for the third parties’ direct marketing purposes.

To request additional information regarding the disclosure and sale of your personal information (as applicable), or to opt out of the disclosure of your personal information to third parties for their direct marketing purposes, please submit your request to Infinity Travels by using one of the methods described below under How to Exercise Your California Privacy Rights.

Authorized Agents
California residents may designate an authorized agent to submit privacy requests on their behalf. To do so, you must provide the authorized agent with written permission, and we may require verification of both the agent’s and the consumer’s identity before processing the request.

Right to Opt-Out of the Sale or Sharing of Personal Information
Infinity Travels does not sell personal information in the traditional sense. However, under California law, certain disclosures to advertising or analytics partners may qualify as a "sale" or "sharing" of personal information. Infinity Travels only shares your personal information with necessary suppliers and vendors in connection with the travel products and services being provided to you. If Infinity Travels sells your personal information to third parties, you can opt out of the sale of your personal information at any time by submitting a request to Infinity Travels using one of the methods described below under Do Not Sell or Share My Personal Information.

Do Not Sell or Share My Personal Information
You have the right to opt out of the sale or sharing of your personal information. Once we receive and confirm a verifiable consumer request from you, we will stop selling or sharing your personal information. To exercise your right to opt-out, please contact us via phone or email provided above.

Rights of Children
Notwithstanding anything else contained in this Privacy Policy, Infinity Travels will not sell the personal information of individuals if Infinity Travels has actual knowledge that the individual is less than 16 years of age, unless the individual, in the case of individuals between 13 and 16 years of age, or the individual’s parent or guardian, in the case of individuals who are less than 13 years of age, has affirmatively authorized the sale of the individual’s personal information (the "right to opt-in").

Right to Removal of Content Posted Publicly by Minors
If you are a California resident under the age of 18, and a registered user of any connected services where this Privacy Policy is posted, you may request and obtain removal of content or information you have publicly posted. To make such a request, please use one of the methods described under How to Exercise Your California Privacy Rights below and include a detailed description of the specific content or information to be removed. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

Right Not to Be Subject to Discrimination
Infinity Travels will not and cannot discriminate against you for exercising any of your rights described above, such as by denying you goods or services or by providing you with a different level of goods or services. However, we can charge a different price or rate, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to you by your personal information. In addition, we may offer financial incentives, including payments to you as compensation, for the collection, sale, or non-deletion of your personal information. If we offer you any such financial incentives, we will first notify you of the applicable incentives and will only include you in a financial incentive program with your prior opt-in consent (which may be revoked by you at any time).

How to Exercise Your California Privacy Rights
California Civil Code Section 1798.83 permits users who are California residents to request and obtain from us information about certain personal information we disclose to third parties for their direct marketing purposes in the preceding calendar year. To exercise any of your California privacy rights described above—including to request additional information regarding our collection and use of your personal information, to request access to your personal information, to request that we delete your personal information, to request additional information regarding the disclosure and sale of your personal information, or to opt-out of the disclosure of your personal information to third parties for their direct marketing purposes—please submit your request to Infinity Travels using one of the methods provided under How To Contact Us above.

If any complaint with us is not satisfactorily resolved, you can contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834 or by telephone at (800) 952-5210 or (916) 445-1254.

COLORADO, CONNECTICUT, VIRGINIA, and UTAH RESIDENTS
Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to: (i) confirm whether we process their personal information; (ii) access and delete certain personal information; (iii) data portability; and (iv) opt out of personal data processing for targeted advertising and sales. In addition, Colorado, Connecticut, and Virginia also provide their state residents with rights to: (i) correct inaccuracies in their personal information, taking into account the information's nature and processing purpose; and (ii) opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. For more information regarding Colorado, Connecticut, Virginia, and Utah privacy rights, please submit your request to Infinity Travels using one of the methods provided under How To Contact Us above.

NEW YORK RESIDENTS
Infinity Travels is compliant with the Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act), which requires a business holding personal data on New York residents to take active steps to implement reasonable cybersecurity protections and safeguards in order to prevent hackers from accessing concerning consumer data.

For more information regarding U.S. State privacy rights, please submit your request to Infinity Travels using one of the methods provided under How To Contact Us herein.

Supplemental Information and Rights for EUROPEAN RESIDENTS

If you reside in Europe or your personal information is otherwise covered by the European Union’s General Data Protection Regulation (GDPR) or the U.K. Data Protection Act (collectively, "European Privacy Regulations"), the following additional information and rights apply to you with respect to Infinity Travels’s collection, use, and disclosure of personal information. For purposes of this section, "personal information" means any information that identifies an individual or for which there is a reasonable basis to believe the information can be used to identify an individual. "Personal information" does not include publicly available information or information that is deidentified or in the aggregate.

Controller | European Representative
The processing of personal information collected by Infinity Travels is governed by this Privacy Policy, and Infinity Travels is the "controller" of such information. To contact us concerning our processing of your personal information, please email support@infinitytravels.com.

Our Data Protection Officer can be reached at [INSERT DPO EMAIL]. You may contact the Data Protection Officer with any questions or concerns regarding the processing of your personal information or the exercise of your rights under applicable data protection laws.

Your European Privacy Rights
In addition to the rights under Your Privacy Rights described above, you have various additional rights with respect to the collection, use, transfer, and processing of your personal information, as described below. We reserve the right to limit these rights at any time where permitted under applicable law, including where your identity cannot be reasonably verified by Infinity Travels or to the extent your rights adversely affect the rights and freedoms of others. To exercise any of the rights below, please submit your request to Infinity Travels. You have the right to obtain confirmation as to whether or not your personal information is being processed by Infinity Travels. Where we are processing your personal information, you have the right to access the data and to obtain certain information about the processing of such data.

Right to Access and Rectification
You can request access to your personal information. You have the right to obtain rectification of any personal information that is inaccurate or incomplete, including by means of providing a supplementary statement.

Right to be Forgotten (Erasure)
You have the right to have your personal information erased where one of the following applies:

Your personal information is no longer necessary with regard to the purposes for which it was collected.
You withdraw your consent (where the processing is based on such consent).
You object to the processing where such processing is based on Infinity Travels’s (or a third-party’s) legitimate interest, and there are no overriding legitimate grounds for the processing.
Your personal information must be erased to comply with a legal obligation under applicable law.

However, this right to erasure will not apply to the extent that the processing is necessary for:

Compliance with a legal obligation that requires processing by the applicable; or
Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, to the extent permitted under applicable law.

Right to Restriction of Processing
You have the right to restrict the processing of your personal information where one of the following applies:

The accuracy of the personal information is contested.
The processing is unlawful, and you oppose the erasure of your personal information and request the restriction of its use instead.
Infinity Travels no longer needs the personal information for the purposes of the processing, but it is required by you for the establishment, exercise, or defense of legal claims.
Where the processing is based on Infinity Travels’s (or a third-party’s) legitimate interest, and you have objected to processing (as described immediately below).

Right to Object
You have the right to object (on grounds relating to your particular situation) at any time to the processing of your personal information for direct marketing purposes or where the processing is based on Infinity Travels’s (or a third-party’s) legitimate interest. When objecting to processing based on our legitimate interest, Infinity Travels will no longer process your personal information unless Infinity Travels demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.

Right to Withdraw Consent
Where the processing of your personal information is based on your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal.

Right to Data Portability
You have the right to receive your personal information, which you have provided to Infinity Travels, in a structured, commonly used, and machine-readable format, and have the right to transmit such data to another entity without hindrance from Infinity Travels, where each of the following conditions is met:

Your request does not adversely affect the rights of others;
Your request does not adversely affect Infinity Travels’s rights (including intellectual property rights);
The processing is based on your consent or the performance of a contract to which you are a party; and
The processing is carried out by automated means.

Right Not to Be Subject to Solely Automated Decisions
You have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you, unless permitted under applicable law.

Onward Transfers
We share only limited personal data with our trusted service providers, such as those handling hosting, analytics, marketing, or customer support, primarily for operational needs and under binding confidentiality agreements. These providers must maintain privacy protections equivalent to our own and inform us if they cannot do so. Infinity Travels may transfer personal data to affiliates to facilitate our operations. We share sensitive personal data only with your explicit opt-in consent. You may contact us at support@infinitytravels.com to opt out of onward transfers to third parties not serving as our agents.

Right to Submit a Complaint to Supervisory Authorities
You have the right to lodge a complaint with an applicable data protection authority. If you reside in Europe, you have the right to lodge such a complaint in the European country of your habitual residence, place of work, or place of an alleged infringement if you consider that the processing of your personal information infringes applicable European Privacy Regulations. A list of all European supervisory authorities and their respective contact information is available here.