• Jordan Gassner Travel Blog

    Meaningful Adventures for the Modern Explorer

    Privacy Policy

    Privacy Policy

    Last updated: February 16, 2026

    This Privacy Policy describes how Jordan Gassner Travel Blog (“Company,” “I,” “we,” or “us”) collects, uses, and protects your personal information when you visit our website or make purchases from us.

    I respect your privacy and am committed to being transparent about my data practices. This policy explains what information we collect, why we collect it, how we use it, and your rights regarding your data.

    By using this website, you agree to the collection and use of information in accordance with this Privacy Policy.

    1. Information I Collect

    Personal Information You Provide

    I collect information you voluntarily provide when you:

    • Create an account to purchase digital downloads
    • Submit a contact form
    • Make a purchase
    • Interact with affiliate links

    This information may include:

    • Name
    • Email address
    • Billing information (processed securely by Stripe. See Payment Processing below)
    • Any other information you choose to provide in contact forms or correspondence

    Important note on payment information: When you make a purchase, your credit card and payment details are collected and processed securely by Stripe through our checkout system. I never see nor have access to your full credit card number. However, you should never send credit card information through contact forms, emails, or comments. Stripe’s secure checkout is the only safe method for payment processing.

    Automatically Collected Information

    When you visit my website, I automatically collect certain information through cookies and similar technologies:

    • IP address
    • Browser type and version
    • Device information (type, operating system)
    • Pages you visit and how long you spend on them
    • Referring website (how you found us)
    • Date and time of your visit
    • Clicks on affiliate links and subsequent purchases (tracked by affiliate networks)

    2. How I Use Your Information

    I use the information I collect for the following purposes:

    • Process your purchases and deliver digital downloads
    • Manage your account and provide customer support
    • Respond to your contact form submissions and inquiries
    • Understand how visitors use my website and improve my content
    • Display relevant advertisements through Google Ads
    • Track affiliate link performance and earn commissions on qualifying purchases
    • Comply with legal obligations and protect my rights
    • Prevent fraud and enhance website security

    3. Cookies and Tracking Technologies

    I use cookies and similar tracking technologies to enhance your experience and analyze website traffic. Cookies are small text files stored on your device that help me recognize you and remember your preferences.

    Types of Cookies I Use:

    • Essential cookies: Required for the website to function properly (e.g., managing your login session, shopping cart functionality)
    • Analytics cookies: Help me understand how visitors interact with my site through Google Analytics
    • Advertising cookies: Used by Google Ads to display relevant advertisements
    • Affiliate cookies: Track clicks on affiliate links (such as Amazon Associates) to attribute purchases and earn commissions. These cookies typically last between 24 hours to 30 days depending on the affiliate partner.
    • Social media cookies: Set by Instagram when you view embedded content from their platform

    Managing Cookies

    You can control cookies through your browser settings. Most browsers allow you to refuse cookies or delete existing cookies. However, disabling certain cookies may limit your ability to use some features of my website.

    To learn more about managing cookies, visit: www.allaboutcookies.org

    4. Third-Party Services and Data Sharing

    I work with third-party service providers who help me operate my website and process your information. These providers have their own privacy policies and handle your data according to their terms. I do not sell your personal information to third parties.

    Google Analytics

    I use Google Analytics to understand how visitors use my site. Google Analytics collects information such as how often users visit my site, what pages they visit, and what other sites they used before coming to mine. Google uses this data to help me improve my website.

    Google Analytics Privacy Policy: https://policies.google.com/privacy

    You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

    Google Ads

    I use Google Ads to display advertisements on my website and across the internet. Google uses cookies to show ads based on your previous visits to my site and other websites. I do not use remarketing or retargeting to follow you across other websites with my specific ads.

    You can opt out of personalized advertising by visiting Google’s Ads Settings: https://www.google.com/settings/ads

    Stripe (Payment Processing)

    When you make a purchase, your payment information is processed securely by Stripe, my payment processor. I never see or store your full credit card details. Stripe collects and processes your payment information, billing address, and transaction details according to their Privacy Policy.

    Stripe Privacy Policy: https://stripe.com/privacy

    Stripe is PCI-DSS compliant, ensuring your payment information is handled securely.

    Amazon Associates and Other Affiliate Programs

    I participate in affiliate marketing programs, including Amazon Associates and potentially other affiliate networks. When you click on an affiliate link and make a purchase, the affiliate network may place cookies on your device to track the transaction and attribute it to my referral.

    I earn a commission on qualifying purchases made through these links at no additional cost to you. The affiliate networks collect information about your purchase, but I do not receive your personal information from these transactions beyond aggregate reporting data.

    Amazon Associates Privacy Notice: https://www.amazon.com/gp/help/customer/display.html?nodeId=468496

    Instagram (Embedded Content)

    My website includes embedded Instagram posts and feeds. When you view these embeds, Instagram may collect information about your visit, including through cookies and similar technologies. This data is governed by Instagram’s privacy policy, not mine.

    Instagram Privacy Policy: https://help.instagram.com/privacy/policy

    Substack (Newsletter)

    My website includes a link to subscribe to my newsletter on Substack (“The Travel Digest from JordanGassner.com”). If you choose to subscribe, you will be directed to Substack’s platform where they will collect and manage your subscription information according to their own privacy policy. I do not collect or manage newsletter subscriptions directly through my website.

    Substack Privacy Policy: https://substack.com/privacy

    5. How I Share Your Information

    I do not sell, rent, or trade your personal information. I only share your information in the following circumstances:

    • Service providers: With third-party companies who help me operate my website and process transactions (Google Analytics, Google Ads, Stripe, affiliate networks)
    • Legal obligations: When required by law, court order, or government regulation
    • Protection of rights: To protect my rights, property, or safety, or that of my users or the public
    • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner
    • With your consent: When you explicitly agree to share your information for a specific purpose

    6. Data Retention

    I retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

    Specific retention periods:

    • Account information: Retained for as long as your account is active or as needed to provide you services. If you request account deletion, I will delete or anonymize your information within 30 days, except where required to retain it for legal or accounting purposes.
    • Transaction records: Retained for 8 years for tax and accounting compliance purposes (as required by California law)
    • Contact form submissions: Retained for up to 2 years or until you request deletion
    • Comments (if applicable): Retained indefinitely for moderation and spam prevention purposes, or until you request deletion
    • Analytics data: Retained according to Google Analytics settings (typically 26 months), after which it is automatically deleted
    • Cookie data: Varies by cookie type; advertising and analytics cookies typically expire after 2 years

    7. What You Should NOT Submit

    IMPORTANT: You should NEVER submit sensitive personal information through this website.

    Do not provide the following information through contact forms, comments, or any other means on this website:

    • Social Security Numbers or other government identification numbers
    • Credit card numbers or full payment card details (Stripe handles all payment processing securely)
    • Date of birth (unless specifically required for age verification)
    • Health or medical information
    • Financial account numbers or passwords
    • Criminal background information
    • Race, ethnic origin, political opinions, religious beliefs, or other sensitive personal characteristics
    • Any other information you would not want to be publicly visible

    If you submit sensitive information to this website, I cannot be held liable for any consequences. I will delete such information if I become aware of it, but information left in public comments may be visible to others and could be misused by third parties unrelated to this website.

    Please keep all sensitive personal information private and secure.

    8. Data Security

    I take reasonable measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. This includes:

    • Using secure HTTPS encryption for all data transmission
    • Storing passwords using industry-standard hashing
    • Relying on PCI-DSS compliant payment processors (Stripe) for payment data
    • Limiting access to personal information to only what is necessary
    • Regularly reviewing and updating security practices

    However, no method of transmission over the internet or electronic storage is 100% secure. While I strive to protect your data using commercially acceptable means, I cannot guarantee its absolute security.

    9. Your Privacy Rights

    Depending on where you live, you may have certain rights regarding your personal information. I am committed to honoring these rights and making it easy for you to exercise them.

    For All Users

    Regardless of your location, you have the following rights:

    • Right to access: You can request a copy of the personal information I hold about you
    • Right to rectification: You can request correction of inaccurate or incomplete information
    • Right to erasure: You can request deletion of your personal information (subject to certain legal exceptions)
    • Right to withdraw consent: If you signed up for communications or provided consent for data processing, you can withdraw that consent at any time

    For European Union (EU) and UK Residents (GDPR)

    If you are located in the EU or UK, you have additional rights under the General Data Protection Regulation (GDPR):

    • Right to data portability: You can receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another service
    • Right to restrict processing: You can request that I limit how I use your information in certain circumstances
    • Right to object: You can object to my processing of your information, particularly for direct marketing purposes or when I process data based on legitimate interests
    • Right to lodge a complaint: You have the right to file a complaint with your local data protection authority

    Legal basis for processing (GDPR):

    I process your personal data under the following legal bases:

    • Contract performance: To fulfill my obligations when you purchase products from me
    • Consent: When you have given explicit consent for specific processing activities
    • Legitimate interests: To improve my website, prevent fraud, and conduct analytics (balanced against your rights)
    • Legal compliance: To comply with applicable laws and regulations

    For California Residents (CCPA/CPRA)

    If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

    • Right to know: You can request information about what personal data I collect, use, disclose, and sell (if applicable)
    • Right to delete: You can request deletion of your personal information (subject to certain exceptions)
    • Right to correct: You can request correction of inaccurate personal information
    • Right to opt-out of sale/sharing: You can opt out of the “sale” or “sharing” of personal information. Note: While I do not sell personal information in the traditional sense, sharing data with advertising networks like Google Ads may be considered a “sale” under CCPA. You can opt out using the methods described in the “How to Exercise Your Rights” section below.
    • Right to limit use of sensitive personal information: If I collect sensitive personal information (which I generally do not), you can limit its use
    • Right to non-discrimination: I will not discriminate against you for exercising your privacy rights

    Categories of personal information collected (CCPA):

    In the past 12 months, I have collected the following categories of personal information:

    • Identifiers (name, email address, IP address)
    • Commercial information (purchase history, products considered)
    • Internet/network activity (browsing behavior, interactions with website)
    • Financial information (billing details processed through Stripe)

    How to Exercise Your Rights

    To exercise any of the rights described above, please contact me at:

    Email: jordan@jordangassner.com

    When you submit a request, I will:

    • Verify your identity to protect your privacy. I will verify your request by asking you to confirm the email address associated with your account or purchase, and may ask additional questions to ensure the request is legitimate.
    • Respond within 30 days (or as required by applicable law, which may extend to 45 days in some cases)
    • Provide the requested information or action free of charge for the first request in a 12-month period

    Opt-out options for advertising and tracking:

    To opt out of personalized advertising and data sharing with advertising networks:

    • Google Ads Settings: https://www.google.com/settings/ads
    • Network Advertising Initiative: http://www.networkadvertising.org/choices/
    • Digital Advertising Alliance: http://optout.aboutads.info/
    • Your browser’s “Do Not Track” or similar privacy settings

    10. Global Privacy Control (GPC)

    I recognize and honor Global Privacy Control (GPC) signals. GPC is a technical specification that allows you to communicate your privacy preferences through your browser or extension settings.

    When I detect a GPC signal from your browser, I will:

    • Treat it as a request to opt out of the “sale” or “sharing” of your personal information under applicable privacy laws (such as CCPA)
    • Limit the use of certain tracking technologies where technically feasible

    To learn more about GPC and how to enable it, visit: https://globalprivacycontrol.org/

    11. Do Not Track

    Some browsers have a “Do Not Track” (DNT) feature that lets you tell websites you do not want to be tracked. Currently, there is no industry-wide standard for how websites should respond to DNT signals. As a result, I do not specifically respond to DNT signals at this time. However, as mentioned above, I do honor Global Privacy Control (GPC) signals.

    11. Prohibited Use for Artificial Intelligence

    I do not consent to the content on this website being used or downloaded by any third parties for the purposes of developing, training, or operating artificial intelligence or other machine learning systems (“AI Purposes”), except as authorized by me in writing (including written electronic communication).

    This prohibition includes but is not limited to:

    • Using website content to train large language models or other AI systems
    • Scraping or crawling this website for AI training data
    • Using automated systems to collect content for machine learning purposes
    • Incorporating my written content, photographs, or other creative works into AI datasets

    Users of this website, including any third parties accessing the website through automated systems, are prohibited from using any content on the website for AI Purposes without my express written consent. Failure to respect these restrictions will be considered a breach of this Privacy Policy and may result in legal action.

    12. International Data Transfers

    My website is operated from the United States. If you are located outside the United States, please be aware that information I collect will be transferred to, processed, and stored in the United States, where data protection laws may differ from those in your country.

    By using my website, you consent to the transfer of your information to the United States. For users in the EU/UK, I rely on standard contractual clauses and other appropriate safeguards to ensure your data is protected in accordance with GDPR requirements.

    13. Children’s Privacy

    My website is not intended for, nor do I knowingly collect personal information from, children under the age of 13 (or 16 in certain jurisdictions, such as the EU).

    If you are a parent or guardian and believe your child has provided me with personal information, please contact me at jordan@jordangassner.com. I will promptly delete such information from my records.

    If I become aware that I have collected personal information from a child under the applicable age without parental consent, I will take steps to delete that information as quickly as possible.

    14. Links to Other Websites

    My website may contain links to third-party websites, including Substack for my newsletter, Instagram, Amazon, and other sites. I am not responsible for the privacy practices or content of these external sites.

    I encourage you to review the privacy policies of any third-party websites you visit before providing any personal information. This Privacy Policy applies only to information collected through my website.

    15. Changes to This Privacy Policy

    I may update this Privacy Policy from time to time to reflect changes in my practices, technology, legal requirements, or other factors. When I make changes, I will update the “Last Updated” date at the top of this policy.

    How I will notify you of changes:

    • Minor changes: I will update the policy on this page and change the “Last Updated” date. I encourage you to review this policy periodically.
    • Material changes: If I make significant changes that materially affect your rights or how I use your information, I will provide additional notice by:
      • Posting a prominent notice on my website
      • Sending an email to registered users (if I have your email address)

    Your continued use of my website after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree with the changes, please discontinue use of my website.

    16. Contact Information

    If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

    Jordan Gassner Travel Blog

    Email: jordan@jordangassner.com

    We will make every effort to respond to your inquiry within 30 days. For privacy rights requests, please clearly state the nature of your request (e.g., “Request for Data Access” or “Request for Data Deletion”) in the subject line of your email.

    For EU/UK residents: If you are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with your local data protection authority.

    Thank you for trusting us with your information. Your privacy matters to us.

    Jordan Gassner wearing an explorer outfit while on a boat exploring Trang An Ninh Binh, Vietnam

    Don’t Miss The Adventure

    Subscribe to The Travel Digest, my Substack newsletter, for detailed trip itineraries, shoppable packing lists, and monthly travel round-ups.

    SUBSCRIBE HERE