Skip to content
ExploreHowth

Privacy Policy

Last updated: 2 March 2026

TravelPlan.guide (“the Site”) is operated by CDL Strategies Ltd, a company registered in Ireland. We respect your privacy and are committed to protecting your personal data. This policy explains what data we collect, why, and what rights you have under the General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 2018.

If you have any questions, contact us at cathal@cdlstrategies.com.

1. Data Controller

The data controller for this Site is CDL Strategies Ltd, contactable at cathal@cdlstrategies.com.

2. What Data We Collect

a) Analytics Data

We use Google Analytics 4 (GA4) to understand how visitors use the Site. GA4 collects anonymised usage data including pages viewed, approximate geographic location (country/city level), device type, browser, and referral source. Google Analytics uses cookies. See our Cookie Policy for details. Analytics cookies are only set after you give consent via our cookie banner.

b) Affiliate Tracking Data

We may participate in affiliate programmes, including Booking.com via CJ Affiliate (operated by Epsilon International UK Ltd, part of Publicis Groupe). When you click an affiliate link on the Site, CJ Affiliate and/or the advertiser may place tracking cookies on your device to attribute any subsequent booking or purchase to our referral. This tracking is performed by CJ Affiliate’s technology, not by us directly. CJ Affiliate processes this data as a data controller in its own right. You can read CJ’s privacy policy at cj.com/legal/privacy. We do not receive any personally identifiable information about you from CJ. We receive only aggregated commission and click data.

c) Third-Party APIs

The Site fetches live data from external services to display weather, public transport, and tide information. These requests are made server-side (from our hosting infrastructure, not your browser) and do not send your personal data to these providers:

  • Open-Meteo for weather forecasts (no API key required, no personal data transmitted)
  • Irish Rail for live DART departure times (public XML feed, no personal data transmitted)
  • WorldTides for tide predictions (API key server-side only, no personal data transmitted)

d) Data We Do Not Collect

We do not operate user accounts, forums, or newsletter signups at this time. We do not collect names, email addresses, payment details, or any other directly identifying personal data through the Site. We do not knowingly collect data from children under 16 years of age.

3. Legal Basis for Processing

Under the GDPR, we process data on the following bases:

  • Consent: Analytics and affiliate tracking cookies are only activated after you give consent via our cookie banner (Article 6(1)(a) GDPR).
  • Legitimate interest: Serving the Site’s content and making server-side API calls to display live data (Article 6(1)(f) GDPR).

4. Cookies

Full details on the cookies we use, including how to manage or opt out, are provided in our Cookie Policy.

5. Who We Share Data With

We may share data with the following categories of processors:

  • Vercel Inc. for website hosting and content delivery (data processed in the EU where possible)
  • Google LLC for analytics (GA4), subject to your consent
  • CJ Affiliate / Epsilon International UK Ltd for affiliate tracking technology, subject to your consent
  • Cloudflare Inc. for DNS, CDN, and security services

We do not sell your personal data to anyone.

6. International Data Transfers

Some of our service providers (Google, Vercel, Cloudflare) are based in the United States. Where data is transferred outside the EEA, these providers rely on EU-approved mechanisms such as Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework.

7. Data Retention

Google Analytics data is retained for 14 months, after which it is automatically deleted. Affiliate tracking cookies expire according to each programme’s cookie duration (typically 30 days for Booking.com). We do not maintain any other databases of personal data.

8. Your Rights Under GDPR

You have the right to:

  • Access: request a copy of any personal data we hold about you
  • Rectification: ask us to correct inaccurate data
  • Erasure: ask us to delete your data (“right to be forgotten”)
  • Restrict processing: ask us to limit how we use your data
  • Data portability: receive your data in a structured, machine-readable format
  • Object: object to processing based on legitimate interest
  • Withdraw consent: withdraw cookie consent at any time via the cookie settings on the Site

To exercise any of these rights, email cathal@cdlstrategies.com. We will respond within 30 days as required by law.

9. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC) at dataprotection.ie.

10. Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. Material changes that affect your rights will be highlighted via the cookie consent banner.