Effective date: May 31, 2026 · Last updated: May 31, 2026 · Holoholo.ai LLC, Honolulu, Hawaiʻi
This Policy may change. Please check the “Last updated” date at the top and bottom of this page from time to time. We will notify you by email of material changes.
1. Who We Are
Holoholo.ai LLC (“Holoholo,” “we,” “us,” or “our”) operates the regenerative tourism concierge platform at holoholo.ai. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.
Plain-English heads-up. Two parts of Holoholo are experimental and not guaranteed: (a) the automated booking we attempt on your behalf, and (b) the ongoing AI concierge chat in your trip portal. Both involve data flowing to extra parties — for auto-booking, your name, email, phone, and billing address pass through third-party headless-browser infrastructure (Browserless) when our bot fills a supplier form; for the concierge, your messages are sent to AI providers (Anthropic, with OpenAI as a fallback). The data flows are described in detail in § 3 and § 4 below. See the Terms of Service § 1 for what is and is not guaranteed.
2. Information We Collect
Information you provide directly
- Contact information: your name, email address, and phone number, provided when you submit a trip planning request.
- Travel preferences: your selected activities, travel dates, group size, budget, neighborhood preference, dietary needs, fitness level, and other itinerary inputs.
- Hotel information: the name of your hotel, used to find nearby beach service providers and determine guest pricing. We do not book lodging.
- Payment information: processed directly by Stripe. Holoholo.ai does not store your card number, CVV, or full payment credentials. We receive a Stripe payment confirmation and customer identifier.
- Concierge chat messages: any text you send to the AI concierge in your trip portal, plus any SMS replies if you opted in to SMS alerts.
Information collected automatically
- Usage data: pages visited, browser type, IP address, and referring URL, collected via standard web server logs. We do not currently use third-party analytics.
- Authentication cookie: a short-lived, httpOnly session cookie is set when you access your trip portal via a magic-link. This cookie contains a hashed token and is used solely for trip portal authentication.
- Booking automation telemetry: when our bot attempts to place a booking, we record the outcome (success / handoff / failure), supplier and step identifiers, and redacted error context for debugging. Card data is never recorded; PCI-sensitive fields are scrubbed at our boundary before any error tracking.
3. How We Use Your Information
- To generate and deliver your personalized Oʻahu itinerary (our core product).
- To attempt to coordinate bookingswith local suppliers on your behalf. Automated booking is experimental; when it succeeds we minimize the data sent to the supplier (see § 4 “Local suppliers”). When it fails, we either hand you off to the supplier’s own checkout with your details prefilled, coordinate the booking by email or SMS, or — if our automation never placed a booking and no booking was made by hand afterward — refund the supplier-side amount per our refund policy.
- To process your planning deposit and send payment confirmations via email.
- To send your trip portal access link via email (magic-link authentication).
- To send SMS booking alerts if you opted in at the time of your trip request (carrier message rates may apply).
- To power the AI concierge chatin your trip portal (this is experimental; see § 1 and the Terms § 1). Concierge messages may be reviewed by the Holoholo operator team (a small humans-only group) when an alert escalates, a booking requires manual completion, or for routine quality review. They are not used to train AI models — Anthropic’s Commercial Terms (referenced in § 4) prohibit training on data we send.
- Weather and ocean-advisory monitoring.We continuously check public weather and ocean-advisory feeds against your trip dates and booked activities so that the concierge can alert you to anything that might affect your day. We do not send your personal information to those feeds — only your trip dates, region, and the activity types you have booked, none of which identify you.
- Pre-event confirmation-page re-walks.Before your event date, we may re-visit the supplier’s confirmation page on a schedule using the same automated infrastructure that placed the booking, in order to detect supplier-initiated changes or cancellations early. These re-walks use the confirmation URL and lookup code already associated with your booking; they do not transmit additional personal data to the supplier.
- To respond to your support inquiries.
- To improve the platform and fix bugs (using anonymized usage data).
We do not sell your personal information to third parties. We do not use your data for targeted advertising. We do not use your data to train AI models, and our sub-processors are contractually prohibited from doing so on data we send through them.
4. Third-Party Services
We share your information with the following sub-processors only as necessary to operate the service. All listed sub-processors are located in the United States unless noted.
- Stripe— payment processing for your planning deposit and any refunds back to your card. Your payment data is governed by Stripe’s Privacy Policy.
- Privacy.com(Lithic Technology Inc.) — issues the single-use virtual cards we use to pay suppliers on your behalf. Your card number is never shared with the operator; instead we mint a virtual card capped at the supplier price and use that to complete the booking. We share only the purchase amount and merchant info needed to mint the card — no traveler name, email, or phone. The card billing address used for AVS verification is the address on file with Privacy.com (our account), notyour billing address — your billing address is never transmitted to the supplier processor. Governed by Privacy.com’s Privacy Policy.
- Resend— transactional email (deposit confirmations, magic-link emails, itinerary delivery, cancel-request emails to suppliers, satisfaction surveys, morning briefs). Your name and email address are transmitted to Resend for delivery. When we send a cancel or change request to a supplier on your behalf, you are CC’d so you have a copy of what we sent.
- Supabase (PostgreSQL)— our primary database, hosted in the United States. Trip records, preferences, and booking data are stored here.
- Vercel— web hosting and serverless functions. Requests to holoholo.ai pass through Vercel’s infrastructure.
- Browserless— provides the headless-browser infrastructure that runs our automated booking software. When we attempt to place a booking on your behalf, your name, email, phone, billing address (typed into the supplier’s form by the bot), and our single-use virtual card data pass through Browserless during the form-fill session. We do not retain card data; Browserless does not retain session data beyond the booking window.This sub-processor is integral to the experimental auto-booking feature described in § 1 and Terms § 1. Governed by Browserless’s privacy policy.
- Sentry— error tracking. Stack traces and breadcrumbs from booking failures and concierge errors may include trip identifiers, supplier identifiers, and occasionally redacted email or phone fragments. We use Sentry’s PII scrubbing and standard 90-day retention. Card numbers, CVVs, and full PAN data are scrubbed at our boundary before they reach Sentry. Governed by Sentry’s privacy policy.
- Local suppliers— your name, email, and phone (or our Twilio number, when OTP routing applies — see Twilio entry below) may be shared with specific tour operators and beach service providers when we place bookings on your behalf. We share only the minimum information necessary for the booking. Many smaller suppliers do not publish a privacy policy; we vet operators for basic data hygiene before adding them to the platform.
- Anthropic (Claude API)— your travel preferences, group size, neighborhood preference, dietary needs, hotel name, itinerary state, and any concierge chat messages you send are transmitted to Anthropic to generate and adjust your itinerary and to power the concierge chat. Our use of the Anthropic API is governed by Anthropic’s Commercial Terms (§ B, Customer Content), which prohibit Anthropic from training models on the data we send. General data handling is described in their privacy policy.
- OpenAI— used as a fallback model provider for the same itinerary + concierge functions when Anthropic is unavailable. Same data scope. Governed by OpenAI’s privacy policy.
- Twilio— SMS booking alerts (only if you opted in at trip-request time), and OTP / verification-SMS routing for supplier bookings that require it. Your phone number is on file with Twilio for outbound delivery. For OTP-required bookings, our Twilio number is the destination the supplier sees, not your real number — we relay the verification code or supplier message back to you through the concierge. This countermeasure exists because some suppliers send verification SMS that, if delivered to you directly, would break automated checkout flows. Inbound SMS from suppliers to our Twilio number is reviewed for OTP codes and supplier-side messages. Governed by Twilio’s privacy policy.
- Google reCAPTCHA Enterprise— loaded by certain supplier checkout pages (for example, Ventrata-powered operators) while our bot is interacting with them. reCAPTCHA’s data collection is governed by Google’s privacy policy and is independent of Holoholo; it is loaded by the supplier’s page, not by ours.
5. Cookies
We use one functional cookie: a short-lived, httpOnly trip portal authentication cookie (name: holoholo_trip_token_[publicId]). This cookie is set only when you click a magic-link and is used exclusively for trip portal authentication. It is not used for advertising or cross-site tracking.
Magic-link expiration: each magic-link is valid for 14 days from the time we send it; after that you will need to request a fresh link from your trip portal.
We do not use Google Analytics, Facebook Pixel, or any third-party advertising cookies.
6. Data Retention
We retain your trip record and associated personal information for as long as necessary to fulfill the services described in your trip request and to comply with legal obligations. Concierge chat messages (SMS and email conversations with our automated concierge) are retained for 365 days from the date each message was sent, after which they are deleted by an automated nightly process.
Financial records— booking, payment, charge, and refund rows associated with completed transactions — are retained for 7 years to satisfy US tax (IRC § 6001), consumer-protection, and SEC record-keeping obligations. These rows do not contain your name, email, or phone number; they hold only Stripe transaction identifiers and amounts.
Booking-automation telemetry (outcome codes, supplier identifiers, error breadcrumbs) is retained for the standard 90-day Sentry window, then aged out.
Backups are replicated for up to 30 days. Records you delete will age out of replicated backups within that window.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access / export— download a structured JSON copy of every personal-data row we hold about you. From your trip portal, request an export at
/api/account/export; you’ll receive a file containing your trip records, itineraries, concierge chat history, payments, bookings, and any newsletter or referral records. - Deletion— request deletion of your account from your trip portal at
/api/account/delete. We will anonymize your name, email, phone, hotel address, travel preferences, and concierge chat history; financial records are retained for the seven-year window described in Section 6. A confirmation email is sent on completion. - Request correction of inaccurate data.
- Opt out of marketing emails (newsletter, NPS surveys, cart-abandonment) at any time via the unsubscribe link in any such email.
- Opt out of SMS alerts at any time by replying STOP to any text we send.
You can also email keith@holoholo.ai if you cannot access your trip portal or prefer a manual process. We aim to respond within five business days.
8. Children’s Privacy
Our trip account is for adults: per the Terms of Service § 2, you must be at least 18 to create a trip account and confirm bookings. We do not knowingly collect personal information from children under 13. Minors may participate in activities booked under an adult’s account; the adult booker is responsible for any minor-participant information they provide. If you believe we have inadvertently collected information from a child under 13, please contact us immediately.
9. Security
We use industry-standard measures to protect your data, including HTTPS encryption, httpOnly authentication cookies, hashed token storage, and PCI-sensitive field scrubbing before any third-party error tracking. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The current effective date is shown at the top and bottom of this page. Material changes will be communicated via email to the address on your trip record. Continued use of the service after notice of changes constitutes acceptance of the updated policy.
11. Governing Law
This Privacy Policy is governed by the laws of the State of Hawaiʻi, USA.
12. Contact
Privacy questions or requests? Email keith@holoholo.ai or write to:
Holoholo.ai LLC
1000 Bishop St, Suite 800
Honolulu, HI 96813Last updated: May 31, 2026.