Privacy Policy

Last updated: April 2026

What we collect

When you participate in a Juno experience, we may collect the following categories of personal data:

  • Contact information — name, email address, phone number
  • Profile details — date of birth, nationality, passport information, mailing address
  • Health and safety data — food allergies, medical allergies, physical limitations, swimming ability, vaccination records, accessibility needs
  • Emergency contact — name, phone number, and relationship of your designated emergency contact
  • Travel information — flight details, booking references
  • Payment records — amounts and dates of payments (processed by third-party payment providers)

Why we collect it

  • Trip safety planning — health data helps us accommodate dietary needs, physical limitations, and medical requirements during your experience
  • Communication — contact details allow us to share trip information, logistics, and updates
  • Legal and accounting obligations — financial records are retained as required by tax and accounting regulations

Lawful basis for processing

We process your data under the following legal bases:

  • Contract performance — processing your contact details, passport, and travel information is necessary to deliver the experience you signed up for
  • Explicit consent — health and safety data is classified as Special Category Data under GDPR Article 9. We collect this only with your explicit, informed consent, which you can withdraw at any time
  • Legitimate interest — emergency contact information is collected for trip safety purposes
  • Legal obligation — financial records are retained to comply with tax and accounting requirements

How long we keep your data

  • Health and safety data — automatically deleted 90 days after your most recent trip ends. If you have no upcoming trips, this data is wiped on a daily automated schedule.
  • Contact and profile data — retained for the duration of your active relationship with Juno. Deleted upon request.
  • Financial records — retained for up to 7 years in anonymized form, as required by accounting regulations.

Your rights

Under the General Data Protection Regulation (GDPR) and applicable privacy laws, you have the right to:

  • Access — request a copy of all personal data we hold about you
  • Erasure — request deletion of your personal data from our active systems
  • Rectification — correct inaccurate data through your member portal or by contacting us
  • Withdraw consent — revoke consent for health data processing at any time through your member portal
  • Lodge a complaint — file a complaint with your local data protection supervisory authority

To exercise any of these rights, contact us at hello@junodestinations.com. We will respond within 30 days.

Third-party processors

We use the following services to process your data on our behalf. All processors maintain appropriate security standards and safeguards:

  • Resend — transactional email delivery
  • Neon — database hosting
  • Cloudflare — encrypted backup storage
  • BoldSign — electronic signature collection for waivers and agreements

Backups

We maintain encrypted nightly backups for disaster recovery purposes. These backups are retained for 90 days and then permanently destroyed. Backup data is considered "beyond use" — it is not accessed, viewed, or processed for any operational purpose.

If a backup is ever restored, our systems automatically re-apply any data deletions that occurred since the backup was taken, ensuring that deleted data does not reappear.

Cookies

Juno uses only essential session cookies required for authentication on our member and admin portals. We do not use tracking cookies, analytics cookies, or any third-party advertising cookies.

Contact

For any questions about this privacy policy or how we handle your data, please contact us at hello@junodestinations.com.