Welcome to Advanced Reservation Systems Inc. (dba aRes Travel) (“aRes,” “we,” “our,” or “us”). We value your trust and are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our websites — including arestravel.com, attractiondeals.com, reservations.arestravel.com, and our private-label booking engines operated for partner websites (collectively, the “Services”).
We’ve written this policy to be clear and friendly while staying aligned with major privacy frameworks including the California Consumer Privacy Act (CCPA/CPRA) and, as applicable, the EU and UK GDPR.
1. Who We Are and Our Role
aRes Travel provides white-label online booking engines for a host of different types of distribution partners. Depending on the context of processing, aRes may act as either a Data Processor or a Data Controller under applicable privacy laws.
When acting as a Data Processor or Service Provider, aRes processes personal data strictly on behalf of our clients (such as destination marketing organizations, .coms, hotels, attractions, meetings and events) in order to fulfill reservations and related travel services. In these cases, the client is the Data Controller that determines the purpose and means of processing, and aRes follows their documented instructions. aRes ensures confidentiality, security, and lawful processing by implementing proper technical and organizational safeguards (e.g., encryption, access controls, sub-processor oversight).
When acting as an independent Data Controller, aRes determines its own purposes and means of processing for specific operational and legal functions. These may include fraud prevention, network and information security, analytics to improve platform performance, compliance with statutory obligations, and maintaining business records necessary for legitimate interests.
We maintain clear role-based accountability for all processing activities and ensure that appropriate contractual, organizational, and technical safeguards are in place to protect data subjects’ rights and comply with all applicable privacy requirements.
2. Information We Collect
We collect personal information you provide or that is automatically gathered when you use the Services.
Information you provide directly:
- Contact details (name, email, phone, address)
- Reservation and payment details (e.g., credit-card token, billing address)
- Traveler preferences and special requests
- Communications you send us (email or form submissions)
Information we collect automatically:
- Browser type, device information, IP address, referring URL, and cookie identifiers
- Analytics data about how you interact with our Services
Sensitive data (e.g., payment card numbers) is processed only through secure, PCI-DSS� compliant gateways; aRes does not store raw payment credentials.
3. How We Use Information
We use personal information to:
- Process and manage travel reservations and payments (Processor role)
- Provide customer support and confirmations (Processor role)
- Operate, maintain, and improve our platform (Controller role)
- Prevent fraud and ensure security and compliance (Controller role)
- Communicate important service updates (Processor role)
- Where permitted, send marketing or survey communications you can opt out of any time (Controller role)
We may use aggregated, de-identified information for analytics and business insights; such data can't be used to identify you.
4. When We Share Information
We share personal data only as necessary and with appropriate safeguards:
- Client Partners (Controllers): To fulfill bookings made on their branded sites (Processor role).
- Sub-Processors: Trusted providers such as AWS (cloud hosting) RateGain, other lodging and attraction providers (booking connectivity), and email and fraud-prevention services.
- Legal or Regulatory Disclosures: When required by law or to protect rights and security (Controller role).
- Business Transfers: If aRes is involved in a merger or acquisition, your information may transfer subject to this Policy.
We never sell personal information for monetary consideration.
5. Cookies and Tracking Technologies
We use cookies and similar tools to make our Services work, remember preferences, measure traffic, and improve usability. You can manage or delete cookies via your browser settings.
6. Data Retention
We keep personal information only as long as needed to deliver the Services, meet legal obligations, resolve disputes, and enforce agreements. Afterward, data is securely deleted or anonymized.
7. Your Privacy Rights
Depending on your location, you may have rights to:
- Access and receive a copy of your personal data
- Request correction or deletion
- Opt out of sale or sharing of data (for California residents)
- Withdraw consent (where consent was given)
- Lodge a complaint with a supervisory authority (GDPR)
To exercise your rights, email privacy@arestravelinc.com or use our contact us web form. We'll verify your identity before responding.
8. Security of Your Information
We use industry-standard measures to protect your information, including encryption in transit and at rest, access controls and multi-factor authentication, network monitoring, and regular vulnerability testing. No system is 100% secure, but we continuously improve our controls to reduce risk.
9. International Transfers
Personal data may be processed in the United States or other countries where our sub� processors operate. We use appropriate safeguards such as Standard Contractual Clauses for cross-border transfers from the EEA or UK.
10. Children’s Privacy
Our Services are not intended for children under 16 years of age, and we do not knowingly collect their information.
11. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be notified by posting a revised version with an updated date. Your continued use of the Services means you accept the changes.
12. Contact Us
If you have questions or concerns about this Policy or how we handle data:
Email: privacy@arestravelinc.com
Mail: Privacy Officer, Advanced Reservation Systems Inc., 2079 Garnet Ave. San Diego CA, 92109