Privacy Policy

Last updated: November 1, 2025

This Privacy Policy explains how PixelMakers Studio Srl under Voyant brand (“Voyant,” “we,” “us,” or “our”) collects, uses, stores, and protects personal data when you use our platform, APIs, websites, and related services (collectively, the “Services”).

By accessing or using Voyant, you acknowledge that you have read and understood this Policy.
If you do not agree, please discontinue use of the Services.

1. Who We Are

PixelMakers Studio Srl (Voyant)
Aleea Vitioarei 3, Ploiesti, Romania
Email: help@voyantcloud.com

Voyant acts as a Data Controller for account and administrative data, and as a Data Processor for customer and traveler data managed within Voyant workspaces.
Our Data Protection Officer (DPO) can be reached at the above email.

2. Scope

This Policy applies to all users of Voyant’s Services, including:

  • Agency and operator accounts using Voyant One
  • Developers using the Voyant Platform (API)
  • End customers interacting with agency-hosted booking portals or forms powered by Voyant.

3. Information We Collect

3.1 Account Information

When you register or are invited to a workspace, we collect:

  • Name, email address, and password
  • Organization or company name
  • Workspace and tenant identifiers
  • Billing and subscription information

3.2 Operational Data

When using Voyant, we process:

  • Product and catalog data (titles, media, descriptions, tags)
  • Bookings, departures, and availability data
  • Payment metadata (transaction IDs, provider status)
  • Communication logs (message timestamps, delivery status)
  • API usage and activity logs

3.3 Customer Data

If you manage bookings or forms that include traveler information, that data is stored and processed within your selected region. This may include:

  • Traveler names, contact details, preferences
  • Booking and payment references
  • Invoice and refund metadata

Voyant acts as a Data Processor for this data.

3.4 Automatically Collected Data

We collect limited technical data for security and analytics, including:

  • IP address and browser type
  • Device identifiers
  • Access timestamps and usage metrics
  • Cookies and session identifiers

4. How We Use Information

We use personal and operational data to:

  1. Provide, maintain, and improve the Services
  2. Authenticate users and manage access control
  3. Process subscriptions and payments
  4. Communicate service updates and transactional messages
  5. Support integrations and third-party connections
  6. Detect, prevent, and investigate fraud or abuse
  7. Analyze aggregated usage for product improvement
  8. Comply with legal obligations

Voyant does not sell or rent personal data to third parties.

5. Data Residency and Storage

5.1 Regional Hosting

Each Tenant or Workspace selects a data residency region (EU or US).
Voyant stores all personally identifiable information (PII) within that region and processes it only in that jurisdiction.

5.2 Encryption

All PII is encrypted at rest and in transit.
Encryption keys are managed securely via Google Cloud KMS and internal access controls.

5.3 Non-PII Global Distribution

Public, non-personal content (product titles, media, marketing pages, tags, etc.) may be replicated globally via CDN (Cloudflare, Vercel) to ensure performance.
These replicas never contain PII.

5.4 CMS and Website Hosting

If you host your CMS or website with Voyant:

  • Public pages and media are cached worldwide.
  • Any form submissions or booking data containing PII are stored only in your configured region.

5.5 Retention

Data is retained as long as necessary to provide the Services and comply with legal obligations.
Upon termination or deletion, PII is removed from active storage and securely purged from backups within 30–90 days.

6. Payments

Voyant does not process or store end-customer payment details.
Each Tenant integrates its own payment provider (e.g., Stripe, Netopia, PayPal) and remains responsible for that merchant relationship.
Payment credentials (API keys) are encrypted and stored securely in your region.
Voyant only transmits limited metadata (e.g., transaction ID, status) for synchronization.

7. Communications

Voyant provides messaging tools for email, SMS, and WhatsApp via managed Twilio infrastructure.

  • Voyant does not sell or reuse message content.
  • Message logs and metadata may be retained for support and compliance.
  • You are responsible for lawful use, including opt-in consent where required.

Transactional and marketing emails are sent through Resend and Mailchimp, respectively.

8. AI and Analytics

Voyant offers optional AI and analytics features.

  • AI prompts and outputs are processed in real time and not used to train external models.
  • Anonymous usage metrics may be collected through Posthog, Google Analytics, and internal systems.
  • Aggregated analytics are stored in Clickhouse.
  • All analytics data is anonymized or pseudonymized wherever possible.

9. Marketing Website

Our public marketing site (voyantcloud.com) is hosted on Webflow.
Webflow may collect limited analytics or form submissions for communication and promotional purposes.
This data is processed under Webflow’s Privacy Policy and is not linked to customer workspace data.

10. Sharing and Disclosure

Voyant shares data only as necessary to operate and improve the Services.

Regional Processing Model

Voyant operates two primary data regions — European Union (EU) and United States (US).
Customer and workspace data remain within the selected region.
Some vendors provide global services (e.g., authentication, messaging, CDN, billing).
Other infrastructure providers maintain region-scoped deployments, ensuring that EU data remains in the EU and US data remains in the US.
All subprocessors operate under GDPR-compliant Data Processing Agreements (DPAs) and apply equivalent security controls.

Subprocessors

  • Google Cloud Platform (GCP)
    • Core infrastructure & storage
  • Neon
    • Managed Postgres database
  • Cloudflare
    • CDN & edge caching
  • Vercel
    • Frontend & CMS hosting
  • Upstash
    • Caching & queues
  • WorkOS
    • Authentication & SSO
  • Stripe
    • Subscription billing
  • Twilio
    • SMS & WhatsApp messaging
  • Resend
    • Transactional email
  • Mailchimp
    • Marketing email
  • Google Analytics, Posthog
    • Analytics
  • Clickhouse
    • Event data warehouse
  • Algolia
    • Search & discovery
  • Pinecone
    • AI & vector storage
  • Trigger.dev
    • Workflow automation
  • Intercom
    • Customer support

All subprocessors are vetted and bound by contractual data protection obligations consistent with GDPR.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data
  • Restrict or object to certain processing
  • Export your data (data portability)
  • Withdraw consent (where applicable)

Requests may be sent to help@voyantcloud.com.
Voyant may require identity verification.
If you are an end-customer of an agency using Voyant, please direct requests to that agency.

12. Security

Voyant employs:

  • TLS 1.2+ encryption for all connections
  • Role-based access control
  • Regular security audits and vulnerability testing
  • Multi-region redundancy and backup
  • Continuous monitoring and incident alerting

No system is completely secure, but Voyant follows industry best practices to minimize risk.

13. Data Transfers

When providing global availability, Voyant may transfer non-PII data between regions.
Transfers of PII outside the EU are protected by Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

14. Children

Voyant is a business-to-business platform intended for professional use by travel agencies and related organizations.
Voyant does not directly offer services to minors or allow them to create accounts.

However, in certain cases, a parent, guardian, or authorized travel agent may submit information about minors (such as traveler names, ages, or passport details) when purchasing or managing travel services through a Voyant-powered booking system.

  • Such data is processed solely on behalf of the Customer (the agency) and only for the legitimate purpose of completing the booking or fulfilling legal travel requirements.
  • This information remains under the control of the Customer and is handled in accordance with Voyant’s Data Processing Agreement and Privacy Policy.
  • If you believe a child’s data has been submitted in error or without proper consent, please contact privacy@voyant.app so that we can coordinate with the relevant Customer to investigate and, if appropriate, remove or anonymize the data.

15. Changes to This Policy

We may update this Policy periodically.
Changes will be posted here with a revised "last updated" date.
Substantive updates will be communicated via email or in-app notice.
Continued use after updates constitutes acceptance.

16. Contact Us

For privacy or data protection inquiries:

PixelMakers Studio Srl (Voyant)
Aleea Vitioarei 3, Ploiesti, Romania
Email: help@voyantcloud.com

By using Voyant, you acknowledge that you have read, understood, and agree to this Privacy Policy.