Privacy Policy

Last updated and effective on June 17th, 2026

Afar LLC ("Afar," "we," "our," or "us") is a Delaware public benefit limited liability company that operates as Afar and Afar Media. Our mission is to inspire, guide, and enable our readers to have deeper and more fulfilling travel experiences. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our website, mobile applications, print magazine, newsletters, podcasts, and other digital services (collectively, the "Services").

By using the Services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Services. We encourage you to review this policy periodically; when we make material changes, we will provide prominent notice.

Table of Contents

  1. Information We Collect
  2. How We Collect Information
  3. How We Use Your Information
  4. Advertising and Interest-Based Advertising
  5. How We Share Information
  6. Third-Party Tools and Services
  7. Cookies and Tracking Technologies
  8. How Long We Retain Your Information
  9. Your Privacy Rights
  10. Information for California Residents
  11. Information for Residents of Other U.S. States
  12. Information for EU, UK, and EEA Residents
  13. International Data Transfers
  14. Data Security
  15. Children's Privacy
  16. Do Not Track Signals
  17. Third-Party Links and Sites
  18. Changes to This Policy
  19. Contact Us

1. Information We Collect

We collect information in the following categories, depending on how you interact with our Services:

A. Information You Provide Directly

You may provide personal information when you:

  • Register for a newsletter: name, email address
  • Subscribe to or purchase the print magazine or a digital product: name, postal address, email address, telephone number, and payment/credit card information.
  • Give a gift subscription: name, mailing address, and telephone number of the gift recipient.
  • Participate in a sweepstakes, contest, or survey: name, email address, zip code, and any additional information requested in the entry form (e.g., travel preferences, demographics).
  • Use travel booking or affiliate transaction features: booking details, travel preferences, and related transactional information.
  • Contact our customer service team: correspondence and any information you provide in your communications with us.

B. Information Collected Automatically

When you use our Services, we and our service providers automatically collect:

  • IP address and approximate geographic location (derived from IP address — we do not collect precise GPS-level location).
  • Browser type, version, and settings; operating system; device type and identifiers.
  • Pages visited, content viewed, links clicked, time spent on pages, and referring URLs.
  • Cookie identifiers and other tracking technology data (see Section 7).
  • Email engagement data such as open rates and link clicks when you receive our newsletters or promotional emails.

C. Information from Third-Party Sources

To the extent permitted by law, we may supplement the information we hold about you with information from publicly available sources, social media platforms, commercially available data providers, and advertising partners. We may combine this supplemental data with information we already have about you.

D. Sensitive Information

Unless specifically requested by us, please do not send us — and do not disclose through our Services — sensitive personal information such as government identification numbers, financial account credentials, health or medical information, information about racial or ethnic origin, religious or political beliefs, or criminal history. If you voluntarily submit such information, you consent to our processing it in accordance with this Policy.

↑ Back to top

2. How We Collect Information

We collect information through the following methods, when you open, read, watch, listen, comment or otherwise interact with us through any platform:

  • Directly from you, when you complete a form, register, subscribe, purchase, or contact us.
  • Automatically through cookies, web beacons, pixel tags, and similar tracking technologies embedded in our website and emails.
  • From third-party advertising networks, analytics providers, and data partners who collect information about your online activity across websites and apps.
  • From social media platforms when you interact with our social media accounts or use social sharing features on our Services.
  • From sweepstakes, contest, and promotion co-sponsors or administrators.
  • From travel booking partners and affiliate networks when you complete a transaction initiated through our Services.
↑ Back to top

3. How We Use Your Information

We use the personal information we collect for the following purposes:

  • Providing and improving the Services: to operate our website, fulfill subscriptions, process transactions, respond to your requests, and improve our content and features.
  • Personalization: to tailor content, recommendations, and advertising to your interests, on our Services and on third-party platforms.
  • Communications: to send you newsletters, service announcements, account-related notices, and — with your consent — promotional messages from us.
  • Marketing and advertising: to serve interest-based advertising to you on our Services and on third-party websites, apps, and platforms (see Section 4).
  • Contests, sweepstakes, and promotions: to administer entries, verify eligibility, and fulfill prizes.
  • Travel booking and affiliate services: to facilitate bookings and transactions and share necessary information with booking partners (subject to their privacy policies).
  • Analytics: to understand how users interact with our Services, measure audience size and engagement, and improve performance.
  • Legal compliance and safety: to comply with applicable law, respond to legal process, enforce our Terms of Service, detect and prevent fraud, and protect the rights and safety of Afar and our users.
  • Business transactions: in connection with a merger, acquisition, reorganization, bankruptcy, or asset sale, your information may be disclosed or transferred as part of that transaction.
↑ Back to top

4. Advertising and Interest-Based Advertising

We work with third-party advertising networks, ad servers, and ad technology partners (including programmatic advertising platforms) to serve targeted advertisements to you on our Services and on other websites and apps. These partners may collect information about your online activity over time and across different websites and services in order to show you advertisements tailored to your interests. This practice is sometimes called "cross-context behavioral advertising" or "interest-based advertising."

Under California law (CPRA), sharing personal information with advertising partners for cross-context behavioral advertising may constitute a "sale" or "sharing" of personal information. We provide the following opt-out mechanisms:

  • Do Not Sell or Share My Personal Information: You may opt out of the sale and sharing of your personal information for cross-context behavioral advertising by clicking here: Do Not Sell or Share My Personal Information.
  • Global Privacy Control (GPC): We honor GPC signals sent by your browser or device as a valid opt-out of the sale and sharing of your personal information.
  • Industry opt-out tools: You may also opt out through the Network Advertising Initiative (NAI) opt-out tool at networkadvertising.org/managing/opt_out.asp and the Digital Advertising Alliance (DAA) opt-out at aboutads.info/choices/. For mobile apps, you may use the AppChoices app from your device's app store.

Please note that opting out of interest-based advertising does not opt you out of all advertising; you will still see generic, non-targeted advertisements.

IAB Transparency and Consent Framework (EU and UK Users)

For users visiting Afar.com from the European Union or the United Kingdom, Afar participates in the IAB Transparency and Consent Framework (TCF) 2.0, operated by IAB Europe. When you are presented with a cookie consent banner and make choices about the processing of your personal data for advertising purposes, those consent signals are recorded and communicated to our advertising technology partners in a standardized format via the TCF 2.0 framework.

Vendors who may receive and act on your consent signal are registered on the IAB Europe Global Vendor List. You can view the current vendor list and update your consent preferences at any time through our Cookie Consent Manager, or by visiting the IAB Europe vendor list at iabeurope.eu/vendor-list. Your consent choices apply only to the processing of your data by vendors operating under the TCF 2.0 framework; some third-party services may operate outside the framework under their own consent mechanisms.

↑ Back to top

5. How We Share Information

We share personal information in the following circumstances:

  • Service providers: We share information with vendors and service providers that assist us in operating the Services, including website hosting, payment processing, email delivery, analytics, customer service, subscription management, sweepstakes administration, and travel booking fulfillment. These parties are permitted to use your information only to provide contracted services to us.
  • Advertising and marketing partners: We share information with advertising networks, ad-tech companies, and marketing partners to serve targeted advertising and measure its effectiveness, subject to your opt-out rights described in Section 4.
  • Travel booking and affiliate partners: When you initiate a booking or transaction through our Services, we share the necessary information with the relevant travel provider, booking platform, or affiliate partner. Such use is governed by the third party's own privacy policy.
  • Sweepstakes and contest co-sponsors: We may share your information with co-sponsors or administrators of sweepstakes and contests in which you participate.
  • Legal and safety disclosures: We may disclose information when required by law, subpoena, or other legal process; when we believe disclosure is necessary to protect the rights, property, or safety of Afar, our users, or the public; or to detect or prevent fraud or illegal activity.
  • Business transfers: In connection with a merger, acquisition, reorganization, or asset sale, your information may be transferred as part of the transaction. We will notify you of any material change in ownership or use of your personal information.
  • Aggregated or de-identified data: We may share aggregated or de-identified information that does not identify you with any party for any purpose.

We do not rent or sell our users' email or postal addresses to third parties for their independent marketing purposes.

↑ Back to top

6. Third-Party Tools and Services

Mindtrip AI Tool

Certain pages on our website feature an AI-powered travel planning tool called Mindtrip, provided by a third-party company. Mindtrip is an optional, user-initiated feature. If you choose to interact with Mindtrip, any information you provide in that interaction is collected directly by Mindtrip and is subject to Mindtrip's own privacy policy, not this one. Afar does not control Mindtrip's data collection or use practices. We encourage you to review Mindtrip's privacy policy before using the tool.

Other Third-Party Integrations

Our Services may include links, widgets, and integrations from third parties (e.g., social media sharing buttons, embedded maps, booking widgets). These third parties may independently collect information about you when you interact with their features. Such collection is governed by their own privacy policies, and we encourage you to review them.

↑ Back to top

7. Cookies and Tracking Technologies

We and our service providers use cookies, web beacons, pixel tags, and similar tracking technologies to operate and improve the Services, personalize your experience, measure advertising performance, and deliver targeted advertisements.

Types of cookies we use:

  • Strictly necessary cookies: Required for the Services to function (e.g., session management, security). These cannot be disabled.
  • Functional cookies: Enable enhanced features and personalization, such as remembering your preferences.
  • Analytics cookies: Help us understand how users interact with our Services (e.g., page views, traffic sources).
  • Advertising cookies: Used to deliver relevant advertisements and measure their effectiveness, including cross-site tracking by our advertising partners.

You may manage your cookie preferences through our Cookie Consent Manager. You may also configure your browser to reject or delete cookies; however, doing so may affect the functionality of the Services. For more information about cookies and your choices, see our Cookie Policy at Afar.com/about/cookie-policy.

Web beacons and pixel tags may be embedded in web pages and emails to track page views and email engagement. If you prefer not to receive web beacons via HTML email, you may configure your email client to display plain text.

For users visiting from the EU or UK: Afar participates in the IAB TCF 2.0 framework. Your cookie consent choices are communicated to advertising vendors via this framework. See Section 4 for full details, including how to view the IAB Europe Global Vendor List and update your preferences.

↑ Back to top

8. How Long We Retain Your Information

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

Remember that even after you cancel your account, or if you ask us to delete your personal information, copies of some information from your account may remain viewable in some circumstances where, for example, you have shared information with social media or other services. Because of the nature of caching technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, for fraud detection or to comply with applicable law or our internal security or recordkeeping policies. It may not always be possible to completely remove or delete all of your information due to technical constraints or, contractual, financial or legal requirements.

↑ Back to top

9. Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information. Specific rights available to California residents, residents of other U.S. states, and EU/UK/EEA residents are described in Sections 10, 11, and 12 below.

  • Right to know and access: You may request information about the personal data we hold about you and receive a copy.
  • Right to correction/rectification: You may request that we correct inaccurate or outdated personal information.
  • Right to deletion/erasure: You may request that we delete your personal information, subject to certain exceptions.
  • Right to opt out of sale/sharing: You may opt out of the sale or sharing of your personal information for cross-context behavioral advertising (see Section 4).
  • Right to restrict processing: In certain circumstances, you may request that we limit how we use your personal information.
  • Right to data portability: You may request a copy of certain personal information in a portable format.
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to withdraw consent: Where we rely on your consent to process your information, you may withdraw that consent at any time.

To exercise any of these rights, you may submit a request by:

We will verify your identity before processing your request and will respond within the timeframe required by applicable law. We may deny certain requests as permitted by law, in which case we will explain the basis for the denial. We do not charge a fee for most requests, though we may charge a reasonable fee for requests that are excessive or repetitive.

↑ Back to top

10. Information for California Residents

This section supplements our general Privacy Policy and applies to residents of California under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA).

Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

  • Identifiers (e.g., name, email address, IP address, cookie IDs, mailing address, phone number)
  • Commercial information (e.g., subscription records, purchase history, transaction data)
  • Internet or other electronic network activity (e.g., browsing history on our site, interaction with our emails and ads)
  • Geolocation data (approximate only, derived from IP address)
  • Inferences drawn from the above to create a profile about your preferences and interests
  • Audio, electronic, or similar information (e.g., customer service communications)

Sale and Sharing of Personal Information

In the preceding 12 months, we have sold and/or shared the following categories of personal information with third parties for cross-context behavioral advertising purposes: Identifiers, Internet or other electronic network activity, and Inferences. The categories of third parties to whom we sell or share this data include advertising networks, ad-tech platforms, and analytics providers.

You have the right to opt out of this sale and sharing: Do Not Sell or Share My Personal Information. We also honor Global Privacy Control (GPC) signals as a valid opt-out.

California-Specific Rights

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information.
  • Right to Opt Out of Sale/Sharing: Described above.
  • Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information (as defined under CPRA) beyond what is strictly necessary for providing our Services, and we do not use or disclose it for purposes beyond those permitted by law.
  • Right to Non-Discrimination: We will not deny you goods or services, charge you different prices, or provide a different quality of service because you exercised your privacy rights.

Shine the Light

California Civil Code Section 1798.83 ("Shine the Light") permits California residents to request information about disclosures of personal information to third parties for those third parties' own direct marketing purposes. Afar does not disclose personal information to third parties for their independent direct marketing purposes, and therefore no opt-out mechanism is required under this law. If you have questions about this practice, please contact us using the information in Section 19.

Minors Under 16

We do not sell or share the personal information of California consumers we know to be under 16 years of age without affirmative authorization. Consumers between 13 and 16 may authorize the sale of their information. For consumers under 13, a parent or guardian must provide authorization.

↑ Back to top

11. Information for Residents of Other U.S. States

Residents of Virginia, Colorado, Connecticut, Texas, and other U.S. states with comprehensive privacy laws may have rights similar to those described in Section 10, including rights to access, correct, delete, and opt out of the sale of personal data and targeted advertising. The specific rights available to you depend on the law of your state.

To exercise your rights under applicable state law, please use the contact methods described in Section 9. We will respond within the timeframe required by your state's law.

If we deny your request, you may have the right to appeal our decision. Instructions for submitting an appeal will be provided in our denial notice. If you are unsatisfied with our appeal response, you may have the right to contact your state's attorney general.

↑ Back to top

12. Information for EU, UK, and EEA Residents

This section applies to individuals located in the European Union, European Economic Area, or the United Kingdom, and supplements this Policy with information required under the General Data Protection Regulation (GDPR) and the UK GDPR.

Legal Bases for Processing

We process personal data under the following legal bases:

  • Consent (Article 6(1)(a)): For sending marketing communications and serving interest-based advertising.
  • Contract performance (Article 6(1)(b)): For processing your subscription, fulfilling purchases, and providing Services you have requested.
  • Legal obligation (Article 6(1)(c)): To comply with applicable law.
  • Legitimate interests (Article 6(1)(f)): For analytics, security, fraud prevention, and certain direct marketing activities, where our interests are not overridden by your rights.

Your GDPR Rights

You have the following rights under the GDPR:

  • Right of access (Article 15): To obtain a copy of your personal data.
  • Right to rectification (Article 16): To correct inaccurate data.
  • Right to erasure (Article 17): To request deletion of your data ("right to be forgotten").
  • Right to restrict processing (Article 18): To limit how we use your data.
  • Right to data portability (Article 20): To receive your data in a portable format.
  • Right to object (Article 21): To object to processing based on legitimate interests or for direct marketing.
  • Right not to be subject to automated decision-making (Article 22): We do not currently make solely automated decisions that produce significant legal or similar effects about individuals.
  • Right to withdraw consent: At any time, without affecting the lawfulness of processing prior to withdrawal.
  • Right to lodge a complaint: With your local supervisory authority.

EU/UK Representative

As Afar LLC is based outside the EU/UK, we have designated representatives for GDPR purposes:

In the EU:
Osano International Compliance Services Limited
ATTN: 2VLJ
25 North Wall Quay
Dublin 1, D01 H104
Ireland

In the UK:
Osano UK Compliance LTD
ATTN: 2VLJ
42-46 Fountain Street
Belfast, Antrim
BT1 5EF
United Kingdom

↑ Back to top

13. International Data Transfers

Our Services are hosted in and managed from the United States. If you are located outside the United States, your personal information will be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country.

For transfers of personal data from the European Economic Area, Switzerland, or the United Kingdom to the United States and other non-adequate countries, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, the UK Addendum, along with additional safeguards where appropriate. To request a copy of our Standard Contractual Clauses, please contact us using the information in Section 19.

By using the Services, users located outside the United States consent to the transfer and processing of their information in the United States and in any other country where we or our service providers operate.

↑ Back to top

14. Data Security

We implement commercially reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, loss, misuse, disclosure, alteration, or destruction. These measures include:

  • Encryption of personal data in transit using TLS/SSL protocols.
  • Access controls limiting employee access to personal information on a need-to-know basis.
  • Security training for employees with access to personal information.
  • Contractual requirements for vendors and service providers to maintain appropriate security measures.

No security system is impenetrable, and we cannot guarantee the absolute security of your information. In the event of a data breach affecting your rights and freedoms, we will notify affected individuals and relevant authorities as required by applicable law.

↑ Back to top

15. Children's Privacy

The Services are intended for a general audience and are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child under 16 has provided us with personal information without your consent, please contact us using the information in Section 19. We will delete such information promptly.

For EU residents: We do not collect or process personal data of individuals under the age of 16 without verifiable parental or guardian consent.

↑ Back to top

16. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals. Because there is currently no uniform standard for how companies should respond to DNT signals, our Services do not respond to DNT signals other than Global Privacy Control (GPC) signals, which we do honor as an opt-out of the sale and sharing of personal information (see Sections 4 and 10). We will continue to monitor industry and regulatory developments on this issue.

↑ Back to top

17. Third-Party Links and Sites

Our Services contain links to third-party websites, applications, and services that are not owned or operated by Afar. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the privacy practices of third parties.

↑ Back to top

18. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated policy on this page with a revised effective date. If we make material changes to the way we collect, use, or share personal information, we will provide prominent notice (such as an email notification or a conspicuous notice on our website) and, where required by law, obtain your consent. We encourage you to review this Policy periodically.

↑ Back to top

19. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, or if you wish to exercise your privacy rights, please contact us:

  • Email: [email protected]
  • Online request form
  • Postal mail: Afar LLC, Attn: Privacy, P.O. Box 458, San Francisco, CA 94104
  • EU Representative: Osano International Compliance Services Limited, ATTN: 2VLJ, 25 North Wall Quay, Dublin 1, D01 H104, Ireland
  • UK Representative: Osano UK Compliance LTD, ATTN: 2VLJ, 42-46 Fountain Street, Belfast, Antrim, BT1 5EF, United Kingdom
↑ Back to top