Privacy Policy

Last updated: 18 April 2026

Who we are

WhenToWander is a free seasonal travel guide website operated at www.when-to-wander.com. We do not require user accounts, collect personal information through forms, or store any data you enter on the site.

What data we collect

WhenToWander does not require any account or sign-up to read our guides. We have no login system, no comment sections, and no mandatory contact forms. The vast majority of visitors browse the site without ever submitting a single piece of personal information.

The only optional data-collection point on the site is our interactive tools (Find Your Best Month and Trip Cost Calculator). Both tools default to a frictionless "Copy shareable link" action that captures your filter choices in the URL itself — no data submitted to us. If you specifically choose to tap the secondary "Or get a peak-season email alert" link and tick the consent box, you may submit your email address so we can send you one peak-season alert. This is entirely optional. Details of how that data is stored, used, and retained are in the "Tool email capture" entry of the data-retention section below.

Beyond that, third-party services embedded on this site may collect certain data automatically, as described below.

Cookies and advertising

WhenToWander uses Google AdSense to display advertisements. Google AdSense may use cookies and similar technologies to serve ads based on your prior visits to this website or other websites. Specifically:

  • Google uses cookies (including the DoubleClick cookie) to serve ads based on your browsing history.
  • You can opt out of personalised advertising by visiting Google Ads Settings.
  • You can opt out of third-party cookies for advertising at www.aboutads.info/choices.

For visitors in the European Economic Area (EEA), the UK, and Switzerland, a consent banner managed by Google is displayed before any personalised advertising cookies are set. You may accept, reject, or manage your cookie preferences through this banner.

Third-party services

The following third-party services are used on this site:

  • Google Analytics 4 — website analytics. Collects anonymised usage data (pages viewed, session duration, approximate location) to help us understand how visitors use the site. Google Privacy Policy
  • Google AdSense — advertising. Google Privacy Policy
  • Google Fonts — web fonts are loaded from Google's servers, which may log your IP address. Google Fonts Privacy
  • Unsplash — destination images are loaded from Unsplash's CDN (images.unsplash.com). See Unsplash's published privacy terms on their website for details.
  • Netlify — hosting provider. Netlify may collect server access logs (IP address, browser type, pages visited). Netlify Privacy Policy
  • Booking.com and Viator — affiliate booking partners. Certain pages include links to these partners. When you click such a link, you leave WhenToWander and the partner's site may set its own cookies and collect data under their respective privacy policies (Booking.com Privacy, Viator Privacy). We do not set any affiliate-tracking cookies on WhenToWander ourselves; clicks are recorded only as anonymous events via Google Analytics 4 so we can measure which recommendations are useful. No personal data is passed by us to the affiliate partner.

Data storage

WhenToWander is a fully static website. We do not operate databases, servers, or backend systems that store user data. All guide content is delivered as static HTML and JavaScript files. Anonymised usage data is collected by Google Analytics to help us improve the site, but we do not store any personally identifiable information ourselves.

Children's privacy

WhenToWander is not directed at children under 13. We do not knowingly collect any personal information from children.

Your rights

Since we do not collect or store personal data, there is typically no personal data for us to provide, modify, or delete. If you have concerns about data collected by third-party services listed above, please contact those services directly using the links provided.

Your rights under the GDPR (European Economic Area & UK)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the EU General Data Protection Regulation (GDPR) and equivalent UK legislation, regardless of whether the data is held by us or by the third-party services we use:

  • Right of access — to ask what personal data is held about you and receive a copy.
  • Right to rectification — to correct inaccurate or incomplete personal data.
  • Right to erasure (the "right to be forgotten") — to request deletion of your personal data.
  • Right to restrict processing — to ask us to limit how your data is used while a concern is being resolved.
  • Right to data portability — to receive your personal data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interests, including processing for direct marketing.
  • Right to withdraw consent — where processing relies on consent (such as the advertising cookie banner), you can withdraw consent at any time by using the banner's "Decline" option or clearing your browser's cookies for this site.
  • Right to lodge a complaint — with your local data protection authority if you believe your rights have been violated.

Because WhenToWander itself does not collect personal data directly, requests relating to personalised advertising (Google AdSense) or analytics (Google Analytics 4) are most quickly resolved by contacting Google through the opt-out links above. For any request relating to data we may hold (for example, a correction to something we could infer from server logs our hosting provider maintains), email us at contact@when-to-wander.com — we aim to respond within 30 days, as required by the GDPR.

California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) gives you the following rights regarding your personal information:

  • Right to know — what personal information is collected, used, shared, or sold about you.
  • Right to delete — personal information we have about you (subject to legal-retention exceptions).
  • Right to correct — inaccurate personal information.
  • Right to opt out — of the "sale" or "sharing" of personal information, including sharing for cross-context behavioural advertising.
  • Right to limit use of sensitive personal information.
  • Right to non-discrimination — for exercising any of the above.

Do Not Sell or Share My Personal Information. WhenToWander does not itself sell personal information. However, under the CCPA's broad definition, the use of Google AdSense and Google Analytics 4 may be considered "sharing for cross-context behavioural advertising." California residents can opt out of this sharing via any of the following:

  • Click "Decline" on the cookie consent banner when you first visit the site. This disables the personalised advertising cookies.
  • Send the Global Privacy Control (GPC) signal via your browser — we honour GPC as a Do Not Sell / Do Not Share request for residents of applicable US states.
  • Opt out directly at Google Ads Settings.
  • Email contact@when-to-wander.com with "California opt-out request" in the subject line.

Requests are honoured within 15 business days and require no account or authentication. You do not need to be a current user of the site to submit a request. We will not discriminate against anyone for exercising these rights.

Other US state privacy rights

Residents of Virginia, Colorado, Connecticut, Utah, and other US states with comprehensive privacy laws have substantially similar rights to those described in the California section above. The same contact email and opt-out mechanisms apply. Requests from these states are handled within the timeframe required by each state's law (typically 45 days).

Data retention

Because WhenToWander does not operate its own databases or accounts system, the data-retention picture is shaped almost entirely by the third-party services we embed. The table below summarises how long each data category is typically retained. Exact periods are set by the third-party operator and governed by their own terms.

  • Analytics records (Google Analytics 4). GA4 is configured to retain event-level and user-level data for 14 months, after which Google automatically deletes it. Aggregated, non-identifying statistics (for example, total monthly pageviews) are retained indefinitely for trend analysis but cannot be linked back to individual visitors.
  • Cookie-consent records. When you accept or decline on the cookie banner, your choice is stored in your browser's local storage for up to 12 months, after which the banner reappears so you can re-confirm. You can clear this any time by clearing the site's cookies + local storage in your browser settings.
  • Advertising identifiers (Google AdSense). When you accept personalised advertising, Google sets its own cookies and device identifiers directly — their retention is governed by Google's advertising policies, typically between 13 and 24 months depending on cookie type.
  • Email correspondence (contact@when-to-wander.com). Emails you send us — including privacy requests, corrections, and general questions — are retained for 24 months after the last reply, then deleted. Messages containing a legal or tax basis for longer retention (e.g. a formal opt-out record required to evidence compliance) may be retained up to 6 years in line with standard business-records practice.
  • Tool email capture (optional, secondary affordance on our Find Your Best Month and Trip Cost Calculator tools). Both tools default to a frictionless "Copy shareable link" action that submits no data. Email capture is offered only as an optional secondary path: if you tap the small "Or get a peak-season email alert" link and tick the explicit consent checkbox, your email address — along with the filter constraints you chose and the top match identified at that moment — is sent to a MailerLite mailing list (operated by MailerLite Limited, an EU-based email service provider; see MailerLite's privacy policy). We use the record only to send you one peak-season alert for your top match. Records are retained for 24 months from the date of submission, then deleted. You may unsubscribe via any email's footer link, or request immediate deletion by emailing contact@when-to-wander.com. The lawful basis for processing is your explicit consent (GDPR Article 6(1)(a)).
  • Server logs. Our hosting provider (Netlify) maintains short-term request logs for security and abuse-monitoring purposes. These logs contain IP addresses and timestamps but are retained for no longer than 30 days and are not accessed by WhenToWander except to investigate a specific security incident.

If you would like a record deleted earlier than the periods above where the law permits, email contact@when-to-wander.com with "Data deletion request" in the subject line.

Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the site after changes constitutes acceptance of the revised policy.

Contact

If you have questions about this Privacy Policy, please contact us at contact@when-to-wander.com.