Cookie Policy
This Cookie Policy explains how Pride Travelers, LLC d/b/a UrTravelPro ("we," "us," or "our") uses cookies and similar technologies across the UrTravelPro Platform and its applications, including UrTravelPro Books, UrTravelPro Marketing, and UrTravelPro Compass (each, an "App"; collectively, the "Service"). This policy is part of, and incorporated into, our Privacy Policy.
Contents
1. What Are Cookies
Cookies are small text files stored on your device by your web browser when you visit a website. They are widely used to make websites function, remember preferences, secure sessions, and provide information to site operators. This policy also covers similar technologies (local storage, pixel tags, web beacons) where we use them.
2. Cookies We Set
Across every App and across the urtravelpro.com marketing site, we set only strictly necessary cookies that are essential for the Service to function. We do not set any advertising, behavioral profiling, or cross-site tracking cookies of our own on any App.
| Cookie / storage key | Purpose | Type | Duration |
|---|---|---|---|
laravel_session |
Maintains your authenticated session. Stores your session identifier so you remain signed in as you navigate the App. | Essential | Session (expires on browser close or after up to 2 hours of inactivity; App-dependent) |
XSRF-TOKEN |
Cross-Site Request Forgery protection. Ensures form submissions and API requests originate from the legitimate application, not a malicious third party. | Essential / Security | Session-bound |
theme (localStorage) |
Remembers your dark mode / light mode preference. Stored in your browser's localStorage, NOT as a cookie, and is never sent to our servers. | Preference | Persistent (until you clear browser data) |
| Organization preference (cookie or localStorage, App-dependent) | Remembers the last organization you selected so you don't have to re-pick on every page load. Only present if you have access to multiple organizations. | Functional | Up to 1 year |
Single Sign-On across the Apps is handled by UrTravelPro Core (core.urtravelpro.com) using its own session cookie scoped to its own domain. When you sign into any App via SSO, Core may set or read its own session cookie to determine whether you are already signed in across the Platform.
3. Third-Party Cookies (Set by Service Providers)
To deliver certain features, the Service loads widgets, scripts, and embedded resources hosted by trusted third-party providers. When those load in your browser, the providers may set their own cookies on their own domains. These cookies are necessary for the related features to function and cannot be disabled without breaking those features. We do not control or have access to these cookies — they are governed by each provider's own cookie policy.
| Provider | When loaded | Purpose | Domain |
|---|---|---|---|
| Stripe | When you visit the billing dashboard, open Stripe Checkout, or update your payment method (paid plans only, any App) | Fraud prevention and proper functioning of Stripe Checkout | js.stripe.com, checkout.stripe.com |
| Plaid | When you click Add Bank Feed and the Plaid Link widget loads (Books, paid plans only) | Bank connection security, fraud prevention, OAuth flow handling | cdn.plaid.com, *.plaid.com |
| Cloudflare | On every page request | Bot protection, DDoS mitigation, security challenge handling | *.urtravelpro.com |
If you never use a paid plan, you will never trigger Stripe cookies. If you never connect a bank feed, you will never trigger Plaid cookies. These third-party cookies are only set in response to actions you choose to take.
4. Books — App-Specific Cookies
Inside UrTravelPro Books we set only the essential, security, and preference cookies listed in Section 2. The only optional third-party cookies that may be triggered inside Books are the Stripe and Plaid cookies described in Section 3, and only if you actively use those features.
Books does not use analytics or advertising cookies of any kind.
5. Marketing — App-Specific Cookies & Tracking
5.1 Cookies inside the Marketing App (for agents)
Inside the Marketing App that you use as an agent to build and send campaigns, we set only the essential, security, and preference cookies listed in Section 2. We do not set advertising or analytics cookies on the agent-facing surface. The only external resources loaded by the agent-facing surface are web fonts from fonts.bunny.net, which does not use cookies or tracking.
5.2 Open-tracking pixels in emails you send
Each campaign email contains a tiny, invisible 1×1 pixel image hosted on our servers. When the recipient's email client loads images, our server records the open event with a timestamp. The tracking pixel itself does not set cookies on the recipient's device — it simply records that the image was requested.
Recipients can prevent open tracking by disabling automatic image loading in their email client. Some clients (such as Apple Mail Privacy Protection and certain corporate gateways) may pre-load images automatically, which can cause opens to be recorded even if the recipient never actually viewed the email.
5.3 Click-tracking links in emails you send
Links in your campaign emails are wrapped with tracking URLs that pass through our servers before redirecting to the original destination. When a recipient clicks a tracked link, our server records the click event (with timestamp) and immediately redirects to the intended URL. No cookies are set during this redirect.
5.4 Unsubscribe links
Every campaign email includes an unsubscribe link. When clicked, the recipient is taken to a confirmation page on our site. The unsubscribe URL is cryptographically signed to prevent tampering. No cookies are required to process an unsubscribe — the signed URL contains all necessary information.
5.5 Landing pages and form submissions
Public landing pages. Landing pages created through the Marketing App are publicly accessible and do not require authentication. Visiting a landing page does not set any cookies. We may record the visitor's IP address, browser user agent, and referring URL for analytics purposes.
Form submissions. When a visitor submits a form (on a Marketing landing page or one embedded on a third-party website), we record the submitted data along with the visitor's IP address, user agent, and referring URL. These are captured server-side via standard HTTP request headers — not via cookies or client-side tracking scripts. This data is used to verify consent origin and to comply with email marketing regulations.
5.6 IP address collection (compliance audit trail)
The Marketing App collects IP addresses in the following contexts as part of the consent audit trail required under CAN-SPAM, CASL, GDPR, and similar laws:
- Consent records — when a contact is added manually or submits a form, the operator's or visitor's IP address is recorded as part of the consent audit trail
- Subscription / unsubscription events — the IP address is recorded when a contact subscribes or unsubscribes
- Form submissions — the visitor's IP address is recorded with each submission
- Resubscription events — when a previously-unsubscribed contact is resubscribed with new consent, the IP address of the operator confirming the consent is recorded
IP addresses collected for these compliance purposes are not used for advertising, profiling, or geo-targeting; they are retained as long as the consent record itself is retained.
5.7 Sender responsibilities
The technologies described in Sections 5.2 – 5.5 are inserted into the marketing messages and forms YOU send and operate. You are the sender; you are responsible for disclosing this tracking in your own privacy notices and for complying with applicable law (CAN-SPAM, CASL, GDPR, ePrivacy, and so on). The Marketing App provides the infrastructure; it does not relieve you of your sender-side compliance obligations.
5.8 SMS
SMS messages do not use cookies. Delivery status, opt-out keywords (STOP / HELP), and reply correlation are handled by the wireless carriers and our SMS provider. IP address is not collected for SMS recipients (the phone number is the identifier).
6. Compass — App-Specific Cookies
6.1 Inside the Compass App (for agents)
Inside the Compass App that you use to author and publish content, we set only the essential, security, and preference cookies listed in Section 2.
6.2 On content you publish through Compass (for readers)
When a reader visits content you have published through Compass (whether on a Compass-hosted URL or on a custom domain pointed at our infrastructure), we set only essential cookies needed to serve the page and aggregate analytics for reporting. We do not set advertising or cross-site tracking cookies on published Compass content.
Embedded media (for example, a YouTube video you embed in a guide, a Vimeo player, or a third-party social-media embed) may set cookies on its own domain when it loads in the reader's browser. Those embedded providers' cookies are governed by their own policies, not by us. If you embed third-party media in your published content, you are responsible for disclosing this in your own reader-facing privacy notice.
7. Cookies We Do NOT Use
We want to be clear about what we don't do:
- We do not use advertising or marketing cookies anywhere in the Service
- We do not use third-party analytics cookies (Google Analytics, Hotjar, Segment, Mixpanel, etc.) inside any App
- We do not use social-media tracking cookies (Facebook Pixel, LinkedIn Insight Tag, X Pixel, etc.)
- We do not profile users across sessions or sell tracking data
- We do not track you across other websites
- We do not use cookies to retarget you with ads
The marketing site at urtravelpro.com may use limited, aggregate analytics consistent with our Privacy Policy; any change will be reflected in this Cookie Policy first.
8. Why We Don't Show a Cookie Banner
Because the cookies we set ourselves are strictly necessary for the Service to function (or are functional preference cookies you can disable in your browser without breaking essential features), we are not required under most privacy laws to obtain your consent before setting them. The third-party cookies described in Section 3 are also strictly necessary for the optional features they support — they only load when you actively use those features.
If we ever add non-essential cookies in the future (for example, behavioral analytics or A/B-testing tools), we will update this policy and implement an appropriate consent mechanism before doing so.
9. Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to:
- View what cookies are stored
- Delete individual or all cookies
- Block cookies from specific or all sites
- Set preferences for certain types of cookies
Major browser cookie guides:
Please note that blocking our essential cookies will prevent you from signing into and using the Service.
10. Do Not Track
Some browsers offer a "Do Not Track" (DNT) signal. Because there is no industry-wide standard for how to respond to DNT signals, we do not currently respond to them differently. We treat all visitors equally — and because we don't engage in cross-site tracking, advertising, or behavioral profiling in the first place, DNT does not meaningfully change how we operate.
11. Changes to This Policy
We may update this Cookie Policy if we change how we use cookies. The updated effective date will appear at the top of this page when changes are made. Material changes will be communicated through the Service or via email to the account owner.
12. Contact
If you have questions about our use of cookies, contact us:
Pride Travelers, LLC
d/b/a UrTravelPro
1559 Oak Hill Trail
Kissimmee, FL 34747
[email protected]