Legal
Privacy Policy
Effective July 13, 2026
This Privacy Policy explains how Dyme Digital Inc. ("Dyme," "we," "us") collects, uses, shares, and protects information when you use dyme.earth, travel.dyme.earth, and our related services (collectively, the "Services").
This Policy applies to information we collect from you directly, from third parties acting on your behalf (e.g., booking partners), and from your interactions with the Services.
1. WHAT DATA DO WE COLLECT
We collect the following categories of personal information:
Personal Identifiers: Name, email address, postal address, phone number, IP address, device identifier, account password, and other registration or profile information you provide.
Payment Information: Payment card details and billing information. For most transactions, Dyme is not the merchant of record. Payment is processed directly by the applicable merchant of record: Nuitee Travel (hotels and flights), Xeni (car rentals and activities), and Blackhawk Network (gift cards). Card numbers for those transactions are tokenized and stored within the merchant of record's PCI-compliant systems; Dyme does not store full card numbers on our servers. Stripe processes payments for transactions where Dyme is the merchant of record (such as Dyme Miles purchases).
Booking and Travel Information: Trip details (destinations, dates, traveler names, room/passenger preferences), confirmation numbers, supplier-issued booking references, and ancillary requests.
Dyme Miles Account Information: Member identifier, mile balances, transaction-level earning history (which bookings or eligible purchases earned miles), redemption history, and account status (active, suspended, closed).
Gift Card Purchase Data: Brand selected, denomination, recipient information (if a gift), and purchase confirmation details. We share this data with our gift card partners (Blackhawk Network and Runa) to fulfill the order.
Commercial Information: Records of purchases, services obtained, and transaction values.
Internet and Network Activity: Device type, browser, operating system, referring URLs, page views, session duration, click events, error logs, and similar telemetry from your use of the Services.
Location Information: Approximate location derived from your IP address. We do not collect precise geolocation data without your consent.
Communications: Records of correspondence with us, including support requests and survey responses.
Aggregate and Anonymized Data: We may de-identify personal information and use the resulting aggregated data for research, product development, analytics, and marketing.
We do not knowingly collect sensitive personal information (e.g., government ID numbers, health data, precise geolocation, biometric data) except where you voluntarily provide it in connection with a booking that requires it.
2. WHERE DO WE OBTAIN YOUR DATA
We collect data:
- Directly from you when you create an account, make a booking, purchase a gift card, enroll in Dyme Miles, contact support, or sign up for emails.
- Automatically through your use of the Services, including via cookies and similar technologies (see Section 7).
- From third parties including: our travel-booking partners (Nuitee Travel / LiteAPI for hotels and flights, Xeni for car rentals and activities), payment processors (Stripe, Blackhawk Network, Runa), analytics providers (Google), and other service providers acting on our behalf.
3. HOW WE USE YOUR DATA
We use personal information to:
- Provide and operate the Services, including processing bookings, gift card purchases, and Dyme Miles transactions
- Authenticate your account, prevent fraud, and enforce our terms
- Communicate with you about your bookings, your Dyme Miles balance, and account notices, and (with your consent or where permitted) send marketing — by email and, where you have opted in, by text message, WhatsApp, or phone call
- Personalize content and recommendations within the Services
- Conduct analytics, improve the Services, and develop new features
- Comply with legal obligations and respond to lawful requests
- Carry out any other purpose disclosed at the time you provide the information
We do not use your personal information for purposes that are materially different from those listed above without notifying you and, where required by law, obtaining your consent.
4. WHEN AND WITH WHOM DO WE SHARE YOUR DATA
We share personal information with the following categories of recipients:
Travel and Booking Partners. When you book through Dyme, we share the information required to complete the booking with:
- Nuitee Travel (LiteAPI) — hotel and flight bookings
- Xeni — car rental bookings and activity bookings
These partners share booking data with the underlying supplier (e.g., the hotel, car rental company, or airline).
Payment Processors and Merchants of Record.
- Nuitee Travel — merchant of record for hotel and flight bookings; processes the corresponding payment
- Xeni — merchant of record for car rental and activity bookings; processes the corresponding payment
- Blackhawk Network — merchant of record for most direct retail gift card purchases; processes the corresponding payment
- Runa — gift card fulfillment partner for bulk gift card purchases, gift cards purchased using Dyme Miles, and certain brand-specific fulfillment paths. For certain Runa-sourced brands, Dyme may act as the merchant of record
- Stripe — payment processing for transactions where Dyme is the merchant of record (including Dyme Miles purchases and certain gift card purchases)
Analytics and Advertising Providers. Google (Google Maps Platform APIs, including Places API; Google Analytics; Google Tag Manager). We use these to operate location features, measure Service performance, and understand how users interact with our site.
Service Providers. Companies that provide cloud hosting, email delivery, customer support tooling, security monitoring, and similar functions on our behalf. These providers are contractually limited to using your data only to perform services for us.
Affiliates. Our parent company, subsidiaries, and other entities under common control, on a confidential basis and for the purposes described in this Policy.
Business Transfers. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our business.
Legal and Safety. When we believe in good faith that disclosure is necessary to comply with a legal obligation, respond to lawful requests from public authorities, enforce our terms, protect the rights or safety of Dyme, our users, or the public, or investigate fraud or security incidents.
With Your Direction. When you direct us to share your data (e.g., when you elect to convert Dyme Miles to a partner rewards currency, you authorize sharing the necessary account identifiers with the partner program).
We do not sell your personal information. We have not sold personal information in the preceding twelve (12) months. Some sharing for analytics or interest-based advertising may constitute "sharing" under California or similar state laws — see Section 12 for opt-out rights.
5. THIRD-PARTY WEBSITES AND SERVICES
The Services may contain links to third-party websites, applications, or platforms (including supplier websites, partner programs to which you convert Dyme Miles, and third-party payment surfaces). This Privacy Policy does not apply to those third parties. We encourage you to review their privacy practices independently.
6. COOKIES AND TRACKING TECHNOLOGIES
We and our service providers use cookies, pixels, local storage, and similar technologies to operate the Services, remember your preferences, authenticate sessions, measure performance, and (where permitted) deliver relevant marketing.
You can control cookies through your browser settings. Disabling cookies may affect some functionality (e.g., remaining signed in across sessions).
We respond to the Global Privacy Control (GPC) signal as an opt-out of "sale" or "sharing" of personal information for users in jurisdictions where GPC is legally recognized.
7. HOW LONG WE KEEP YOUR DATA
We retain personal information for as long as your account is active or as needed to provide the Services. Specifically:
- Account and profile data — for the life of your account, plus a reasonable period after closure for legal, tax, and fraud-prevention purposes
- Booking and transaction records — at least seven (7) years to meet tax, accounting, and dispute-resolution obligations
- Dyme Miles records — for the life of the account; transaction-level earning history is retained to support balance audits and program administration
- Analytics and telemetry data — typically retained in aggregated form; identifiable telemetry is retained no longer than necessary for the purpose collected
Where deletion is not technically feasible or is impermissible by law, we will isolate the data from further processing.
8. KEEPING YOUR INFORMATION SAFE
We maintain administrative, technical, and physical safeguards designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Payment data is handled by PCI-DSS-compliant processors. No system is perfectly secure; we cannot guarantee absolute security.
If we become aware of a security incident affecting your personal information, we will notify you and the relevant authorities as required by law.
9. COLLECTING INFORMATION FROM MINORS
The Services are intended only for individuals who are at least 18 years old, and are not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe we have collected information from a person under 18, please contact us at privacy@dyme.earth and we will delete it.
10. YOUR CHOICES AND RIGHTS
Account Settings. You can review and update most account information by signing in to your Dyme account.
Marketing Emails. You can opt out of marketing emails using the unsubscribe link in any marketing message, or by emailing privacy@dyme.earth. Operational emails (booking confirmations, account notices) are not promotional and cannot be opted out of while you have an active account.
Cookies and Interest-Based Advertising. You can manage cookie preferences via your browser. You can opt out of interest-based advertising from participating companies at https://www.aboutads.info/choices/.
Dyme Miles. You can opt out of Dyme Miles by closing your member account; balances are forfeited per the Dyme Miles Terms.
Text Messages, WhatsApp, and Calls. See Section 11 for how to opt in and out of SMS, WhatsApp, and automated or AI-voice calls.
11. TEXT MESSAGES, WHATSAPP, AND AUTOMATED CALLS
We may contact you by text message (SMS/MMS), by WhatsApp, and by phone call — including messages and calls placed or handled using automated technology and AI voice assistants — to service your account and, where you have separately agreed, for marketing.
Consent. We send marketing texts, WhatsApp messages, and automated or AI-voice marketing calls only with your prior express written consent, collected when you provide your mobile number and agree (for example, by checking an unchecked box or by messaging us first). This consent is never a condition of purchasing anything from Dyme. Transactional messages — such as booking confirmations, support replies, and security notices — are sent based on your relationship with us.
What we send. Depending on your opt-in, messages and calls may include booking confirmations and updates, trip reminders, customer-support responses (including from our AI assistant), account and security notices, and — if you have opted in — promotions and offers.
Frequency and cost. Message frequency varies based on your activity and preferences. Message and data rates may apply under your mobile plan. Dyme does not charge you for the messages themselves.
How to stop. Reply STOP to any Dyme text to opt out, or HELP for help. For WhatsApp, reply STOP or block the Dyme number. To stop calls, tell the caller or our AI assistant, or email privacy@dyme.earth. Opting out of marketing messages does not stop transactional messages tied to an active booking or account.
Carriers and platforms. Mobile carriers and messaging platforms (including WhatsApp and Meta) are not liable for delayed or undelivered messages. WhatsApp messages are also subject to WhatsApp's and Meta's own terms and privacy practices. Our use of automated and AI-assisted communications is described further in our Automated Decision-Making section (Section 13); a human agent is available on request.
12. STATE PRIVACY RIGHTS
Residents of certain U.S. states have additional rights under state privacy laws, including:
- California (CCPA/CPRA)
- Virginia (VCDPA)
- Colorado (CPA)
- Connecticut (CTDPA)
- Utah (UCPA)
- Texas (TDPSA)
- Florida, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Tennessee and other states with effective comprehensive privacy laws
Depending on your state of residence, you may have the right to:
- Know / Access what personal information we have collected about you and how we use it
- Delete personal information we hold about you, subject to legal exceptions
- Correct inaccurate personal information
- Portability — obtain a portable copy of your personal information
- Opt out of "sale" or "sharing" of personal information, and of targeted advertising
- Limit use of sensitive personal information
- Non-discrimination — exercise these rights without being discriminated against
To exercise a right, email privacy@dyme.earth or write to the address in Section 15. We will verify your identity using information we have on file. We will respond within 45 days; we may extend the response window by an additional 45 days where reasonably necessary, with notice to you.
You may use an authorized agent to submit a request on your behalf, subject to our verification.
Appeal. If we deny your request, you may appeal by replying to our response. We will inform you in writing of the outcome of the appeal within 60 days.
13. AUTOMATED DECISION-MAKING
Dyme uses automated systems, including machine-learning models and AI-powered tools, in connection with the Services. These systems are used to:
- Rank and personalize hotel and flight search results, recommendations, and offers shown to you
- Triage and respond to customer support inquiries via AI-powered chat assistants. The AI may access information necessary to assist you, including your account profile, booking history, and Dyme Miles balance. A human agent is available on request, and we will route inquiries to a human when the AI cannot adequately resolve them
- Detect fraud, prevent abuse, and protect the integrity of Dyme Miles and other Services
These automated systems do not make decisions that produce legal or similarly significant effects on you. You may contact privacy@dyme.earth to obtain meaningful information about the logic of any automated processing that materially affects your account, and to request human review where required by applicable law.
14. PRIVACY POLICY UPDATES
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email and/or by a prominent notice on the Services before the changes take effect. The "Effective Date" at the top reflects the date the current version becomes effective. Your continued use of the Services after the Effective Date constitutes your acceptance of the updated Policy.
15. CONTACT US
Dyme Digital Inc.
1401 Lavaca Street, #593, Austin, TX 78701
Email: privacy@dyme.earth
Phone: 1-218-438-3963
16. DISCLAIMER
This Privacy Policy is provided for informational purposes and does not create any contractual or other legal right in favor of any party. The substantive rights and obligations between you and Dyme are governed by the Dyme Terms of Service.