Privacy Policy

1. Introduction

triprovo ("we", "us", or "our") operates triprovo.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read this policy carefully. By using triprovo, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Information you provide directly:

• Account information: name, email address, and password when you register
• Profile data: travel preferences, interests, and travel style
• Trip data: destinations, dates, budgets, itineraries, and journal entries you create
• Payment information: processed securely by Stripe — we never store full card details
• Communications: support messages or feedback you send us

Information collected automatically:

• Usage data: pages visited, features used, and interactions with the service
• Device information: browser type, operating system, and IP address
• Cookies: session cookies for authentication and preference cookies for settings like dark mode

3. How We Use Your Information

We use the information we collect to:

• Create and manage your account
• Generate AI-powered travel itineraries tailored to your preferences
• Process payments and manage subscriptions via Stripe
• Send transactional emails (welcome, trial expiry, collaboration invites)
• Provide customer support
• Improve and personalize the service
• Monitor for abuse and ensure the security of the service
• Comply with legal obligations

We do not sell your personal data to third parties.

4. Third-Party Services

We use the following third-party services that may process your data:

• OpenAI — for AI itinerary generation. Your trip details are sent to OpenAI's API. See OpenAI's Privacy Policy.
• Stripe — for payment processing. See Stripe's Privacy Policy.
• Google OAuth — if you sign in with Google. See Google's Privacy Policy.
• Resend — for transactional emails.
• Railway / PostgreSQL — for secure database hosting.
• Vercel — for hosting. Vercel may log request metadata.

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where required by law (e.g., financial records retained for tax purposes for up to 7 years).

6. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of marketing communications

To exercise any of these rights, contact us at support@triprovo.com.

7. Cookies

We use cookies and similar technologies for authentication (session cookies) and user preferences (e.g., dark mode). We do not use advertising or tracking cookies. You can disable cookies in your browser settings, but this may affect the functionality of the service.

8. Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords (bcrypt), and secure session management. However, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account.

9. Children's Privacy

triprovo is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on the service. Your continued use of triprovo after changes are posted constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at: