Privacy Policy

1️⃣ Introduction

Welcome to TripMate. This Privacy Policy explains how TripMate ("we," "our," or "us") collects, uses, discloses, and protects your personal information when you use our mobile application and related services (collectively, the "Service").

By using TripMate, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2️⃣ Information We Collect

2.1 Personal Information

We collect information that identifies you or can be used to identify you when you:

• Create an Account: Name, email address, username, password
• Complete Your Profile: Profile photo/avatar, bio, travel preferences, age verification
• Subscribe to Premium: Payment information (processed securely through RevenueCat, App Store, or Google Play)
• Use Verification Features: Profile verification documents (if you choose to verify)

2.2 Trip-Related Data

When you use TripMate's planning features, we collect:

• Trip details (destination, dates, trip type, description)
• Group member information and relationships
• Expense records and payment tracking
• Itinerary data and planned activities
• Location data when you use location-based features (with your permission)
• Photos and media you share within trips

2.3 Usage Data

We automatically collect information about how you interact with our Service:

• AI chat interactions and queries
• App usage patterns and feature engagement
• Device information (operating system, device type, unique device identifiers)
• IP address and approximate location data
• App performance and crash reports
• Time and date stamps of activities

2.4 User-Generated Content

• Messages and communications within the app
• Reviews, ratings, and feedback
• Community posts and interactions
• Shared travel stories and recommendations

3️⃣ How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

• Create and maintain your account
• Enable trip planning and group collaboration features
• Process expense tracking and splitting
• Provide AI-powered recommendations and assistance
• Facilitate communication between group members

3.2 Personalization

• Customize AI recommendations based on your preferences
• Suggest relevant travel destinations and activities
• Tailor content and features to your interests

3.3 Transactions & Subscriptions

• Process premium subscription payments
• Manage billing and account status
• Send transaction confirmations and receipts

3.4 Communications

• Send notifications about trip updates and activities
• Provide customer support and respond to inquiries
• Send service announcements and important updates
• Deliver marketing communications (with your consent)

3.5 Safety & Security

• Verify user identities and prevent fraud
• Enforce our Terms & Conditions and Community Guidelines
• Detect and prevent abuse, harassment, or illegal activities
• Protect the rights and safety of our users

3.6 Analytics & Improvement

• Analyze usage patterns to improve our Service
• Conduct research and development for new features
• Test and optimize app performance
• Generate aggregated, anonymized statistics

4️⃣ Data Sharing & Disclosure

4.1 With Group Members

When you join or create a trip, certain information is shared with other group members:

• Your profile information (name, avatar, bio)
• Trip-related data (expenses, activities, preferences)
• Messages and communications within the group

4.2 Service Providers

We share data with trusted third-party service providers who assist us in operating our Service:

• Supabase: Database and authentication services
• RevenueCat: Subscription management and payment processing
• AI Service Providers: Natural language processing and recommendation engines
• Cloud Storage Providers: Secure data storage and backup
• Analytics Providers: App performance and usage analytics

These providers are bound by contractual obligations to protect your data and use it only for specified purposes.

4.3 Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Enforce our Terms & Conditions and other agreements
• Protect the rights, property, or safety of TripMate, our users, or the public
• Detect, prevent, or address fraud, security, or technical issues

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such change and the choices you may have.

4.5 With Your Consent

We may share your information with third parties when you explicitly consent, such as when you choose to connect third-party services to your TripMate account.

5️⃣ Data Storage & Security

5.1 Security Measures

We implement industry-standard security measures to protect your data:

• Encryption: Data is encrypted in transit (TLS/SSL) and at rest
• Secure Authentication: Password hashing and secure authentication protocols via Supabase Auth
• Access Controls: Strict internal access policies and role-based permissions
• Regular Audits: Periodic security assessments and vulnerability testing
• Monitoring: Continuous monitoring for suspicious activities and breaches

5.2 Data Storage Location

Your data is stored on secure servers provided by our infrastructure partners. Server locations may vary based on your region to optimize performance.

5.3 Payment Security

We do not store your complete payment card details. All payment processing is handled securely by Apple App Store, Google Play Store, and RevenueCat in accordance with PCI-DSS standards.

6️⃣ Your Rights & Choices

You have the following rights regarding your personal information:

6.1 Access & Correction

• Request a copy of your personal data
• Update or correct inaccurate information in your profile settings
• Export your data in a portable format

6.2 Deletion

• Request deletion of your account and associated data
• Note: Some data may be retained for legal or legitimate business purposes
• Deletion can be initiated through app settings or by contacting support

6.3 Data Portability

• Export your trip data, expenses, and itineraries
• Receive your data in a structured, machine-readable format

6.4 Marketing Communications

• Opt-out of promotional emails via unsubscribe links
• Manage notification preferences in app settings
• You will still receive essential service-related communications

6.5 Location Services

• Control location access through your device settings
• Enable or disable location features at any time
• Some features may require location access to function properly

6.6 Profile Privacy

• Control who can see your profile and travel activity
• Manage visibility of your trips and shared content
• Block or report users who violate Community Guidelines

To exercise any of these rights, please contact us at privacy@tripmate.com

7️⃣ Children's Privacy

7.1 Collection from Minors

• We do not knowingly collect personal information from children under 13
• Age verification is required during account creation
• Users under 18 should obtain parental consent before using the Service

7.2 Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information:

• Contact us immediately at privacy@tripmate.com
• We will delete the information as soon as reasonably possible
• You can request access to your child's data and request its deletion

7.3 COPPA Compliance

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect information from children under 13 without verified parental consent.

8️⃣ Cookies & Tracking Technologies

8.1 Types of Technologies Used

• Cookies: Small text files stored on your device to remember preferences
• Analytics Tools: Track app usage patterns and performance metrics
• Device Identifiers: Unique identifiers to recognize your device
• Session Management: Maintain your logged-in state and app session

8.2 Purpose of Tracking

• Authenticate users and maintain security
• Remember your preferences and settings
• Analyze app performance and user engagement
• Improve features and user experience
• Provide personalized content and recommendations

8.3 Managing Tracking Preferences

• Adjust tracking settings in your device's privacy settings
• Opt-out of analytics through app settings
• Disable cookies through browser settings (for web version)
• Note: Disabling certain technologies may limit app functionality

9️⃣ Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

9.1 Service Providers

• Supabase: supabase.com/privacy
• RevenueCat: revenuecat.com/privacy
• Apple App Store: apple.com/legal/privacy
• Google Play: policies.google.com/privacy

9.2 AI Service Providers

We use third-party AI services to power our travel assistant and recommendations. These providers process your queries but do not store your personal information beyond what's necessary for service delivery.

9.3 Your Responsibility

We encourage you to review the privacy policies of any third-party services you interact with through TripMate. We are not responsible for the privacy practices of third parties.

🔟 Data Retention

10.1 Retention Periods

• Account Data: Retained while your account is active
• Trip Data: Retained for 2 years after trip completion or until deletion
• Expense Records: Retained for 7 years for accounting and legal purposes
• Usage Analytics: Aggregated data retained indefinitely; individual data for 2 years
• Support Communications: Retained for 3 years for quality assurance

10.2 Account Deletion

When you delete your account:

• Personal information is permanently deleted within 30 days
• Shared trip data may remain visible to other trip members
• Some data may be retained in backups for up to 90 days
• Aggregated, anonymized data may be retained for analytics

10.3 Legal Holds

We may retain certain data longer if required by law, legal proceedings, or to enforce our agreements.

1️⃣1️⃣ International Users

11.1 Data Transfers

TripMate operates globally, and your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international data transfers.

11.2 GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to object to processing
• Right to restrict processing
• Right to lodge a complaint with supervisory authorities
• Right to withdraw consent

11.3 CCPA Compliance (California Users)

California residents have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising CCPA rights

11.4 Other Regional Rights

We respect privacy rights under all applicable regional laws and regulations. Contact us to learn more about your specific rights based on your location.

1️⃣2️⃣ Changes to Privacy Policy

12.1 Updates & Modifications

We may update this Privacy Policy from time to time to reflect:

• Changes in our data practices
• New features or services
• Legal or regulatory requirements
• User feedback and best practices

12.2 Notification Process

• Material changes will be communicated via email and in-app notification
• The "Last Updated" date at the top will reflect the most recent changes
• Continued use of the Service after changes constitutes acceptance

12.3 Reviewing Updates

We encourage you to review this Privacy Policy periodically. Previous versions may be available upon request.

1️⃣3️⃣ Contact Information