What data we collect
Account information: When you sign up, we collect your name and email address. If you sign in with Google, we also receive your profile picture from Google. We store a hashed version of your password — we never store or can see your actual password.
Trip data: When you create or join a trip, we store the trip details (destination, dates, trip name), your role (owner or participant), and your invite link activity.
Preferences and personality data: When you fill in travel preferences for a trip, we store your accommodation, food, travel style, and interest preferences. We use this data to generate your travel personality profile and group compatibility insights.
Ideas and votes: When you save travel ideas (via links or manual entry), we store the location name, category, your personal note, and any URL you provide. We also store your votes (must-have, nice-to-have, skip) on group ideas.
Budget and expense data: When you enter budget information or shared expenses, we store the amounts, descriptions, and payment attribution (who paid, how expenses are split).
Payment data: When you purchase a Premium Trip unlock, the transaction is processed entirely by Stripe. We never receive or store your credit card number, CVV, or full card details. We store only the Stripe session ID, transaction status, and amount for our records.
Usage data: We collect basic usage analytics (pages visited, features used, trip creation events) to understand how the app is used and improve it. We do not track you across other websites.
Cookies: We use essential cookies to keep you logged in. We use optional analytics cookies only with your consent.
How we use it
We use your personal data to:
- Provide the service: Display your trips, match group preferences, detect conflicts, generate AI-powered itineraries and personality profiles, calculate expense settlements, and facilitate group collaboration.
- Process payments: When you upgrade a trip to Premium, we create a Stripe checkout session using your trip and account information. Stripe handles all payment processing.
- Generate AI insights: We send your preferences, saved ideas, and trip context to our AI provider (Anthropic Claude, accessed via Emergent) to generate group profiles, personality assignments, conflict resolution suggestions, itineraries, and cost estimates. This data is sent only when you or your group triggers a generation. AI providers process this data according to their own privacy policies and do not use it to train their models.
- Send communications: If you provide an email for trip invitations, we use it to send invite notifications. We do not send marketing emails.
- Improve the product: We use aggregated, anonymised usage data to understand which features are used and improve the app experience.
We do not sell your personal data to third parties. We do not use your data for advertising.
How we store and protect it
Storage: Your data is stored in a MongoDB database hosted on secure cloud infrastructure managed by Emergent (our hosting platform). Data is transmitted over HTTPS (encrypted in transit).
Access: Only the app's backend services access your data programmatically to provide features. We do not have a team of people browsing user data. Access to production infrastructure is restricted.
Third-party processors: We share data with the following processors, solely to provide the service:
- Stripe (payments) — processes payment transactions. Stripe is PCI DSS Level 1 certified.
- Anthropic (AI, via Emergent) — processes trip context to generate itineraries, profiles, and insights. Data is sent per-request and is not used for model training.
- Emergent (hosting and infrastructure) — hosts the application and database.
- Resend (email) — sends transactional emails such as trip invitations.
Retention: We retain your data for as long as your account is active. If you delete your account, all your personal data is permanently deleted from our database.
Breach notification: In the event of a data breach that affects your personal data, we will notify you via email within 3 calendar days of becoming aware of the breach, in compliance with PDPA requirements.
Your rights
Under the PDPA and applicable privacy laws, you have the right to:
- Access your personal data — you can view your profile, preferences, and trip data within the app at any time.
- Correction — you can update your preferences, trip details, and profile information at any time through the app.
- Deletion — you can permanently delete your account and all associated data from your Profile Settings at any time. This action is immediate and irreversible.
- Withdraw consent — you can decline non-essential cookies via the cookie consent banner. You can withdraw consent for data processing by deleting your account.
If you are located in the European Economic Area (EEA), you may also have additional rights under the GDPR, including data portability and the right to object to processing.
Data Protection Officer: As required under the PDPA, our Data Protection Officer can be contacted at the email below. We will respond to all data-related requests within 30 days.