Privacy Policy

Tripsyc (“we,” “us,” or “our”) operates the Tripsyc website and iOS application (together, the “Service”). This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

By using the Service, you agree to the collection and use of information as described in this policy. This policy should be read alongside our Terms of Service.

1. Information We Collect

Information you provide directly

• Email address, used for authentication (magic link / OTP) and trip invitations
• Name, displayed to members of your trip groups
• Profile information, home city, bio, travel style preference, profile photo
• Trip data, trip names, dates, destination suggestions and votes, budget amounts (stored privately), expense records, itinerary items, packing lists, task assignments, and notes
• Chat messages and photos, content you post within trip group chats and photo uploads
• Calendar availability, dates you mark as free, tentative, or busy within the app

Information collected automatically

• Usage data, pages visited, features used, actions taken, timestamps
• Device information, browser type and version, operating system, device type, IP address
• Log data, server logs including request paths, error reports, and performance metrics
• Push notification tokens, on the iOS and Android apps, we store the device push token so we can deliver trip chat and event notifications. You can revoke this at any time by disabling notifications in your operating system settings.

Information from third parties

• Google OAuth, if you sign in with Google, we receive your name, email address, and (if you grant the optional Calendar scope) a token that lets us read calendar availability on your behalf. You can revoke access any time from your Google Account.
• Apple Sign-In, if you sign in with Apple, we receive an opaque Apple identifier and your email address. On first sign-in only we receive the name you choose to share; subsequent sign-ins return the identifier alone.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Service
• Authenticate your identity and maintain your session
• Send transactional emails (sign-in codes, trip invitation notifications, decision updates)
• Calculate and display anonymous group data (budget comfort zones, availability overlap) without revealing individual details
• Enable collaboration features within your trip groups
• Monitor and analyze usage to improve performance, security, and user experience
• Detect and prevent fraud, abuse, and policy violations
• Comply with legal obligations

We do not use your data for advertising. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3. Budget Privacy

Your individual budget amount is stored encrypted and is never shared with other trip members, the trip creator, or any third party. Only an anonymous aggregate range is calculated and displayed to the group when at least four members have submitted budgets. This aggregation is computed server-side and individual values are never surfaced to any user.

4. Admin Access to Your Content

Tripsyc staff (including administrators, support, and engineers) cannot read the content of your trip chats, your photo uploads, or comments you post on photos or destinations through any admin tool. We deliberately do not provide an internal interface to view this content, and removed the one we had previously built so that the capability does not exist.

Administrators can still see account-level information (email, name, home city, admin role, account status), high-level trip metadata (trip name, member count, deletion status), aggregated analytics, audit logs of admin actions, and support-ticket conversations that you open with us. These are necessary for running the platform, handling abuse we receive from outside reports, and providing user support. Every admin action that modifies data is recorded in an immutable audit log.

Your individual budget amount is additionally encrypted at rest and never decrypted for staff; see section 3 above.

5. Data Sharing and Disclosure

With other users (within your trip groups)

Your name, profile photo, travel style, home city, availability, votes, messages, and expenses are visible to members of your shared trip groups. Your email address is visible to trip organizers. Your budget amount is never visible to anyone.

With service providers (sub-processors)

We share the minimum data required with the following sub-processors to operate the Service:

• Supabase (PostgreSQL database host), stores all trip and account data, including encrypted budget amounts.
• Vercel (web hosting, edge network, analytics, speed insights), serves the web application and collects anonymized performance metrics.
• SendGrid (transactional email), delivers sign-in codes, invitations, and notification emails. Processes email addresses, names, trip names, and invite codes. We also use SendGrid's email-validation service to reject invalid or disposable addresses during sign-up, which transmits the email address you enter.
• Apple Push Notification service (APNs), delivers push notifications to iOS devices. Processes device tokens and notification payloads (title, body, trip identifier).
• Firebase Cloud Messaging (Google), delivers push notifications to Android devices. Processes device tokens and notification payloads.
• Google, provides the Sign-In with Google flow and, when you opt in, the Google Calendar read scope used to import your availability.
• Apple, provides the Sign-In with Apple flow on the web and iOS.
• Google Places / Google Maps Platform, returns city and place information (names, countries, IATA codes) and photo URLs for destinations you search for, plus destination-level context chips (air quality via the Air Quality API, pollen forecasts via the Pollen API, local time via the Time Zone API, and static map images via Google Static Maps). Query terms and destination coordinates are sent to Google; we do not send your identity.
• Open-Meteo, returns weather forecasts and historical climate data for destinations during discovery. We send the destination's coordinates and date range; we do not send your identity. Open-Meteo is a free, open-data weather service.
• Supabase, hosts the application database and powers live presence / real-time sync (so members see who else is looking at a trip, and chat updates land instantly). Processes your authenticated trip data.
• Amadeus for Developers, looks up flight and hotel prices when you browse destinations. We send search parameters (origin, destination, dates, passenger count); we do not send your identity.
• Azure Blob Storage (Microsoft), stores trip photos you upload. Access is granted via short-lived signed URLs.
• Upstash (Redis), stores short-lived rate-limit counters keyed by user identifier so a single account cannot flood the Service.
• Cloudflare Turnstile, verifies that sign-in requests come from a human rather than a bot. Turnstile receives a challenge token; we do not send your identity.
• Sentry, captures application errors and performance traces. Sentry receives stack traces, request paths, and browser/device metadata. Text content is masked and media is blocked in session replays.
• Apple App Store / Google Play, distributes the iOS and Android apps under their own privacy terms.

These sub-processors process data only as necessary to provide their services and are bound by confidentiality and data processing agreements. We do not currently use any third-party advertising network, behavioural-ad tracker, analytics SDK (beyond Vercel's anonymised performance metrics), SMS provider, or payment processor.

Legal requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Tripsyc, our users, or the public.

6. Cookies and Local Storage

We use a single session cookie to maintain your authenticated state. This cookie is strictly necessary for the Service to function and cannot be disabled while using the Service.

We do not use third-party advertising cookies, cross-site tracking cookies, or analytics platforms that set persistent tracking identifiers. We may use local storage in your browser for performance purposes (such as caching UI preferences). No advertising networks have access to your browsing behavior through the Service.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you request deletion of your account, we will delete or anonymize your personal information within a reasonable time, subject to legal retention obligations.

Trip data (messages, expenses, itineraries) may persist in the accounts of other trip members after you leave a trip, as it is shared group content.

8. Your Rights and Choices

You have the right to:

• Access, request a copy of the personal data we hold about you
• Correction, update or correct inaccurate information via your account settings
• Deletion, request deletion of your account and personal data by emailing hello@tripsyc.com
• Portability, request a copy of your data in a portable format
• Objection, object to certain processing of your data

California residents (CCPA/CPRA): Because we do not sell personal information or use it for cross-context behavioral advertising, many CCPA provisions may not apply. However, California residents may contact us to exercise rights to know, delete, and correct their data. We will not discriminate against you for exercising these rights.

EU/EEA/UK residents (GDPR/UK GDPR): Our legal bases for processing your data include: (a) performance of a contract, to provide the Service you requested; (b) our legitimate interests, to operate, secure, and improve the Service; and (c) legal obligations. You have the right to lodge a complaint with your local data protection authority (e.g. the ICO in the UK, or your national DPA in the EU). For international transfers, we rely on standard contractual clauses or equivalent safeguards where required.

9. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information immediately. If you believe a child has provided us their data, please contact us at hello@tripsyc.com.

10. Security

We take reasonable technical and organizational measures to protect your data, including encrypted connections (HTTPS/TLS), hashed authentication tokens, HTTP-only secure cookies, and access controls on our database infrastructure.

No method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you as required by applicable law.

11. International Data Transfers

The Service is operated from the United States. If you are located outside the US, your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer. We rely on appropriate safeguards (such as contractual protections with our service providers) where required by law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top. Material changes will be communicated to you via email or a prominent notice in the Service. Your continued use of the Service after any change constitutes acceptance of the updated policy.

13. Contact Us

For any questions, requests, or concerns about this Privacy Policy or your personal data, please contact us at: hello@tripsyc.com