Privacy Policy

Travlogue ("we", "us", "our") provides a travel-planning application that lets you build itineraries, track budgets, and collaborate with fellow travelers. For the purposes of the EU/UK General Data Protection Regulation (GDPR), Travlogue is the data controller for the personal data described in this policy.

If you have questions about this policy or your data, contact us at privacy@travlogue.app.

We collect the following categories of information:

• Account information — your name, email address, and profile photo, provided through your chosen sign-in provider (for example, Google) when you create an account.
• Trip content — the trips, itineraries, activities, accommodations, transit, notes, expenses, and any other content you create or upload.
• Collaboration data — invitations you send or accept, and your role on shared trips.
• Payment information — when you subscribe to a paid plan, our payment processor (Stripe) collects and processes your card details. We do not see or store full card numbers; we retain only a customer reference and your subscription status.
• Usage and device data — basic analytics about how the service is used (for example, pages viewed and features used). IP addresses are hashed and personal identifiers are scrubbed before storage.

We use your information to:

• Provide, maintain, and improve the service and your trips;
• Authenticate you and keep your account secure;
• Process subscriptions and manage billing;
• Enable collaboration features you choose to use;
• Understand aggregate usage so we can improve the product;
• Communicate with you about service updates, security notices, and support requests.

Our legal bases for processing are: performance of our contract with you (providing the service), your consent (where required, such as non-essential cookies), our legitimate interests (securing and improving the service), and compliance with legal obligations.

To provide certain features, we send limited requests to third-party providers. These include:

• Stripe — payment processing for paid subscriptions;
• Your sign-in provider (e.g. Google) — authentication;
• Open-Meteo — weather forecasts for destinations you view;
• Unsplash — destination photography;
• OpenStreetMap / Nominatim and OSRM — geocoding and routing for maps and distances.

These providers process data under their own privacy policies. Where we send location coordinates for weather, geocoding, or routing, we do not include information that identifies you personally.

We keep your account and trip data for as long as your account is active. If you delete your account, we delete or anonymize your personal data within a reasonable period, except where we are required to retain certain records (for example, billing records) to comply with legal obligations.

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, to object to or restrict certain processing, and to withdraw consent. You can manage much of your data directly in the app, or contact us at privacy@travlogue.app to exercise these rights. You also have the right to lodge a complaint with your local data-protection authority.

We use technical and organizational measures to protect your data, including encryption in transit and access controls. No method of transmission or storage is completely secure, but we work to protect your information and to notify you of significant incidents where required by law.

Your data may be processed in countries other than your own, including by the third-party providers listed above. Where data is transferred outside the EEA/UK, we rely on appropriate safeguards such as standard contractual clauses.

Travlogue is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please contact us so we can delete it.

We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app or by email.