TripPortier ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address, name, and profile picture when you create an account or sign in with Google/Apple.
- Trip Data: Trip destinations, dates, packing lists, and itinerary items you create.
- Flight Information: Flight numbers and travel dates you enter for flight tracking.
- Forwarded Emails: When using Email Import, booking confirmation emails you forward to your unique TripPortier email address, including email content and attachments.
- Payment Information: When purchasing eSIMs or subscriptions, payment processing is handled by Stripe. We do not store your credit card details.
1.2 Information Collected Automatically
- Device Information: Device type, operating system version, and unique device identifiers.
- Usage Data: How you interact with the app, features used, and crash reports.
- Location Data: Only when you grant permission, for weather forecasts and destination suggestions.
1.3 Information Stored Locally on Your Device
- Trip Image Cache: Cover images for your trips are cached locally on your device (up to 100MB) for faster loading and offline access.
- Offline Trip Data: For premium users who enable offline mode, complete trip data including packing lists, itineraries, weather forecasts, and local insights are stored locally on your device.
- User Preferences: App settings, stats section customization, and achievement progress are stored locally.
- Automatic Cleanup: Offline trip data is automatically deleted 30 days after a trip ends to free up storage space.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Generate smart packing suggestions based on your destinations and weather
- Track flights and send notifications about delays, gate changes, and boarding
- Process eSIM purchases and manage your data plans
- Sync your data across devices
- Send you important updates about the app
- Respond to your support requests
- Analyze usage patterns to improve the app
3. Data Storage and Security
Your data is stored securely using:
- Firebase (Google Cloud): For user authentication, database storage, and cloud functions
- Encryption: All data is encrypted in transit (TLS) and at rest
- Access Controls: Strict access controls ensure only authorized systems can access your data
- Local Device Storage: Some data is cached locally on your device for offline access and performance. This data is stored in your device's secure app sandbox and is only accessible by TripPortier.
- Storage Limits: We implement automatic storage management to prevent excessive device storage usage (100MB limit for image cache, automatic cleanup of expired offline data).
4. Artificial Intelligence and Data Processing
4.1 AI-Powered Features
TripPortier uses artificial intelligence to provide personalized travel assistance. Our AI features include:
- Smart Packing Suggestions: AI analyzes your destination, weather forecasts, and trip type to suggest items for your packing list.
- AI Travel Assistant: An interactive chat assistant that answers questions about your destination, local customs, and travel tips.
- Local Insights: AI-generated information about culture, etiquette, safety tips, and local recommendations for your destinations.
- Itinerary Suggestions: Personalized recommendations for places to visit, restaurants, and activities.
4.2 AI Data Processing
When using AI features:
- Your trip data (destinations, dates, preferences) is sent to Google's Gemini AI service for processing.
- Conversations with the AI assistant are processed in real-time and not permanently stored by the AI provider.
- AI responses are generated based on your specific queries and trip context.
- We do not use your personal conversations to train AI models.
4.3 AI Limitations
Please be aware that:
- AI-generated content may contain inaccuracies or outdated information.
- AI suggestions should be verified independently, especially for visa requirements, health advisories, and safety information.
- The AI does not have access to real-time information unless explicitly integrated (e.g., weather data).
4.4 AI Email Import
When you use the Email Import feature to forward booking confirmation emails:
- Email Reception: Emails are received by Amazon Simple Email Service (SES) and securely transmitted to our processing system.
- AI Processing: Email content and attachments are analyzed by Google Gemini AI to extract booking details (type, dates, times, locations, confirmation numbers, prices).
- Data Extraction: Only relevant booking information is extracted and stored; we do not store the full email content permanently.
- Attachment Storage: PDF attachments (e.g., booking confirmations, tickets) are stored in Firebase Storage and linked to your itinerary items.
- Retention: Pending bookings are retained for up to 30 days. Once you accept or reject a booking, the temporary data is deleted.
- No Training: Your forwarded emails are not used to train AI models.
5. Third-Party Services
We use the following third-party services:
- Firebase/Google: Authentication, database, analytics, and cloud functions
- Google Analytics: Website and app usage analytics (see Section 6 for details)
- Google Gemini: AI-powered features including travel assistant, packing suggestions, local insights, and email booking extraction
- Amazon SES: Email reception for the Email Import feature
- FlightAware: Real-time flight tracking data
- Airalo: eSIM provisioning and management
- Stripe: Secure payment processing
- Apple: App Store subscriptions and payments
- OpenWeather: Weather forecast data
- Pexels: Travel destination imagery
Each service has its own privacy policy governing their use of your data.
6. Analytics and Cookies
6.1 Google Analytics
We use Google Analytics 4 (GA4) to understand how visitors use our website and mobile application. This helps us improve our services and user experience.
What Google Analytics Collects:
- Website Analytics: Pages visited, time spent on site, browser type, device type, screen resolution, referring website, geographic location (country/city level), and user interactions
- iOS App Analytics: App screens viewed, features used, session duration, device model, operating system version, app version, geographic location, and in-app events (e.g., trip created, flight tracked, eSIM purchased)
- IP Address: Your IP address is collected but anonymized by Google Analytics
- Cookies: Google Analytics uses cookies and similar technologies to identify unique visitors and track user behavior across sessions
How We Use Analytics Data:
- Understand which features are most popular and useful
- Identify technical issues and improve app performance
- Measure the effectiveness of our marketing campaigns
- Optimize user experience and interface design
- Analyze user journeys and conversion rates
- Generate aggregated, anonymized reports on usage trends
Data Retention:
Google Analytics data is automatically deleted after 14 months. We do not retain analytics data indefinitely.
Opt-Out Options:
- Website: You can opt-out by using the Google Analytics Opt-out Browser Add-on, managing cookie preferences via our cookie banner, or using browser settings to block cookies
- iOS App: Go to Settings > Privacy > Analytics & Improvements > Share iPhone Analytics and disable analytics sharing at the system level. You can also disable tracking in the TripPortier app settings under Privacy > Analytics
Google's Privacy Policy:
Google Analytics is provided by Google LLC. Learn more about how Google uses data: Google Privacy Policy and How Google uses data when you use our partners' sites or apps.
6.2 Cookies and Similar Technologies
Our website uses cookies and similar technologies to provide functionality and improve your experience.
Types of Cookies We Use:
- Essential Cookies: Required for the website to function properly (authentication, security, language preferences). These cannot be disabled.
- Analytics Cookies: Google Analytics cookies to measure website usage and performance (can be disabled via cookie banner)
- Functional Cookies: Remember your preferences like currency, language, and theme settings
- Authentication Cookies: Keep you logged in when you use the web app
Specific Cookies:
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| _ga | Google Analytics - distinguishes unique users | 2 years | Analytics |
| _ga_X9D9LXQY9Y | Google Analytics - stores session state | 2 years | Analytics |
| cookie_consent | Stores your cookie preferences | 1 year | Essential |
| firebase_auth_* | Firebase authentication tokens | Session | Essential |
| theme | Remembers dark/light mode preference | 1 year | Functional |
| currency | Stores selected currency preference | 1 year | Functional |
| language | Stores selected language preference | 1 year | Functional |
Managing Cookies:
- Cookie Banner: When you first visit our website, you'll see a cookie consent banner where you can accept or decline analytics cookies
- Browser Settings: Most browsers allow you to view, manage, and delete cookies through browser settings
- Do Not Track: We respect Do Not Track (DNT) browser signals and will not load analytics cookies if DNT is enabled
Third-Party Cookies:
We do not use third-party advertising cookies or tracking pixels. The only third-party cookies are from Google Analytics (when you consent) and essential service providers like Firebase for authentication.
Mobile App Tracking:
The iOS app does not use cookies but uses Apple's Identifier for Vendors (IDFV) and Google Analytics SDK to track app usage. You can opt-out in the app settings under Security > Privacy & Analytics.
7. Data Sharing
We do not sell your personal information. We may share your data:
- With service providers who assist in operating our app
- When required by law or to protect our rights
- With your consent, such as when sharing trips with friends
- In aggregated, anonymized form for analytics
8. Your Rights and Choices
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate data
- Deletion: Request deletion of your account and data
- Export: Export your trip data
- Manage Offline Data: View and delete offline cached data directly in the app settings
- Clear Cache: Clear locally cached images to free up device storage
- Opt-out: Disable notifications and location services
To exercise these rights, contact us at privacy@tripportier.com or through WhatsApp.
9. Data Retention
We retain your data for as long as your account is active. After account deletion:
- Personal data is deleted within 30 days
- Anonymized analytics data may be retained
- Backups are purged within 90 days
- Locally cached data is automatically cleaned up 30 days after trip completion
- Image cache uses LRU (Least Recently Used) eviction when storage limit is reached
- You can manually clear cached data at any time through the app
10. Children's Privacy
Our app is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.
11. International Data Transfers
Your data may be processed in countries outside your residence, including the United States and European Union. We ensure appropriate safeguards are in place for international transfers.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Your continued use of the app after changes indicates acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Email: info@tripportier.com
- WhatsApp: +41 76 512 5678
14. For EU/EEA Residents
Under GDPR, you have additional rights including:
- Right to data portability
- Right to restrict processing
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
Our legal basis for processing is typically your consent or the necessity to perform our contract with you.
14.1 Data Processing Details
Under GDPR Article 13, we provide the following information:
- Data Controller: TripPortier (contact: privacy@tripportier.com)
- Legal Basis for Processing:
- Contract performance: Trip planning features, flight tracking, eSIM purchases
- Consent: AI features, analytics, marketing communications
- Legitimate interest: Security, fraud prevention, service improvement
- Data Recipients: See Section 5 (Third-Party Services)
- International Transfers: Data may be transferred to USA (Firebase/Google) under standard contractual clauses
- Retention Periods: See Section 9 (Data Retention)
- Automated Decision-Making: AI features provide suggestions but do not make automated decisions affecting your rights
14.2 Exercising Your Rights
To exercise your GDPR rights:
- Email privacy@tripportier.com with "GDPR Request" in subject line
- We will respond within 30 days
- No fee unless request is manifestly unfounded or excessive
- You may lodge a complaint with your local supervisory authority
15. For California Residents
Under CCPA, California residents have additional rights including:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of the sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising privacy rights