Privacy Policy

1.1 Trip Planning Information. When you generate an itinerary, we collect the details you enter into the form, including:

• Origin and destination cities
• Travel dates and trip duration
• Number of travelers and trip style preferences
• Budget tier, interests, dietary preferences, and any custom notes

1.2 Account Information. If you sign in with Google or email, we collect your name, email address, and a profile photo (if provided by your Google account). Anonymous users are assigned a temporary ID via Firebase Auth — no personal information is required.

1.3 Generated Itinerary Data. When you save an itinerary, the full itinerary content (day-by-day plan, costs, recommendations) is stored in our database linked to your account or share ID.

1.4 Usage Information. We automatically collect information about how you interact with our service, including pages visited, itineraries viewed, and device/browser details (IP address, browser type, operating system).

1.5 Contact Information. If you contact us via our contact form, we collect your name, email address, and message content.

2.1 Generating Itineraries. Your trip details are sent to our AI service to generate a personalized, structured day-by-day travel plan. This is the core function of TripGob.

2.2 Saving and Sharing. If you save an itinerary, we store it in our database so you can access it later from your profile or share it via a link.

2.3 Service Improvement. We use aggregate, anonymized usage data to improve our AI prompts, UI, and overall service quality.

2.4 Communications. If you contact us, we use your information solely to respond to your inquiry. We do not send marketing emails without your explicit consent.

2.5 Analytics. We use analytics tools to understand usage patterns and improve the experience. This data is aggregate and not tied to individual identities.

3.1 AI Service Provider. When you generate an itinerary, your trip details are sent to our AI provider solely for the purpose of generating your travel plan. This data is not used to train AI models or shared for any other purpose.

3.2 Infrastructure Providers. We use Firebase (Google) for authentication and database storage, and Vercel for hosting. These providers process data on our behalf under strict data processing agreements.

3.3 Image Services. Destination images are fetched from Unsplash. When we request images, the destination name is sent to Unsplash's API. No personal account data is shared.

3.4 We Do Not Sell Data. We do not sell, rent, or trade your personal information to any third party for commercial purposes.

3.5 Legal Requirements. We may disclose information if required by law, court order, or to protect the rights and safety of TripGob and its users.

4.1 Security Measures. All data is transmitted over HTTPS. Firestore database access is protected by Firebase Security Rules. API keys and credentials are stored as server-side environment variables and never exposed to the browser.

4.2 Itinerary Retention. Itineraries saved by anonymous (guest) users expire after 90 days. Itineraries saved by signed-in users are retained indefinitely until deleted by the user.

4.3 Limitations. No method of electronic storage or transmission is 100% secure. While we implement strong security measures, we cannot guarantee absolute security.