Privacy Policy

Tripmojo (“we,” “us,” or “our”) is a collaborative travel-planning platform operated by Candle Studios LLC (Washington, USA). This Privacy Policy explains what personal information we collect when you use the Tripmojo apps and website, why we collect it, how we use it, who we share it with, and the choices you have.

If you have questions, contact us at contact@tripmojo.ai.

• Account information. When you create an account we collect your email address. If you sign in with Google or Apple, we receive your email and name (Apple may give you a relay email via Hide My Email), and a profile picture where provided.
• Profile and preferences.Optional details you add — display name, home city, home currency, traveler type, budget preference, dietary preferences, interests, trip vibes, and places you’ve visited — used to personalise suggestions.
• Trip content. Destinations, dates, travelers, bookings (flights, hotels, activities, restaurants, transit), itinerary items, expenses and who owes whom, chat messages and any media you send in a trip, and any photos or notes you add.
• Travel documents you upload.Booking confirmations, boarding passes, and e-tickets, plus anything you choose to store in your Wallet. Wallet documents can include sensitive information such as passports, visas, driver’s licenses, IDs, insurance, and vaccination or health certificates. We store what you choose to upload; please only add documents you’re comfortable storing with us.
• Booking emails. If you forward a booking email to your Tripmojo inbox address, or connect a Gmail account (see Section 4), we receive and process those emails — including their attachments — to build your trips. Forwarded emails are archived so we can re-read them if extraction needs to be re-run.
• Device location (optional).If you grant permission, the app uses your device’s approximate location to suggest nearby places. This happens on your device to fetch suggestions; we don’t store your device location on our servers. Coordinates we do store are for places you add to a trip (e.g. a hotel or activity).
• Notifications. If you enable push notifications, we store a device push token so we can send you trip updates.
• Usage, analytics, and diagnostics. We collect feature-usage events, screen views, app performance, and crash reports (see Section 7), plus standard log data such as IP address, device/browser type, and timestamps, to operate, secure, and improve the service.

We do notcollect payment card numbers or bank account numbers — we don’t process payments in the app.

• Provide and operate the service (accounts, trips, sharing, expenses, chat).
• Read and parse booking emails and documents to build your itinerary.
• Personalise destination ideas and nearby suggestions.
• Send service communications (account confirmations, trip updates, security notices).
• Improve, troubleshoot, secure, and prevent abuse of the service.
• Comply with legal obligations.

We do not sell your personal information, and we do not use your data to train third-party AI models.

You can optionally connect a Gmail account so we can find booking confirmations automatically. When you connect, Google asks you to grant the gmail.readonlyscope, which is read-only access to your Gmail. We use it only to look for travel emails (flights, hotels, car rentals, rail) and to extract their details into your trips. We don’t use it to read unrelated personal, financial, or medical email for any other purpose.

Scanning runs on our servers, not on your device. We store the access we’re granted (an OAuth token) securely on our servers so we can perform the scans you ask for; we never place these tokens on your device. You can disconnect at any time in Settings → Connected accounts, or revoke access from your Google Account; deleting your Tripmojo account also revokes them.

Tripmojo’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Tripmojo uses Google’s Gemini API to read your travel content and help organise it. Specifically, we send to Gemini:

• the text and images of booking emails and documents you forward, upload, or that we find in a connected Gmail account, so it can extract booking details (dates, times, confirmation numbers, locations, and similar fields);
• trip context and your profile/preferences, so it can suggest destinations, plans, and nearby activities.

Gemini processes this data under Google’s API terms and, per those terms, does not use it to train its models. AI output can be wrong or incomplete — always verify important details against the original source.

We don’t sell your data. We share it only with service providers (“subprocessors”) that help us run Tripmojo, each processing data on our behalf under their own terms:

• Supabase — database, authentication, and file storage.
• Google Cloud Platform — application hosting (Cloud Run, Cloud Scheduler).
• Vercel — web hosting and deployment.
• Google Gemini API — AI processing of emails, documents, and trip context (Section 5).
• Google APIs (Gmail, Maps/Places) — booking-email import (with your consent) and place/location lookups for suggestions.
• Firebase (Google) — push notifications (Cloud Messaging), analytics, and crash reporting (Section 7).
• Cloudflare — inbound email routing and short-term storage of raw forwarded emails so we can process them.
• Resend — sending transactional email (invites, confirmations, notices).
• Google & Apple — when you choose to sign in with those providers.

The third parties listed here process data on infrastructure primarily in the United States. We disclose information to law enforcement only when required by a valid legal request.

We use Firebase (a Google service) for product analytics, performance monitoring, and crash reporting. Analytics records feature-usage events and screen views with an account identifier so we can understand and improve how the app is used. Crash reports include a one-way hashed account identifier plus diagnostic breadcrumbs (such as the screen you were on and connection state) — they do not include your emails, names, documents, or booking details.

When you add someone to a trip as a Viewer, Editor, or Organiser, that person can see the trip’s contents (itinerary, bookings, members, expenses, chat, and activity history). If you add someone by email, we email them an invite and they gain access when they sign up. Public trips you share via a link are visible to anyone with the link.

We’re not responsible for how other trip members handle information you share with them. Only invite people you trust, and only add documents you’re comfortable sharing with that trip’s members.

We keep your account and trip data for as long as your account is active. When you delete a trip, it and its attached files (bookings, itinerary, documents, chat, and expenses) are permanently deleted.

When you delete your account, we promptly delete your profile, preferences, connected-account tokens (and attempt to revoke them at the provider), notifications, push tokens, Wallet documents, and the trips you solely own; trips shared with other members continue under the remaining organiser. We also purge the raw copies of any emails you forwarded to us.

Deleted content may persist for a short time in our service providers’ encrypted backups before being overwritten on their normal backup cycles.

Depending on where you live, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (you can delete your account in-app at any time).
• Export your data in a portable format.
• Object to or restrict certain processing.

To exercise these rights, email us at contact@tripmojo.ai from the email address associated with your account.

With your consent, the app may ask for access to your camera and photo library (to scan and attach booking documents), your microphone and speech recognition (to dictate trip ideas in the planner), your approximate location (for nearby suggestions), and to send notifications. You can change or revoke any of these in your device settings at any time; the related features simply won’t work without them.

Tripmojo is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

Our infrastructure is hosted in the United States. If you use Tripmojo from outside the U.S., your information will be transferred to and processed in the U.S.

We use industry-standard measures to protect your information, including encrypted transport (TLS), encrypted storage at rest, and row-level access controls on every database table. No system is perfectly secure, but we take our obligations seriously.

We may update this Privacy Policy from time to time. Material changes will be announced in-product or by email. The “Last updated” date at the top of this page reflects the most recent revision.

Privacy questions, data requests, or anything else: contact@tripmojo.ai.