Privacy Policy
Your privacy matters to us. This policy explains what data we collect, how we use it, and how we keep it safe.
Last updated: June 2025
What We Collect
Only the information needed to provide you with a great travel discovery experience — nothing more.
How We Protect It
All data is encrypted in transit. Passwords are hashed and never stored in plain text.
Where It Lives
Your data is stored securely on TiDB Cloud servers. We never sell your personal information to third parties.
1. Information We Collect
Account Information
When you create an account, we collect your name, email address, and password (stored as a bcrypt hash). If you sign in with Google, we receive your name, email, and profile picture from Google.
Content You Submit
When you add a place or write a review, we store the content, images, ratings, and associated metadata (city, state, country, coordinates) that you provide.
Usage Data
We collect anonymised page view data including the page path, device type, and country to understand how people use Tripzify. We hash IP addresses so individual users cannot be identified from analytics data.
Images
Photos you upload are stored on Cloudinary, our image hosting partner. We store the image URL and public ID in our database. Please refer to Cloudinary's Privacy Policy for details on how they handle images.
2. How We Use Your Information
- To operate and improve the Tripzify platform
- To display your submitted places and reviews to other users
- To send account-related emails (verification, password reset)
- To moderate content and enforce our Content Policy
- To analyse usage patterns and improve user experience
3. Third-Party Services
Tripzify uses the following third-party services:
- Google OAuth — for "Sign in with Google". Google's Privacy Policy applies.
- Cloudinary — for image storage and delivery.
- TiDB Cloud — our database provider (PingCAP). Data is stored on their secure cloud infrastructure.
- Gmail SMTP — for sending transactional emails.
We do not sell, rent, or share your personal data with any other third parties for marketing purposes.
4. Cookies
We use session cookies to keep you logged in. These are essential for the app to function. We do not use tracking or advertising cookies.
5. Data Retention
We retain your account and content data for as long as your account is active. If you delete your account, your personal information and content will be permanently removed from our database within 30 days.
6. Your Rights
- Access: You can view and edit your profile information from your dashboard settings.
- Deletion: You can delete your account and all associated data at any time from Settings.
- Portability: You may request a copy of your data by contacting us.
7. Children's Privacy
Tripzify is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users by email of any significant changes. Continued use of Tripzify after changes constitutes acceptance of the updated policy.
9. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please reach out via our Contact page.