Privacy Policy
Last updated June 29, 2026
Overview
TripAlta ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered travel planning platform, including our website (tripalta.com), mobile applications (iOS and Android), and related services (collectively, the "Service").
We aim to comply with applicable privacy laws, including the General Data Protection Regulation (GDPR) for users in the European Economic Area, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents, and other applicable data protection laws.
Key Principles
- • We collect only the data needed to deliver and improve the service.
- • We never sell your travel data, trips, or personal information.
- • You can access, correct, export, or delete your information anytime.
- • We use industry-standard security — though no system is perfectly secure.
- • Non-essential analytics are off by default, opt-in, and changeable at any time.
Important: By using TripAlta, you agree to this Privacy Policy
If you do not agree with this policy, please do not use our Service. We may update this Privacy Policy from time to time, and we will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.
Data Collection
We collect information you provide directly — your name, email, trip preferences, and the details you share with Alta — along with data generated automatically as you use the product, such as device, usage, and approximate location. We collect information you provide directly, information collected automatically when you use the Service, and information from third-party sources such as social login providers. Here is what we collect:
Account Information
Email address, name, username, profile details (bio, phone number, date of birth, address, nationality, preferred currency, profile photo), subscription plan, and authentication identifiers. Passwords and multi-factor authentication (TOTP) secrets are handled by AWS Cognito and are never stored by TripAlta. We also record the date you accepted our Terms and Privacy Policy.
Marketing Attribution & Referrals
Acquisition data captured at sign-up, including UTM parameters (source, medium, campaign, content, term), referral codes, and referral invitation tokens. If you invite others (trip collaborators or referrals), we process the email addresses you provide for those people.
Booking & Reservation Data
Flight passenger details (legal name, date of birth, gender, nationality, email, phone, and — for international flights — passport or national ID number, expiry, and issuing country, plus optional frequent-flyer / Known Traveler / Redress numbers and emergency-contact details you supply); hotel guest information (name, email, phone, guest nationality, special requests, child age); activity booking details (booker/traveler names, contact details, and answers to booking questions); eSIM order details (recipient email, including any gift-recipient email you provide), including plan-included eSIM benefits.
Saved Traveler Profile
If you save a traveler profile to speed up checkout, we store legal name, date of birth, gender, nationality, residence country, Known Traveler Number (KTN), Redress Number, and emergency-contact name, relationship, phone, and email. The emergency contact is another person’s personal data that you provide to us.
Trip Data
Trip destinations, origin, dates, traveler counts, itineraries, places, activities, notes, checklists (including assignees), route options, and trip preferences (travel style, interests, accommodation preferences, accessibility requirements, dietary restrictions). Accessibility and dietary fields are optional and may reveal information about health or beliefs; you choose whether to provide them.
Budget & Expense Data
Budget amounts, currency, expense records, spending categories, payment methods, receipt photos, and expense-splitting and settlement information shared with the collaborators on a trip (the number of collaborators allowed depends on your subscription plan). Receipt images you upload may be sent to our AI provider (Google Gemini) for automated field extraction.
Collaboration & Social Data
Collaborator invitations, user roles (Owner, Editor, Viewer), collaboration activity, presence indicators, comments, mentions, messages, polls, public share links, follows, friend requests, blocks, and travel-history ("travel passport") records of countries and cities you have visited. Abuse reports you submit are also stored.
Photo & Media
Trip photos, images uploaded to activities, receipt photos, and profile pictures (upload size, photo-count, and storage limits depend on the upload type and your plan). Photos may include embedded EXIF metadata such as GPS coordinates, the date the photo was taken, and camera make/model, which we may read and store alongside the image. Files are stored in AWS S3 and served via expiring presigned URLs.
AI Conversation Data
Trip-planning dialogues with the AI assistant, chat history, attachments and documents you upload, AI-generated recommendations, extracted fields, and conversation context. Your messages and trip context are sent to our AI providers (Google Gemini and/or OpenAI) for processing, and the conversation content is stored in our database. Imported booking/receipt documents are processed by the AI; raw uploaded files are not retained and extracted metadata is kept for a limited period (around 14 days) unless you choose to save it.
AI Usage & Billing Data
Ask Alta message counts, model usage statistics, token consumption metrics, cost telemetry, and feature utilization associated with your account. Message counts are used for plan allowance enforcement; token and cost metrics are used for observability, service optimization, and capacity planning.
Location Data
Destination and activity locations, places to visit, and coordinates used for trip planning (processed via Google Places, Routes, and Maps). With your explicit device permission, precise GPS coordinates from your browser or mobile device may be attached to AI chat requests and nearest-airport lookups (and may be sent to our AI and Google providers for those features). When precise location is unavailable or denied, we infer an approximate (city-level) location from your IP address using third-party services (ipwho.is and freeipapi.com); your IP address is disclosed to those services by the lookup request itself. Mobile camera, photo-library, and location OS permissions are requested only for the features that use them.
Notification & Communication Data
Email notification preferences, in-app notification settings, push-notification device tokens, communication history, support tickets, and feedback. Transactional emails (verification, password reset, booking confirmations, trip alerts) and, where you have opted in, onboarding and marketing emails are sent via SparkPost. Marketing and newsletter emails are off by default and require opt-in; SparkPost open and click tracking is enabled on the emails we send. Push notifications are delivered through Expo and onward via Apple (APNs) and Google (FCM).
Affiliate & Referral Tracking
When you click certain outbound booking links (for example car rentals, flight comparison, or travel insurance partners), we and our affiliate networks may record the click and attach attribution parameters so partners can credit any resulting purchase. Your search parameters (such as origin, destination, and dates) may be included in the outbound link, and the partner network may set its own tracking cookies after you leave TripAlta. TripAlta may earn a commission on these referrals.
Security, Device & Diagnostic Data
IP address, user-agent, browser and operating-system details, a hashed device fingerprint (used to detect new-device logins and limit abuse), CAPTCHA challenge signals, rate-limiting and account-lockout state, server logs, and application error/diagnostic reports. Error reports are scrubbed of obvious personal data before being sent to our error-monitoring provider (Sentry), but stack traces and device metadata may still constitute personal data. CAPTCHA and bot-protection signals on login/registration/feedback are processed by Cloudflare (Turnstile).
Product Analytics
Page views, feature interactions, approximate IP-derived location, device/browser metadata, and performance metrics collected via PostHog. On the web, analytics are off by default and gated by your cookie-consent choice; on mobile, analytics require opt-in. When you have consented and are signed in, your user ID, email, and name may be associated with analytics events so we can understand product usage. Some server-side events (for example booking/revenue events) are recorded keyed to your account identifier independently of the browser cookie banner. Optional session replay, if enabled, masks input fields. PostHog processes this data in the United States.
Information We Do NOT Store
- • Full payment card numbers: Card data is entered directly into our PCI-DSS compliant payment partners (Stripe for subscriptions and eSIMs; Duffel for flights; LiteAPI’s hosted payment component for stays; Viator for activities). TripAlta never sees or stores your full card number.
- • Passwords or MFA secrets: These are held by AWS Cognito, not by TripAlta.
- • Precise real-time location without your explicit device permission.
- • Audio recordings (the mobile app does not request microphone access).
How We Use Data
Your data powers your travel planning: generating itineraries, personalising recommendations, processing bookings, and improving Alta over time. We never sell your personal travel data.
Service Delivery
- • AI-powered trip generation and personalized recommendations
- • Creating and managing your trip itineraries
- • Processing flight, stay, activity and eSIM bookings
- • Budget tracking and expense management
- • Enabling collaboration and sharing features
- • Photo organization and storage
- • Customer support and account management
- • Sending service-related notifications and updates
Security & Improvement
- • Platform optimization and feature development
- • Security monitoring and fraud prevention
- • Bot and abuse mitigation
- • Analytics for service enhancement (where you have consented)
- • Bug fixes and performance optimization
- • Understanding how users find and use the Service
Legal Basis for Processing (GDPR)
Where GDPR applies, we process your personal data on the following legal bases:
- • Contract Performance: To provide the services you request (trip planning, bookings, itinerary management).
- • Legitimate Interests: For service improvement, security, and fraud prevention.
- • Legal Compliance: To comply with applicable laws and tax/accounting obligations.
- • Consent: Where you provide explicit consent (e.g., analytics, marketing communications, optional AI personalization, precise location).
Data Sharing
We share data only with the partners needed to deliver your trip — flights, stays, activities, and payments — and with service providers bound by strict confidentiality. We never sell your information.
With Your Direction
- • Collaborators: When you invite others to a trip, they can see trip details, activities, budget (if shared), and notes based on their role (Owner, Editor, or Viewer).
- • Public Trips & Share Links: If you make a trip public or create a share link, anyone with the link can view it.
- • Invitations & Referrals: When you invite collaborators or refer friends, we use the email addresses you provide to send your invitations.
Service Providers & Sub-processors
We share data with the third-party processors below to operate the Service. Each operates under its own privacy policy, and we share only the data needed for the stated purpose.
Subscription billing, eSIM payments, and eligible refunds where TripAlta is merchant of record. Stripe receives your email and a customer/user identifier; card data for Stripe-powered payments is entered directly into Stripe. TripAlta never stores your full card number.
Data shared: Email, Billing/subscription details, Card data (entered directly into Stripe)
Flight search, booking, and payment processing. Duffel receives passenger identity and contact data and passes relevant details onward to airlines; card data for flights is handled directly by Duffel Payments.
Data shared: Passenger name, Date of birth, Gender, Nationality, Email, Phone, Passport / ID info (international flights), Loyalty / frequent-flyer numbers (if provided)
Hotel search and booking. Guest details are shared with Nuitee and the booked hotel. Card payment for hotels is processed within LiteAPI’s hosted payment component (its own payment processor), not by Stripe.
Data shared: Guest name, Email, Phone, Guest nationality, Special requests
Activity and tour booking and fulfillment. Booking details are shared with Viator and the local operator. Viator anonymizes stored booker PII after approximately one year.
Data shared: Traveler name, Email, Phone, Booking question answers
eSIM package purchase and activation for international data connectivity. Airalo receives the recipient email for delivery (including any gift-recipient email you provide).
Data shared: Recipient email, Device / eSIM provisioning data, Destination countries
Real-time flight status and tracking for booked flights. Receives flight identifiers and dates — no passenger identity data.
Data shared: Flight numbers, Travel dates
Visa and entry-requirement lookups based on your nationality and destination. Visa information is provided for general guidance only.
Data shared: Nationality, Destination countries, Travel dates
Outbound booking links for partners such as car rentals, flight comparison, and travel insurance are routed through affiliate networks (including Awin) so partners can attribute resulting purchases. After you click, the partner and its network operate under their own policies and may set their own cookies.
Data shared: Click/attribution identifiers, Search parameters embedded in the link
An embedded airport-transfer booking widget loaded from WelcomePickups. Information you enter into the widget (such as pickup location, flight, and contact details) is collected directly by WelcomePickups under its own privacy policy.
Data shared: Pickup details, Flight details, Contact details (entered into the widget)
AI-powered trip planning, recommendations, and receipt/document extraction. Receives your trip preferences, planning queries, conversation context, and any receipt or document images you submit for extraction.
Data shared: Trip preferences, Planning queries, Conversation context, Receipt / document images (when uploaded)
AI-powered content generation and recommendations (used interchangeably with Google Gemini depending on configuration). Receives the same categories of trip-planning content.
Data shared: Trip preferences, Planning queries, Conversation context
User authentication and identity management, including multi-factor authentication and social login (Google, Facebook, Apple). Passwords and MFA secrets are held by Cognito, not TripAlta. If you use social login, we receive your name, email, and profile picture from the chosen provider.
Data shared: Email, Name, Authentication tokens, Social profile (if used)
Sending transactional emails (verification, password reset, booking confirmations, trip alerts) and, with your opt-in, onboarding and marketing emails. Open and click tracking are enabled on the emails we send.
Data shared: Email address, Name, Email content, Open / click events
Delivering mobile push notifications. Receives your device push token and the notification content, routed onward via Apple and Google push services.
Data shared: Device push token, Notification content
Product analytics and usage tracking. Web analytics are consent-gated; mobile analytics are opt-in. When consented and signed in, your user ID, email, name, device/browser metadata, and IP-derived location may be associated with events. Some server-side product/revenue events are captured keyed to your account ID. Data is processed in the United States.
Data shared: User ID (when consented / signed in), Email and name (when consented / signed in), Usage events, Device and browser information, IP-derived approximate location metadata
Application error and crash monitoring for web, admin, and mobile. Error payloads are scrubbed of obvious personal data before sending, but stack traces, sanitized URLs, device/browser metadata, IP addresses, and IP-derived diagnostic metadata may still be processed.
Data shared: Error / diagnostic payloads, Device and browser metadata, Sanitized URLs, IP address / IP-derived diagnostic metadata when enabled
Place search, autocomplete, geocoding, routing, and map display for trip planning. Receives location queries, coordinates, and (for embedded maps) your IP and viewport. Google’s privacy policy applies to map usage.
Data shared: Search queries, Coordinates, IP / viewport (embedded maps)
Map tiles and geocoding for certain map views. Your browser sends your IP address and the viewed coordinates to the OpenStreetMap Foundation’s servers when these maps load. Maps display "© OpenStreetMap contributors".
Data shared: IP address, Map viewport / coordinates
Destination and activity imagery. Receives destination-name search queries only — no personal data. Photographer attribution is shown where required.
Data shared: Search queries (destination names)
Approximate (city-level) location lookup from your IP address when precise device location is unavailable or denied. The lookup discloses your IP address to these third-party services.
Data shared: IP address
Web application firewall (WAF), DDoS mitigation, content delivery, and Turnstile CAPTCHA / bot protection on login, registration, and feedback. As our network edge, Cloudflare processes request data including IP addresses and device signals.
Data shared: IP address, Browser / device signals, Request data, CAPTCHA challenge signals
Hosting and storage infrastructure in the United States (us-east-1), including databases and S3 storage for your uploaded photos, receipts, and documents. Data is encrypted in transit and at rest.
Data shared: All service data (as hosting / storage sub-processor)
When you make a booking, the relevant supplier (and, for flights and stays, the airline or property) receives the details needed to fulfill your reservation and applies its own terms and privacy policy.
Legal Requirements
We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety, or that of our users or others.
We Do NOT Sell Your Data
TripAlta does not sell, rent, or trade your personal information, trip data, or travel preferences to third parties for their own marketing. Note that some third-party affiliate links and analytics may constitute "sharing" under certain laws; you can limit this via the cookie-consent banner and your privacy settings.
Security
Your information is encrypted in transit and at rest. We follow industry-standard security measures, though no system can be guaranteed perfectly secure.
Security Measures
- • Encryption: Data is encrypted in transit using TLS and at rest using AES-256. We do not provide end-to-end encryption.
- • Access Controls: Role-based access controls and authentication requirements.
- • Secure Infrastructure: Hosted on AWS (United States) with a Cloudflare security edge.
- • Authentication: Credentials and optional multi-factor authentication managed by AWS Cognito.
- • Monitoring: Security monitoring, error tracking, rate limiting, and new-device login detection.
Your Role in Security
- • Use a strong, unique password and enable MFA.
- • Don’t share your account credentials.
- • Be careful when sharing trips publicly or with collaborators.
- • Log out from shared devices.
- • Report any suspicious activity immediately.
Data Breach Notification
No method of transmission or storage is perfectly secure. In the event of a data breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law (under GDPR, generally without undue delay and within 72 hours where feasible), and provide information about what was affected and steps you can take.
Your Rights
You can access, correct, export, or delete your information through your account tools or by contacting us. You stay in control of your data. Depending on your location, you have certain rights regarding your personal data:
Access Your Data
Request a copy of the personal data we hold about you. Self-service export currently covers your core account data; trip, booking, payment, and AI data can be requested and is provided where available.
How to exercise: Use Export Data in Account Settings, or email privacy@tripalta.com. We aim to respond within 30 days.
Correct Information
Update or correct inaccurate personal information, trip details, or account settings.
How to exercise: Update directly in Account Settings or contact support for assistance.
Delete Your Data
Request deletion of your personal data, including trips, photos, expenses, and account information. Some records may be retained where required by law (for example, booking/tax records).
How to exercise: Delete individual trips, request account deletion from Account Settings (typed confirmation), or contact support.
Data Portability
Export your trip data in machine-readable formats. Trip PDF and ICS calendar export are available client-side; a JSON export of account data is available from settings.
How to exercise: Use Account Settings > Export Data, or the per-trip export options.
Limit Processing
Restrict how we process your personal information, including opting out of analytics, marketing, or optional AI personalization, and adjusting profile/field visibility.
How to exercise: Adjust privacy and notification settings in Account Settings, use Cookie settings, or contact support.
Opt Out of Marketing
Marketing and newsletter emails are off by default. You can unsubscribe at any time while continuing to receive essential service emails.
How to exercise: Use the unsubscribe link in any marketing email or manage preferences in Account Settings.
Object to Processing
Object to processing of your personal data for certain purposes under applicable law (such as GDPR).
How to exercise: Contact privacy@tripalta.com with your request.
Withdraw Consent
Withdraw consent for processing where consent is the legal basis (for example, analytics or optional AI personalization).
How to exercise: Update consent and privacy preferences in Account Settings or contact support.
"Do Not Sell or Share" (CCPA/CPRA)
We do not sell your personal information. To opt out of any processing that may qualify as "sharing" for cross-context behavioral advertising — such as analytics or affiliate tracking — decline non-essential cookies in Cookie settings, adjust your privacy settings, enable Global Privacy Control where available, or contact privacy@tripalta.com.
Response Time
We aim to respond to privacy requests within 30 days (or as required by applicable law). For complex requests, we may extend this period as permitted by law and will notify you.
Data Deletion
You can delete your account and associated personal data at any time from Settings. We remove or anonymise your data, subject to legal retention requirements. This includes data collected through direct registration or social login providers (Google, Facebook, Apple).
How to Delete Your Data
Option 1: Self-Service (Recommended)
- Log in to your TripAlta account
- Go to Account Settings
- Navigate to the "Privacy & Data" section
- Choose "Delete My Account"
- Type the confirmation to confirm deletion
We aim to complete deletion within 30 days of the request.
Option 2: Email Request
Email privacy@tripalta.com with the subject "Data Deletion Request" and include:
- Your registered email address
- Your full name (as registered on the account)
- Confirmation that you want your data deleted
We will process your request within 30 days and send confirmation once complete.
Social Login Users (Facebook, Google, Apple)
If you signed up using a social login provider, you can request data deletion through either method above. Additionally:
- • Facebook: Remove TripAlta from your connected apps at Facebook Settings → Apps and Websites.
- • Google: Remove access at Google Account → Security → Third-party apps
- • Apple: Manage at Apple ID → Sign-In and Security → Apps Using Apple ID
What Gets Deleted
Upon account deletion, we remove:
- • Account information and profile
- • Trips and itineraries
- • Photos and media uploads
- • Budget and expense data
- • Collaboration history
- • AI conversation history
- • Saved traveler and booking preferences
- • Notification settings
Note: Some records must be retained for legal compliance (for example, booking and tax records) for up to 7 years. Deletion currently relies in part on manual processing, so some derived records may persist briefly beyond the target window until fully removed.
Contact Us
Questions about your privacy? Reach our team at privacy@tripalta.com and we’ll respond within 30 days.
Privacy Requests
Email: privacy@tripalta.com
Response Time: We aim to respond within 30 days
For privacy questions, data access requests, or to exercise your privacy rights.
General Support
Email: support@tripalta.com
Contact Page: tripalta.com/contact-us
Best-effort email support for questions about the Service or account management.
Company Address
TripAlta, Inc.
100 Innovation Drive, Suite 200
Boston, MA 02110
United States
Your data is stored and processed in the United States and may be transferred there from your country. We use appropriate safeguards for international transfers as required by applicable law.