Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Trip Planner Guru ("we", "us", "our") collects, uses, and protects your personal data when you use our service at tripplanner.guru. We are committed to processing your data in accordance with the UK GDPR and the Data Protection Act 2018.

1. Data we collect

Account information

  • Email address and display name (provided when you register or sign in via Google, Microsoft, or Apple)
  • A hashed password if you register with email and password directly
  • OAuth provider tokens used solely to verify your identity at sign-in
  • Home address and coordinates (if you choose to set a home location in your profile)

Trip and itinerary data

  • Trips, itinerary days, activities, bookings, packing lists, journal entries, and parking records you create
  • Any notes, costs, or travel documents you attach to your trips

Payment information

  • Subscription status (Free / Pro tier) and your Stripe customer ID
  • We do not store card numbers or payment details — these are handled entirely by Stripe

Usage analytics

  • Anonymised location data (city and country) derived from your IP address at the time of your visit via a server-side geolocation service
  • Browser type and the page you are viewing during a session
  • We do not store full IP addresses beyond the initial lookup

Contact form submissions

  • Name, email address, and message content when you submit a contact, feedback, or GDPR request via our contact form

2. How we use your data

Purpose Legal basis
Providing the trip planning service and your account Contract performance
Processing subscription payments via Stripe Contract performance
Sending flight departure alerts and booking reminders Contract performance / Legitimate interest
Generating AI trip summaries (Pro feature) via Anthropic Contract performance
Anonymised analytics to understand usage and improve the service Legitimate interest
Responding to contact form enquiries and GDPR requests Legal obligation / Legitimate interest

3. Third-party services

We share data with the following third parties only as necessary to operate the service:

  • Stripe — payment processing. Your payment data is subject to Stripe's Privacy Policy.
  • Google, Microsoft, Apple — optional sign-in providers. We receive only your email address and name from these services.
  • Anthropic — AI trip summary generation (Pro only). Your trip details are sent to Anthropic's API to generate a summary. See Anthropic's Privacy Policy.
  • ip-api.com — server-side IP geolocation for anonymised analytics. Your IP is queried but not stored by us.
  • OpenStreetMap / Nominatim — geocoding (converting addresses to coordinates). No personal data is sent.
  • Open-Meteo — weather forecasts. No personal data is sent.
  • OpenSky Network — flight status lookup. Only flight numbers are queried.

We do not sell your data to any third parties.

4. Data retention

  • Account and trip data — retained until you delete your account
  • Payment records — retained as required by Stripe and applicable tax/accounting law (typically 7 years)
  • Analytics session data — retained for 90 days then automatically removed
  • Contact form submissions — retained for up to 12 months then deleted

5. Your rights under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — you may request a copy of the personal data we hold about you
  • Right to erasure — you may request deletion of your account and all associated data
  • Right to rectification — you may correct inaccurate data via your profile settings
  • Right to data portability — you may request an export of your trip data
  • Right to object — you may object to processing based on legitimate interest
  • Right to restrict processing — you may request that we limit how we process your data

To exercise any of these rights, please use our contact form and select GDPR / Data Request as the subject. We will respond within 30 days in accordance with UK GDPR requirements.

6. Cookies

We use essential cookies for authentication and a preference cookie to record your cookie consent. We do not use advertising or cross-site tracking cookies. For full details see our Cookie Policy.

7. Security

We implement appropriate technical and organisational measures to protect your personal data, including HTTPS encryption in transit, hashed password storage, and access controls. However, no internet transmission is completely secure and we cannot guarantee absolute security.

8. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be indicated by an updated "Last updated" date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact us

For any privacy-related questions or to exercise your data rights, please use our contact form. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data lawfully.

Cookie Policy Terms & Conditions Contact Us Back to home
An unhandled error has occurred. Reload 🗙