Privacy Policy

Effective Date: October 2, 2025

TripForge, LLC (“TripForge,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our websites, applications, and services that link to or reference this Privacy Policy (collectively, the “Services”). By using the Services, you agree to this Privacy Policy. If you do not agree, please discontinue use.

1) Information We Collect

We collect information in the following ways:

a) Information You Provide

• Account and Profile Data (if you register): name (optional), email address, password, preferred settings, and any “Travel DNA”/preference profiles you create.
• Trip Inputs: destinations, dates, budgets, travelers, interests, accessibility needs, dietary preferences, and other trip parameters you submit for itinerary generation.
• Communications: messages you send to us (support requests, feedback, surveys) and your marketing preferences.

b) Information Collected Automatically

• Device/Log Data: IP address, device identifiers, browser type, operating system, referring/exit pages, timestamps, pages viewed, and general geolocation (derived from IP).
• Cookies & Similar Technologies: session cookies, analytics tags, and security tokens (e.g., Cloudflare Turnstile) used for authentication, analytics, performance, and security.

c) Information from Third Parties

• Service Providers: authentication (e.g., Supabase), hosting and edge/CDN (e.g., Cloudflare), storage/compute (e.g., AWS), email delivery (e.g., Postmark).
• Content & Data Integrations: venue and place data (e.g., Google Places), weather providers (where applicable), and other travel or mapping APIs used to enrich itineraries.
• Affiliate/Referral Partners: if you click an affiliate link to a booking partner, they may inform us about clicks, conversions, or commissions attributable to us.

2) How We Use Your Information

• Provide and Improve the Services: generate AI itineraries, save and sync your trips, personalize content, troubleshoot, and enhance functionality.
• Communicate with You: send transactional emails (e.g., sign-in, password reset), respond to inquiries, and (if opted in) send product updates or marketing.
• Security, Fraud, and Abuse Prevention: protect accounts, investigate suspicious activity, and enforce our Terms.
• Analytics and Research: understand usage, measure performance, and inform product decisions.
• Legal Compliance: comply with applicable laws, regulations, and lawful requests.

3) How We Share Information

We share information as described below:

• Service Providers/Processors: We use third parties to help operate the Services (e.g., Supabase for auth; Cloudflare for hosting, security, and performance; AWS for compute/storage; Postmark for email; Google Places for venue data; OpenAI or similar for AI generation). They access information only to perform services for us and under contract.
• Affiliate/Booking Partners: If you click outbound links to travel partners (e.g., flights, hotels, experiences), we may share limited data to attribute referrals. Your activity on third-party sites is governed by their policies.
• Legal & Safety: We may disclose information to comply with law, legal process, or government requests; to enforce our agreements; or to protect the rights, property, or safety of TripForge, our users, or others.
• Business Transfers: In connection with a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as permitted by law.

We do not sell your personal information.

4) Cookies and Similar Technologies

We use cookies, local storage, pixels, and similar technologies to operate the Services, keep you signed in, remember preferences, measure performance, and prevent fraud. You can manage cookies in your browser settings. Disabling certain cookies may limit functionality. We may use analytics services to better understand usage and improve performance.

5) Data Retention

• Account Data: retained while your account is active.
• Trips & Preferences: retained while your account is active or until you delete a trip.
• Logs: retained for a limited period (typically up to 12 months) for security, diagnostics, and auditing.
• Legal: we may retain information as required by law or to establish, exercise, or defend legal claims.

Account/Trip Deletion: At this time, account deletion is not self-service. To request deletion of your account and/or saved trips, contact us at support@tripforgeai.com. After verifying your identity, we will process your request within a reasonable timeframe, subject to any legal retention obligations.

6) Your Rights and Choices

Depending on your location (e.g., GDPR, CCPA/CPRA), you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. You may also have the right to opt out of certain disclosures deemed “sales” or “sharing” under local law (we do not sell personal information).

To exercise rights, contact support@tripforgeai.com. We may need to verify your identity and request additional details to process your request.

7) International Data Transfers

We operate primarily in the United States and use service providers that may process data in the U.S. and other countries. By using the Services, you understand your information may be transferred to and processed in jurisdictions with different data protection laws than your own.

8) Security

We employ administrative, technical, and physical safeguards to protect information, including encryption, access controls, and monitoring. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9) Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us personal information, contact us and we will take appropriate steps to remove it.

10) Third-Party Services and Links

Our Services may include links to third-party websites, apps, and services. Their privacy practices are governed by their own policies, not this Privacy Policy. We are not responsible for third-party content or practices.

11) AI-Generated Content

TripForge uses AI to generate itinerary suggestions. AI outputs may contain errors, may rely on third-party data, and should be independently verified. We recommend confirming times, prices, availability, and safety information before making travel decisions.

12) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Effective Date.” If changes materially affect your rights, we will provide additional notice (e.g., email or in-product message). Your continued use of the Services after changes take effect constitutes acceptance.

13) Contact Us

For privacy inquiries, data requests, or account deletion, contact:

Related documents: Terms of Use • User Agreement