Privacy Policy

1. Data controller

The data controller responsible for your personal data is Coplango B.V., Posthoornstraat 11, 3011 WD Rotterdam, The Netherlands, registered with the Dutch Chamber of Commerce (KVK) under number 42010520. You can reach us regarding any privacy matter by email at hello@coplango.com.

2. What data we collect

Trippers collects only the personal data needed to plan, save, and synchronize your trips. The data we process depends on which features you use.

Account information. When you create an account we store an email address (if you sign up with email and password) or an Apple-issued user identifier and optional private-relay email (if you choose Sign in with Apple). Apple provides your real name only on the first sign-in, which we store with your profile.

Profile information you provide. Name, handle, profile emoji, optional bio, home city, preferred travel styles, budget tier, and dietary or food preferences you choose to enter.

Trip data you create. Destinations, dates, traveling companions you add, itineraries, activities, packing checklists, budget categories and amounts, free-form notes, and destinations you bookmark from the Explore tab.

Notification data. Your in-app notification preferences and quiet-hours settings, the list of in-app notifications we have shown you (and their read/unread state), and — only if you opt in to push notifications — the Apple-issued device push token for your iPhone.

Subscription state. Whether you have an active Trippers Pro subscription, the product purchased, and the renewal or cancellation state. This is managed by our subscription processor (RevenueCat) and keyed by an anonymous identifier we generate.

Device and diagnostic information. iOS version, device model, app version, and anonymous identifiers used for analytics and crash reporting — collected only if you have not turned analytics off in Profile → Privacy & security.

What we do not collect. Your contacts, photos, files, precise device location, or payment-card details. Payment is handled entirely by Apple; we never see your card. The Location services toggle inside the app is reserved for a future feature and is not used today.

3. Why we process your data

We process your data to provide the core service (plan, save, edit, and display your trips), personalize AI suggestions based on the preferences you have set, deliver notifications you have opted into, maintain your subscription state and unlock Pro features, and investigate crashes or bugs (only if analytics is enabled). We never use your data for advertising and never sell or rent it to third parties.

4. Legal basis

Our legal basis for processing your account, profile, trip, notification, and subscription data is Article 6(1)(b) GDPR (performance of a contract — providing the Trippers service to you). Diagnostic analytics, where enabled, are processed on the basis of Article 6(1)(a) GDPR (consent), which you can withdraw at any time from Profile → Privacy & security.

5. How AI trip planning works

When you ask Trippers to plan a trip, the prompt and parameters you provide (destination, dates, travel style, etc.) are sent to our backend, which forwards them to a third-party AI provider so it can generate an itinerary. The AI provider receives only what is needed to produce the response — your account email and personal identifiers are not included in the AI prompt. Generated itineraries are stored in your account and can be edited or deleted at any time.

6. How long we keep your data

We keep your data for as long as your account exists. When you delete your account (Profile → Privacy & security → Delete account) your account, profile, trips, saved destinations, notification history, and notification preferences are removed from our active databases immediately and from backups within 30 days. Anonymous aggregated analytics data (if you had it enabled) may be retained longer because it cannot be linked back to you.

7. Your rights under the GDPR

You have the right to access, rectify, erase, restrict the processing of, or port your personal data, and the right to object to processing based on legitimate interest. Most of these rights are available directly inside the app: you can view and edit your profile, trips, and preferences in the app itself, and permanently delete your account from Profile → Privacy & security. To make any other request, email us at hello@coplango.com — we will respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

8. Third-party processors

We use a small number of sub-processors under data processing agreements: Supabase (managed Postgres backend and authentication, EU region — AWS eu-west-2) stores your account, profile, trips, saved destinations, notification preferences, and inbox; RevenueCat (subscription state management) stores your Trippers Pro subscription status keyed by an anonymous identifier; Apple handles Sign in with Apple, App Store payments, and Apple Push Notification service delivery; and an AI provider, invoked via Supabase Edge Functions, generates trip itineraries from the prompts you submit. None of these processors receive data beyond what is strictly necessary for their role, and your account identifiers are never sent to the AI provider.

9. International data transfers

Our backend data (Supabase) is stored in EU data centers. RevenueCat and the AI provider may process data in the United States under appropriate safeguards (Standard Contractual Clauses or an equivalent transfer mechanism). Apple processes Sign in with Apple, payment, and APNs data per its own policy at apple.com/legal/privacy.

10. Security

We use Supabase Row Level Security so that only you can read your own data. All data is transmitted over HTTPS. We follow industry-standard practices for storing credentials and tokens, but no system is 100% secure — if you believe your account has been compromised, email us right away.

11. Children

Trippers is not directed at children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect data from them. If you believe a child has provided data to us, please email hello@coplango.com and we will delete it.

12. Changes to this policy

If we make material changes, we will update the “Last updated” date at the top and, where appropriate, notify you inside the app. Continued use of Trippers after the change means you accept the new policy.

13. Contact

Questions or concerns? Email hello@coplango.com, or write to Coplango B.V., Posthoornstraat 11, 3011 WD Rotterdam, The Netherlands.