Tripee Genie ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered travel planning platform.
1. Information We Collect
1.1 Personal Information
When you use Tripee Genie, we may collect the following personal information:
- Account Information: Email address, name, and profile picture (when signing in with Google)
- Traveler Profiles: Full name, date of birth, gender, nationality
- Contact Information: Email address, phone number with country code
- Passport Details: Passport number, expiry date, issuing country (for flight bookings)
- Travel Preferences: Meal preferences, seat preferences, accessibility needs
- Payment Information: Tokenized payment method details (we do NOT store actual card numbers)
1.2 Travel Planning Data
- Trip destinations, dates, and duration
- Budget and spending preferences
- Flight and hotel search queries
- Booking confirmations and PNR codes
- Travel itineraries and plans
1.3 Conversation Data
- Chat messages with our AI agents
- User queries and requests
- Agent responses and recommendations
- Conversation history for continuity
1.4 Automatically Collected Information
- Device information (browser type, operating system)
- IP address and location data (for currency and language preferences)
- Usage data (pages visited, features used, session duration)
- Cookies and similar tracking technologies
2. How We Use Your Information
We use the collected information for the following purposes:
2.1 Core Services
- AI Travel Planning: Provide personalized trip recommendations using our AI agents
- Flight & Hotel Booking: Search and book real flights and hotels via Amadeus API
- Smart Pre-filling: Auto-fill booking forms with your saved traveler profiles
- One-Click Payment: Enable quick checkout with saved payment methods
- Price Tracking: Monitor prices 24/7 and send alerts on price drops
- Travel Assistant: Send pre-trip reminders, packing lists, and emergency support
2.2 Communication
- Send booking confirmations via email
- Trip reminders and notifications
- Price drop alerts
- Customer support responses
- Service updates and important announcements
2.3 Improvement & Analytics
- Improve AI agent performance and accuracy
- Analyze usage patterns to enhance user experience
- Develop new features based on user needs
- Monitor system performance and security
3. Google Sign-In & OAuth
Tripee Genie uses Google OAuth 2.0 for secure authentication. When you sign in with Google:
- We only access basic profile information (name, email, profile picture) as permitted by Google
- We do NOT store your Google password
- We do NOT access your Gmail, Google Drive, or other Google services
- You can revoke our access anytime from your Google Account settings
- We comply with Google API Services User Data Policy
4. Third-Party Services
We use trusted third-party services to provide our features:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Firebase | Authentication | Email, name, profile picture |
| Amadeus API | Flight & hotel search/booking | Travel dates, destinations, passenger details |
| Stripe | Payment processing (global) | Payment tokens (not actual card numbers) |
| Razorpay | Payment processing (India) | Payment tokens (not actual card numbers) |
| MongoDB Atlas | Data storage | All user data (encrypted) |
| SendGrid | Email notifications | Email address, booking details |
| OpenAI | AI-powered conversations | Chat messages, travel queries |
Note: We carefully vet all third-party services and only share the minimum
necessary data. Each service has its own privacy policy that governs their use of your data.
5. Data Sharing & Disclosure
We do NOT sell, trade, or rent your personal information to third parties.
We may share your information only in these limited circumstances:
- With your consent: When you explicitly authorize us to share specific information
- Service providers: Third-party services listed above that help us operate our platform
- Legal requirements: If required by law, court order, or government request
- Business transfers: In case of merger, acquisition, or sale of assets (you will be notified)
- Safety & security: To protect rights, property, or safety of users and the public
6. Data Security
We implement industry-standard security measures:
- Encryption: All data transmitted via HTTPS/TLS encryption
- PCI Compliance: Payment data tokenized (actual card numbers never stored)
- JWT Authentication: Secure access tokens with 15-minute expiry
- Password Security: bcrypt hashing with cost factor 12
- Rate Limiting: Protection against DDoS and brute-force attacks
- Database Security: MongoDB Atlas with encryption at rest and in transit
- Regular Audits: Continuous security monitoring and vulnerability scanning
While we strive to protect your data, no method of transmission over the internet is 100% secure.
We cannot guarantee absolute security but continuously work to improve our safeguards.
7. Your Rights & Choices
You have the following rights regarding your personal data:
7.1 Access & Portability
- View all your personal data via your Profile page
- Download your data in JSON format
- Request a copy of all data we hold about you
7.2 Correction & Update
- Update your traveler profiles anytime
- Modify travel preferences and settings
- Correct any inaccurate information
7.3 Deletion
- Delete individual traveler profiles
- Remove saved payment methods
- Delete your entire account and all associated data
- Request deletion by emailing: support@tripeegenie.com
8. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data:
Email: support@tripeegenie.com
Website: https://www.tripeegenie.com
Data Protection Officer: privacy@tripeegenie.com
We aim to respond to all privacy inquiries within 48 hours.