Privacy Policy

Controller

Scope

TripWithMe is provided as native mobile applications (Google Play, Apple App Store), through this website, and via an API. This privacy policy applies to informational pages served under this domain, invitation links, the mobile app, and related processing.

Overview of processing

The following overview summarizes the types of data processed, the purposes of processing, and categories of data subjects.

Types of data

• Master data (e.g. name, account information).
• Contact data (e.g. email address).
• Content data (e.g. trip plans, chat messages, pinboard posts including like/dislike reactions).
• Usage data (e.g. access, interactions with features).
• Meta, communication and procedural data (e.g. IP addresses, timestamps, push tokens).
• Log data (e.g. server log files).

Categories of data subjects

• Users of the app and website.
• Recipients of invitation links.

Purposes of processing

• Provision and operation of the app, API, and website.
• Enabling collaborative trip planning and group communication.
• Sending push notifications.
• Security measures and abuse prevention.
• Communication and handling of inquiries.
• IT infrastructure.

Legal bases (GDPR)

Below is an overview of the GDPR legal bases on which we process personal data. In addition to the GDPR, national data protection rules may apply.

• Consent (Art. 6(1)(a) GDPR) — The data subject has consented to processing for one or more specific purposes (e.g. push notifications).
• Contract performance (Art. 6(1)(b) GDPR) — Processing is necessary for the performance of a contract or pre-contractual measures (e.g. registration, trip planning, chat).
• Legitimate interests (Art. 6(1)(f) GDPR) — Processing is necessary for legitimate interests, except where overridden by the interests or fundamental rights of the data subject (e.g. IT security, server logs).

National data protection rules in Germany: In addition to the GDPR, national rules apply in Germany, in particular the Federal Data Protection Act (BDSG).

Note on GDPR and Swiss FADP: These notices serve transparency under both Swiss law and the GDPR. For clarity, GDPR terminology is used.

Security measures

We implement appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, to ensure a level of security appropriate to the risk.

Measures include securing confidentiality, integrity, and availability through access control, authentication, password hashing (bcrypt), and TLS/SSL encryption (HTTPS) for data transfers.

International transfers

Where we transfer data to third countries (outside the EU/EEA) or use third-party services located in third countries, we do so in accordance with legal requirements.

For transfers to the USA, we primarily rely on the EU-US Data Privacy Framework (DPF) where the provider is certified. Standard Contractual Clauses (SCCs) may additionally apply. Further information: https://www.dataprivacyframework.gov/

Affected services may include Google (Firebase Cloud Messaging, Google Maps/Geocoding) and Pexels.

Storage and deletion

We delete personal data when the purpose ceases to apply, no further legal basis exists, or you withdraw consent, unless statutory retention obligations apply.

• Account data: Stored until you delete your account. Deletion occurs immediately after confirmed request via the in-app "Delete account" function (password confirmation required). Solo trips are deleted; for group trips ownership is transferred. Chat messages are anonymized (user association removed; content remains). Pinboard posts you created and your like/dislike reactions are deleted.
• Trip, chat, pinboard, and invitation data: Stored until the respective trip is deleted by the owner.
• Push tokens: Stored until invalidation, deactivation in the app, or account deletion.
• Server log files: Generally retained for up to 30 days and then deleted or anonymized, unless longer retention is required for evidence purposes.
• Statutory retention periods under German law (e.g. commercial and tax retention of 6–10 years) remain unaffected where applicable.

Rights of data subjects

As a data subject under the GDPR, you have in particular the following rights:

• Right to object to processing based on Art. 6(1)(e) or (f) GDPR, including objection to direct marketing.
• Right to withdraw consent at any time.
• Right of access (Art. 15 GDPR).
• Right to rectification (Art. 16 GDPR).
• Right to erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR).
• Right to data portability (Art. 20 GDPR).
• Right to lodge a complaint with a supervisory authority.

Online services and hosting

We process user data to provide our online services. For this purpose we process the user's IP address, which is necessary to deliver content to the browser.

Hosting provider: netcup GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany. Server location: European Union/EEA.

Server log files

Access to our online services is logged in server log files (e.g. pages accessed, date/time, data volume, browser/user agent, referrer, IP address). Logs are used for security and operational stability. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

Sessions: For language selection and technical website functions we use session storage (sessions database table), which may include IP address and user agent.

Cookies

We use cookies and similar technologies where technically required. We do not use analytics or marketing cookies; a cookie consent banner is therefore not required.

Only technically necessary session cookies are used (e.g. for language selection de/en and CSRF protection). These are deleted when you close your browser or the session expires.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR) or technical necessity to provide the requested service.

Embedded services

We embed Bunny Fonts (fonts.bunny.net) for typography. Your browser IP address is transmitted to the provider so fonts can be loaded. Provider: BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Privacy policy: https://bunny.net/privacy/

App and API processing

Below we describe the processing of personal data in the TripWithMe app and via our API.

Registration and login

For registration and login we process name, email address, and a hashed password (bcrypt). For API authentication, Sanctum access tokens are created. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Trips, destinations, and participants

For trip planning we store trip titles, descriptions, dates, destinations (name, coordinates, costs, schedule), cover image URLs, participant data (arrival/departure), and ratings. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Invitations

For invitation links we store tokens, expiry dates, and usage limits. When an invitation link is accessed, trip information and the inviter's name are displayed. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Chat and real-time communication

Chat messages are stored in plain text on our servers (max. 5,000 characters). Attachments (URLs), link previews (metadata fetched from URLs), read receipts, and reply references may also be stored. For real-time features (typing indicator, message push) we use Laravel Reverb (WebSockets). Chat content may be included as text excerpts in push notifications. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Pinboard (group posts)

On the trip pinboard you can store text posts (plain text, max. 10,000 characters) and optional image URLs. If your post contains URLs, our server automatically fetches them and stores link preview metadata (title, description, preview image, etc.) on the post. You can react with "like" or "dislike"; we store the reaction type plus your user ID and display name — visible to all trip participants. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Push notifications

We store FCM push tokens and platform (iOS/Android) as well as your notification preferences (board, plan, people, chat). Delivery is via Firebase Cloud Messaging (Google Ireland Limited). Push messages may contain titles, text excerpts from chat messages or pinboard posts, and metadata (e.g. trip ID, board post ID). Legal basis: Consent (Art. 6(1)(a) GDPR), which you grant and can withdraw in the app.

Google Geocoding, Places and Maps

For place search we send your search queries to the Google Geocoding API and the Google Places API (New) (including text search and nearby search). This may include search terms and location coordinates. Search queries are not permanently stored server-side. Authenticated users receive a Google Maps API key for map display in the app. Provider: Google Ireland Limited. Legal basis: Contract performance or legitimate interests (Art. 6(1)(b)/(f) GDPR). Privacy policy: https://policies.google.com/privacy

Pexels (image search)

For cover image search we send search terms to the Pexels API. The selected image URL is stored on the trip. Provider: Pexels GmbH / Canva. Legal basis: Contract performance or legitimate interests (Art. 6(1)(b)/(f) GDPR). Privacy policy: https://www.pexels.com/privacy/

Link preview

If a chat message or pinboard post contains URLs, our server fetches them to retrieve metadata (title, description, preview image, favicon, site name) and stores it on the item (in chat, optionally also on request). Up to three URLs per chat message and five per pinboard post are processed. The accessed website may see our server's IP address. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Encryption

A master encryption key per trip may be stored, provided by the app. Chat messages are stored in plain text on the server; additional client-side encryption may occur in the app. Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Media and attachments

Images, files, and cover images are not uploaded to our servers but referenced as external URLs (e.g. CDN links). Legal basis: Contract performance (Art. 6(1)(b) GDPR).

Group communication and user responsibility

When using chat and the pinboard within a trip group, you are responsible for the content you share. We provide the technical infrastructure but have no influence over the nature or content of posts.

You are responsible for not sharing sensitive personal data (e.g. passwords, payment data, health data) in chat or on the pinboard. Chat messages, pinboard posts, and reactions (including names of users who reacted) are visible to all members of the trip group.

• Chat messages and pinboard posts are stored as long as the associated trip exists.
• Leaving or being removed from a trip ends access to chat and pinboard.
• On account deletion, chat messages are anonymized (content remains visible); your pinboard posts and reactions are deleted.
• We cannot prevent other participants from taking screenshots or otherwise saving content.

No sale of data

We do not sell, rent, or trade your personal data for advertising or other commercial purposes.

Minors

Our app is intended for persons aged 16 and over. Persons under 16 require parental consent.

Changes to this privacy policy

We may update this privacy policy to reflect changes in law or our services. The current version is available on this page.

Contact

For privacy questions or to exercise your rights, contact us at:

[email protected]