1. Introduction
Tripzy ("we," "our," or "us") operates an AI-powered guest communication service for vacation rental hosts. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (tripzy.org), mobile application, and related services (collectively, the "Service").
By using our Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.
2. Information We Collect
2.1 Information You Provide Directly
Account Information: Name, email address, phone number, billing information
Property Details: Property addresses, descriptions, amenities, house rules, WiFi passwords, check-in instructions
Local Recommendations: Restaurant suggestions, activity recommendations, local services information
Payment Information: Credit card details (processed securely through Stripe)
2.2 Guest Communication Data
Messages: All conversations between your AI concierge and your guests
Response Analytics: Message frequency, response times, guest satisfaction metrics
Emergency Escalations: Urgent messages forwarded to you for immediate attention
2.3 Integration Data
Platform Connections: Data from Airbnb, VRBO, Booking.com, and other booking platforms you connect
Calendar Information: Booking dates, guest check-ins/check-outs (when integrated)
Review Data: Guest reviews and ratings related to communication (when available)
2.4 Automatically Collected Information
Usage Analytics: How you use our Service, features accessed, time spent
Device Information: IP address, browser type, operating system, device identifiers
Location Data: General location based on IP address (for local recommendations)
2.5 Third-Party Data
Google API Data: Real-time local business information, directions, operating hours
Platform Data: Information from connected booking platforms as authorized by you
3. How We Use Your Information
3.1 Primary Service Functions
AI Response Generation: Training our AI to respond accurately to guest questions
Local Recommendations: Providing real-time, location-specific suggestions to guests
Emergency Detection: Identifying urgent situations that require host intervention
Platform Integration: Connecting with your booking platforms for automated messaging
3.2 Service Improvement
AI Training: Improving response accuracy and relevance (using anonymized data)
Feature Development: Creating new features based on usage patterns
Performance Optimization: Ensuring reliable, fast service delivery
3.3 Communication and Support
Customer Support: Responding to your questions and technical issues
Service Updates: Notifying you of important changes or new features
Billing: Processing payments and sending invoices
3.4 Legal and Security
Compliance: Meeting legal obligations and regulatory requirements
Fraud Prevention: Detecting and preventing unauthorized access or misuse
Terms Enforcement: Ensuring compliance with our Terms of Service
4. Information Sharing and Disclosure
4.1 We DO NOT Sell Your Data
We never sell, rent, or trade your personal information or guest communications to third parties for marketing purposes.
4.2 Limited Sharing Scenarios
We may share information only in these specific circumstances:
Service Providers:
Secure cloud hosting (AWS, Google Cloud) for data storage and processing
Payment processing (Stripe) for billing and subscriptions
Email services (SendGrid, Mailgun) for transactional emails
Analytics providers (anonymized data only) for service improvement
Legal Requirements:
When required by law, court order, or government request
To protect our legal rights or defend against legal claims
To prevent fraud, security breaches, or illegal activities
In connection with business transfers (mergers, acquisitions)
With Your Consent:
When you explicitly authorize us to share specific information
For integrations you specifically request and authorize
4.3 Guest Data Protection
Guest messages are only accessible to you and our technical support (when you request help)
We never share guest conversations with other hosts or third parties
Guest data is automatically deleted after 90 days unless you choose longer retention
5. Data Security
5.1 Security Measures
Encryption: All data transmitted and stored using industry-standard encryption
Access Controls: Strict limits on who can access your data within our organization
Regular Audits: Ongoing security assessments and penetration testing
Secure Infrastructure: SOC 2 compliant cloud providers and security practices
5.2 Data Breach Response
In the unlikely event of a data breach affecting personal information, we will:
Notify affected users within 72 hours
Provide details about what information was involved
Explain steps we're taking to address the breach
Offer guidance on protective measures you can take
6. Your Rights and Choices
6.1 Access and Control
Account Settings: Update your profile and property information anytime
Data Export: Request a copy of your data in a machine-readable format
Data Deletion: Request deletion of your account and associated data
Communication Preferences: Control what emails you receive from us
6.2 GDPR Rights (for EU users)
Right to Access: Request information about what personal data we hold
Right to Rectification: Correct inaccurate or incomplete information
Right to Erasure: Request deletion of your personal data
Right to Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing of your data for specific purposes
Right to Restriction: Request limitation of how we process your data
6.3 California Privacy Rights (CCPA)
California residents have additional rights including:
Right to know what personal information we collect and how it's used
Right to delete personal information (with some exceptions)
Right to opt-out of sale of personal information (which we don't engage in)
Right to non-discrimination for exercising privacy rights
7. Data Retention
Account Data: Retained while your account is active
Guest Messages: Automatically deleted after 90 days (customizable up to 1 year)
Analytics Data: Anonymized usage data retained for service improvement
Billing Records: Retained for 7 years for tax and legal compliance
Deleted Accounts: All personal data deleted within 30 days of account closure
8. International Data Transfers
Our Service is operated from the United States. If you're using our Service from outside the US, your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
For EU users, we ensure adequate protection through:
Standard Contractual Clauses (SCCs) with service providers
Adequacy decisions by the European Commission where applicable
Other lawful transfer mechanisms as required by GDPR
9. Children's Privacy
Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected information from a child under 13, we will delete that information promptly.
10. Cookies and Tracking
10.1 Cookies We Use
Essential Cookies: Required for basic Service functionality
Analytics Cookies: Help us understand how users interact with our Service
Preference Cookies: Remember your settings and preferences
10.2 Third-Party Cookies
Google Analytics: Anonymous usage statistics (you can opt-out)
Stripe: Secure payment processing
Intercom: Customer support chat functionality
10.3 Cookie Control
You can control cookies through your browser settings, but note that disabling essential cookies may affect Service functionality.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or for legal compliance. When we make changes:
We'll update the "Last updated" date at the top
For significant changes, we'll notify you by email or through the Service
Continued use after changes means you accept the updated policy
Contact Information
Privacy Questions or Requests
Email: contact@tripzy.com
Response Time: Within 48 hours for most requests