Privacy Policy

What we collect

• Account — your email address and password (stored securely, hashed).
• Trip data you add — destinations, dates, bookings, documents, photos, notes, travellers and anything you type or upload.
• Payments — handled entirely by Stripe. We receive a payment confirmation and a customer reference, but never your card number.
• Basic usage & device info — to keep the app working and secure.

How we use it

• To run the app — show your trips, sync across your devices, and share trips with people you invite.
• To provide Plus features (the AI assistant, scanning) — which means sending the relevant trip text or file to our processors to generate a result.
• To take payment and manage your subscription.
• To keep the service safe and meet our legal obligations.

Who we share it with (processors)

We don't sell your data. We use trusted providers to run HolidayPal:

• Supabase — database, login and file storage.
• Stripe — payments.
• Anthropic (Claude) — the AI assistant and booking scanning.
• Google — places & maps for the "nearby" feature.
• Vercel — hosting.

Some processors may handle data outside the UK/EU under appropriate safeguards.

Keeping it

We keep your data while your account is active. Delete a trip or your account and we remove the associated data, except where we must keep records (e.g. payment records for tax).

Your rights

Under UK GDPR you can access, correct, delete or export your data, and object to certain processing. To exercise any right, email support@holidaypal.travel. You can also complain to the UK Information Commissioner's Office (ICO).

Cookies

We use only the cookies needed to keep you signed in and the app working. We don't use advertising cookies.