Privacy Policy

This Privacy Policy explains how Daytrip ("Daytrip", "we", "us") collects, uses, shares, and protects information when you use daytrip-ai.com and related services (the "Service"). By using the Service, you agree to the practices described here.

Information We Collect

Information you provide. When you plan a trip, you submit a destination, travel dates, number of travelers, travel style, budget range, and (optionally) your departure city. When you create an account, we collect your email address, a hashed password, and your full name. When you contact us, we collect the name, email, and message content you submit.

Information we collect automatically. We log basic request metadata (IP address, user agent, timestamps, request path, response status) for security, fraud prevention, abuse mitigation, and service debugging. We also store session cookies to keep you signed in.

Payment information. If you purchase credits or a subscription, payment details are collected and processed by Stripe. Daytrip never stores your full card number; we store a Stripe customer ID and the metadata Stripe returns about your subscription status.

How We Use Your Information

We use your travel preferences to generate personalized itineraries using third-party large language models (currently Anthropic's Claude). We use your email to authenticate you, send transactional messages (receipts, password resets), and — only if you opt in — occasional product updates. We use aggregated, de-identified data to improve our recommendations and detect abuse. We do not sell your personal information.

Third-Party Services

We share the minimum data necessary with the following processors: Anthropic (trip inputs sent to Claude for generation), Stripe (payment processing), Supabase and Vercel Postgres (data storage and hosting), and travel partners such as Booking.com, Skyscanner, and Viator (only when you click outbound booking links). Each of these services is bound by its own privacy policy.

Cookies and Tracking

We use first-party session cookies to keep you authenticated and to remember your workspace preferences. We do not use third-party advertising cookies and do not track you across other websites. You can clear cookies at any time; doing so will sign you out of the Service.

Data Retention and Deletion

Generated itineraries are stored indefinitely so that shared links remain accessible. Account data is retained while your account is active. You can delete your account and all associated data from your account settings page, or by emailing privacy@daytrip-ai.com. We will complete deletion within 30 days, except where we are required to retain information for legal or accounting reasons (e.g., payment records).

Your Rights

Depending on where you live, you may have the right to access, correct, port, or delete the personal information we hold about you, and to object to or restrict certain processing. To exercise these rights, email privacy@daytrip-ai.com. We may request information to verify your identity before fulfilling the request.

Children

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

Security

We use industry-standard safeguards: TLS for data in transit, bcrypt-hashed passwords, role-based access controls, and periodic access review. No system is perfectly secure, but we work to maintain appropriate protections and will notify affected users of any breach involving personal information as required by law.

Changes to This Policy

We may update this Privacy Policy as the Service evolves. Material changes will be announced via the Service or email. The "Last updated" date at the top of this page reflects the most recent revision.

Contact

For privacy-related questions or requests, contact privacy@daytrip-ai.com.