TripMigo — Privacy Policy

1. Who We Are

This Privacy Policy explains how TripMigo (“the App”) collects, uses, and shares information about you. The data controller is JordanMeir. If you have questions, contact support@jordanmeir.com.

Use of the App is also subject to our Terms of Use.

2. Information We Collect

• Account Info: name, email, authentication identifiers (e.g., Firebase), and settings (language, units).
• Usage Data: feature interactions, app events, session duration, in-app purchases/subscriptions.
• Device Data: device model, OS version, app version, crash logs, diagnostics, and approximate region/locale.
• Location Data: if you grant permission, we may use device location to improve suggestions (e.g., nearby places). You can disable this in your device settings at any time.
• Content You Provide: text and images you submit to chat with “Migo,” saved places, notes, and itinerary items.
• Cookies/Identifiers: mobile identifiers (IDFA/AAID), Firebase/analytics identifiers, and similar technologies for analytics and features.

3. How We Use Information

• Provide, maintain, and improve the App and its features.
• Personalize content (e.g., itineraries, suggestions) and remember your preferences.
• Operate AI features (chat, summaries, recommendations).
• Process purchases and manage subscriptions.
• Monitor performance, debug issues, prevent abuse and fraud, and ensure security.
• Communicate with you about updates, support, and important changes.
• Comply with legal obligations and enforce the Terms of Use.

4. Legal Bases (GDPR)

If you are in the EEA/UK, we process personal data on these bases:

• Performance of a contract: to provide the App and requested features.
• Legitimate interests: to improve the App, secure it, prevent fraud, and understand usage (balanced against your rights).
• Consent: for optional features (e.g., precise location, certain analytics/marketing), which you can withdraw at any time.
• Legal obligation: to comply with applicable laws and requests from authorities.

5. Sharing & Disclosures

• Service Providers: we share data with vendors that help us run the App (hosting, analytics, support, payments). They are bound by contractual obligations and may only use data to provide services to us.
• Third-Party Integrations: when you use features powered by external providers (see Section 6), data necessary for those features is sent to them.
• Legal & Safety: we may share information to comply with law, enforce our terms, or protect rights, safety, and property of users and the public.
• Business Transfers: in a merger, acquisition, or asset sale, your information may be transferred to the successor, subject to this Policy.
• With Your Direction: we share data when you ask us to (e.g., deep-linking to booking sites).

6. AI/Third-Party Providers

Some features rely on external services and involve sending your inputs (and sometimes context) to those services to generate results:

• OpenAI/ChatGPT API: processes prompts, text, and images to generate conversational responses and recommendations.
• Google Places/Maps/Photos: provides place search, details, photos, and maps tiles.
• Firebase: authentication, cloud storage, analytics, crash reporting, and device messaging.

Important: AI outputs and third-party place data may be inaccurate or out of date. Verify critical information (hours, closures, safety, visas, road conditions) before acting.

We do not sell your personal information. We do not permit third-party service providers to use your personal data for their own marketing.

7. Cookies & Tracking

The mobile App uses device identifiers and SDKs (e.g., Firebase Analytics/Crashlytics) to understand usage and improve reliability. On the web (if/when available), we may use cookies for essential functionality, analytics, and preferences. You can manage cookies/identifiers via your browser or device settings; disabling some may impact features.

8. Data Retention

We retain personal data only as long as necessary to provide the App, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type (e.g., account data is kept while your account is active; analytics logs are kept for a shorter period where feasible). We delete or de-identify data when it is no longer needed.

9. International Transfers

We may process and store information in countries outside your own (e.g., the United States, EU/EEA, Israel). Where required, we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses, and take steps to protect your data in accordance with this Policy.

10. Security

We use administrative, technical, and organizational measures designed to protect personal data (e.g., encryption in transit, access controls). However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Your Rights

• Access, correction, deletion: you can request a copy of your data, ask to correct inaccuracies, or request deletion (subject to legal exceptions).
• Portability: request a machine-readable copy of certain data you provided.
• Restrict/opt-out: withdraw consent where processing is based on consent; opt-out of certain analytics/marketing where applicable.
• Objection: object to processing based on legitimate interests.
• Appeal/Complaint: if you believe we have not handled your request properly, you may complain to your local data protection authority.

To exercise your rights, contact support@jordanmeir.com. We may need to verify your identity.

California residents: we do not sell or share personal information as defined by the CCPA. You may submit a rights request using the contact above.

12. Children

The App is intended for users 18+. Users aged 13–17 may use the App only with verifiable consent and supervision of a parent or legal guardian. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided data, contact us and we will take appropriate steps to delete it.

13. Third-Party Links

The App may link to third-party websites or services (e.g., booking sites). We are not responsible for their privacy practices or content. Review their policies before providing personal information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice (e.g., in-app or by email). The “Effective Date” above reflects the latest version.

15. Contact

Questions or requests about this Policy:
Email: support@jordanmeir.com
Data Controller: JordanMeir