calendar_today Last updated: April 29, 2026
Summary: We collect only what's necessary to run WiseTrip AI. We don't sell your data. We use industry-standard security. You can delete your account and data at any time.
1. Information We Collect
Information you provide directly
- Account information: name and email address when you register
- Payment information: processed securely by Paddle — we never store card details
- Travel preferences: saved trips, favourite airports, vehicle profile
- Communications: messages you send to our AI assistant
Information collected automatically
- Usage data: pages visited, features used, query counts
- IP address: used for rate limiting only — not stored long-term
- Device information: browser type and operating system for compatibility
Information from third parties
- Google: if you sign in with Google, we receive your name, email, and profile picture
2. How We Use Your Information
We use your information to:
- Provide and improve the WiseTrip AI service
- Personalise your travel planning experience
- Process payments and manage subscriptions
- Send important service notifications (account, security, billing)
- Respond to support requests
- Enforce our Terms of Service and prevent abuse
- Comply with legal obligations
We do not use your data for advertising, and we do not sell your personal information to third parties.
3. Data Storage and Security
Your data is stored in Cloudflare's D1 database infrastructure, distributed across Cloudflare's global network. We implement the following security measures:
- Passwords are hashed using PBKDF2 with 100,000 iterations — never stored in plain text
- All data transmission is encrypted using TLS 1.3
- Authentication uses signed JWT tokens with 7-day expiry
- API keys and secrets are stored as encrypted environment variables
4. Data Retention
We retain your personal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.
AI conversation history is not stored permanently — messages are processed in real-time and not retained on our servers beyond the current session.
5. Cookies and Local Storage
WiseTrip AI uses browser localStorage (not cookies) to store:
- Your session token (JWT) for authentication
- Your plan type (free/pro) for UI personalisation
- Your daily AI query count for rate limiting
- Your notification preferences
This data stays on your device and is never transmitted to third parties. You can clear it at any time by logging out or clearing your browser storage.
6. Third-Party Services
We use the following third-party services:
- Cloudflare: hosting, CDN, and database infrastructure
- Google OAuth: optional sign-in (only if you choose to use it)
- Paddle: payment processing for Pro subscriptions
- Google Gemini / DeepSeek: AI response generation (your queries are processed but not stored by us)
- OpenStreetMap / CartoDB: map tiles for route visualisation
7. Your Rights
You have the right to:
- Access: request a copy of your personal data
- Correction: update inaccurate personal information
- Deletion: request deletion of your account and data
- Portability: receive your data in a machine-readable format
- Objection: object to certain processing of your data
To exercise any of these rights, contact us at [email protected].
8. Children's Privacy
WiseTrip AI is not directed at children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of significant changes by email. Your continued use of the Service after changes constitutes acceptance of the updated policy.
10. Contact Us
For privacy-related questions or requests, contact us at [email protected].