Last updated: 5 April 2026
Overview
Trovvana ("we", "us", "our") operates the website at trovvana.com. This policy explains how we collect, use, and protect your personal information when you use our service.
Information We Collect
Account information
When you create an account, we collect your email address and, if you sign in via Google, Microsoft, or Apple, your name and profile picture from those services.
Trip and place data
When you use Trovvana, we store the trips you create, places you save, notes you write, and itineraries you build. User notes are encrypted at rest using AES-256-GCM. Place data may be enriched using the Google Places API when you paste a URL or search for a location.
AI-generated content
If you use AI features (Pro plan), your place data and notes may be sent to third-party AI services (Google Gemini and/or Anthropic Claude) to generate summaries and suggestions. We use the API versions of these services, meaning your data is not used to train their global models.
Payment information
Payments are processed by Stripe. We do not store your credit card details. Stripe's privacy policy applies to payment data.
Usage data
We use PostHog for anonymous analytics to understand how the service is used. This includes page views and feature usage, not your trip content. You can opt out via your browser's Do Not Track setting.
How We Use Your Information
- To provide the trip planning service and store your data
- To enrich place data using third-party APIs when you add places
- To generate AI summaries and suggestions (Pro plan)
- To process subscription payments
- To communicate with you about your account
- To analyse usage patterns and improve the product (using de-identified, aggregated data)
Third-Party Services
We share data with the following services, only as necessary to operate:
| Service | Purpose |
|---|---|
| Google Places API | Place data enrichment |
| Google Gemini / Anthropic Claude | AI summaries and suggestions (Pro plan) |
| Stripe | Payment processing |
| Google Cloud Platform | Infrastructure & data storage |
| Protomaps | Map tile rendering |
| PostHog | Anonymous product analytics |
| Resend | Transactional email |
| Google / Microsoft / Apple | Social sign-in (if used) |
Data Storage and Security
Application infrastructure is hosted on Google Cloud Platform in the Australia (Sydney) region. Database data is stored on CockroachDB in the Asia-Southeast (Singapore) region. We use encryption in transit (TLS) and at rest. User notes are additionally encrypted with AES-256-GCM at the application level. Access to production systems is restricted and logged.
Your Rights
You can:
- Access your trip data at any time through the app
- Export your itineraries as PDF from the app
- Request deletion of your account and all associated data by contacting us
Data Retention
We retain your account data and trip history for as long as your account is active. If you request account deletion, we will delete your data from our active databases within 30 days. Residual data may remain in secure backups for up to 90 days before being overwritten. We may retain data longer where required by law.
Children's Privacy
Our service is designed for adults planning family travel. We do not knowingly collect information from children under 13. If you use Trovvana to plan trips for your family, any information about your children that you include in trip notes is treated with the same protections as all other user data.
Changes to This Policy
We may update this policy from time to time. We will notify you of significant changes via email or a notice in the app.
Contact
For privacy questions or data requests, contact us at privacy@trovvana.com