Back to Home

Privacy Policy

Effective Date: January 28, 2026

Last Updated: January 28, 2026

Introduction

Triv ("we," "us," "our," or "Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

Please read this Privacy Policy carefully. By creating an account or using the App, you consent to the practices described in this policy. If you do not agree with this policy, please do not access or use the App.


1. Information We Collect

We collect information that you provide directly, information collected automatically, and information from third-party sources.

1.1 Information You Provide Directly

Account Information

When you create an account, we collect:

  • Email address (required for account creation and communications)
  • Display name (optional, if you choose to provide one)
  • Authentication provider (Google or Apple)
  • Profile information from your authentication provider (name, profile picture if shared)

Travel Preferences and Activity Data

When you use the App, we collect:

  • Destination information: Cities and countries you plan to visit
  • Travel dates: Start and end dates for your trips, or flexible date preferences
  • Travel preferences:
    • Vibes and interests (Food, History, Art, Nature, Nightlife, Shopping, Adventure, Relaxation, Photography, Culture, Romantic, Family Fun)
    • Travel pace (Relaxed, Balanced, Packed)
    • Budget level (Budget, Mid-range, Luxury)
    • Group composition (Solo, Couple, Family, Friends)
  • Swipe data: Places you liked, passed, or super-liked during discovery
  • Trip itineraries: Generated day-by-day schedules, activities, and edits you make
  • Hotel preferences: Hotels you view or include in your itineraries

Payment and Subscription Information

We collect:

  • Credit balance: Number of credits in your account
  • Subscription tier: Your current plan (Explorer, Voyager, Globetrotter, Day Tripper, or Free)
  • Transaction history: Records of credits earned, spent, purchased, or refunded with timestamps and metadata

Note: We do not directly collect or store payment card information. All payment processing is handled by Apple through the App Store, and subscription management is handled by RevenueCat. Please see Section 4 for details on third-party services.

Communications

If you contact our support team, we collect:

  • Support requests and correspondence
  • Feedback and suggestions you provide
  • Bug reports and technical information

1.2 Information Collected Automatically

Device and Usage Information

When you use the App, we automatically collect:

  • Device information: Device model, operating system version, iOS version, device identifiers
  • App usage data: Features accessed, screens viewed, time spent in the App, session duration
  • Log data: App crashes, errors, performance metrics, and diagnostic information
  • Network information: Internet connection type, IP address (for security purposes)

Location Information

We collect limited location data:

  • Place coordinates: GPS coordinates (latitude/longitude) of places you swipe on or add to itineraries
  • Destination locations: Geographic coordinates of destinations you plan to visit
  • Hotel locations: Coordinates of hotels included in itineraries

We do NOT collect:

  • Real-time GPS tracking of your current location
  • Background location data when the App is not in use
  • Continuous location monitoring

All location data is limited to places you explicitly interact with (e.g., attractions in your itinerary) sourced from Google Places API.

Analytics and Performance Data

Important: Firebase Analytics is explicitly disabled in our App configuration. We do not use:

  • Google Analytics
  • Firebase Analytics tracking
  • Third-party behavioral analytics tools
  • Advertising networks or tracking pixels

We only collect minimal performance and crash data necessary to maintain App functionality and diagnose technical issues.

1.3 Information from Third-Party Sources

Authentication Providers

When you sign in with Google or Apple, we receive:

  • Email address
  • Full name (if shared by the provider)
  • Profile picture URL (if shared by the provider)
  • Unique provider ID

For Apple Sign-In, users may choose to hide their email, in which case we receive a private relay email (e.g., apple_[random]@privaterelay.appleid.com).

Google Places API

We receive place information from Google Places, including:

  • Place names, addresses, and formatted addresses
  • Place photos and photo references
  • Ratings, review counts, and price levels
  • Opening hours and place categories
  • GPS coordinates
  • Popularity and user engagement data

This information is used solely to power the discovery and itinerary generation features.

AI Service Providers (OpenRouter/Google Gemini)

When you generate an itinerary, we send the following to OpenRouter (which uses Google Gemini AI):

  • Your travel preferences (dates, vibes, pace, budget, group type)
  • Place names and IDs of locations you liked or super-liked
  • Destination information

The AI service returns a generated itinerary, which we store in your account.


2. How We Use Your Information

We use the collected information for the following purposes:

2.1 To Provide and Maintain the Service

  • Create and manage your account
  • Authenticate your identity and prevent unauthorized access
  • Process and track your credits and subscriptions
  • Generate personalized AI-powered itineraries based on your preferences
  • Save and sync your trips across sessions
  • Display place information, photos, and maps
  • Provide customer support and respond to your inquiries

2.2 To Improve and Personalize the App

  • Understand how users interact with the App and which features are most popular
  • Optimize itinerary generation algorithms
  • Improve place recommendations based on aggregated user preferences
  • Test new features and functionality
  • Debug and fix technical issues

2.3 To Communicate with You

  • Send transactional emails (account creation, password resets, purchase confirmations)
  • Notify you of changes to our Terms of Service or Privacy Policy
  • Respond to support requests and feedback
  • Send important service announcements (if necessary)

We do NOT:

  • Send marketing or promotional emails unless you explicitly opt in
  • Share your email with advertisers or marketers
  • Use your data for behavioral advertising

2.4 For Security and Fraud Prevention

  • Detect and prevent fraudulent transactions and abuse
  • Monitor for unauthorized access or account takeover attempts
  • Enforce our Terms of Service
  • Comply with legal obligations and protect our legal rights

2.5 For Analytics and Business Intelligence

  • Generate aggregated, anonymized statistics about App usage
  • Analyze trends in travel preferences and destination popularity
  • Measure credit usage and subscription conversion rates
  • Improve AI model performance through aggregated feedback

All analytics are performed on anonymized or aggregated data and cannot be used to identify individual users.

2.6 Legal and Compliance Purposes

  • Comply with applicable laws, regulations, and legal processes
  • Respond to lawful requests from government authorities and law enforcement
  • Protect the rights, property, and safety of Triv, our users, and the public
  • Enforce our agreements and policies

3. How We Share Your Information

We do not sell your personal data to third parties. We only share your information in the following circumstances:

3.1 With Third-Party Service Providers

We share information with trusted service providers who perform services on our behalf, including:

Firebase / Google Cloud Platform

  • Purpose: Authentication, data storage, and hosting
  • Data Shared: Email, authentication tokens, trip data, user preferences, swipe history
  • Privacy Policy: https://policies.google.com/privacy

Google Places API

  • Purpose: Place information, photos, maps, and location data
  • Data Shared: Search queries based on your preferences, place IDs, coordinates
  • Privacy Policy: https://policies.google.com/privacy

OpenRouter / Google Gemini AI

RevenueCat

  • Purpose: Subscription and in-app purchase management
  • Data Shared: Firebase User ID, subscription status, entitlements, purchase transactions
  • Privacy Policy: https://www.revenuecat.com/privacy

Apple App Store

  • Purpose: Payment processing for subscriptions and in-app purchases
  • Data Shared: Apple ID, payment information (processed directly by Apple, not shared with us)
  • Privacy Policy: https://www.apple.com/legal/privacy/

All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.

3.2 For Legal Reasons

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders, warrants)
  • Requests from government authorities or law enforcement
  • Situations involving potential threats to public safety
  • Protection of our legal rights, property, or safety
  • Enforcement of our Terms of Service or investigation of violations

3.3 Business Transfers

If Triv is involved in a merger, acquisition, bankruptcy, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in the App of any change in ownership or use of your personal information.

3.4 With Your Consent

We may share your information with third parties when you explicitly consent or direct us to do so.

3.5 Aggregated or Anonymized Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you, such as:

  • General statistics about popular destinations
  • Aggregated travel preference trends
  • Anonymized usage analytics

4. Data Retention

4.1 Active Accounts

We retain your personal information for as long as your account is active or as needed to provide you services. Specifically:

  • Account information: Retained while your account exists
  • Trip data: Retained indefinitely while your account is active
  • Swipe history: Retained to improve recommendations
  • Transaction history: Retained for at least 7 years for financial and legal compliance

4.2 Account Deletion

When you delete your account:

  • We will delete or anonymize your personal information within 30 days
  • Some information may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention, resolving disputes, enforcing agreements)
  • Aggregated or anonymized data may be retained indefinitely

To delete your account, go to the Profile section in the App and select "Delete Account."

4.3 Backup Retention

Deleted information may remain in backup systems for up to 90 days after deletion, after which backups are purged.


5. Data Security

5.1 Security Measures

We implement industry-standard security measures to protect your information, including:

  • Encryption: Data transmitted between your device and our servers is encrypted using TLS/SSL
  • Firestore Security Rules: Database rules restrict access so users can only read/write their own data
  • Authentication: Firebase Authentication with OAuth 2.0 for secure identity verification
  • Access Controls: Limited employee access to personal data on a need-to-know basis
  • Regular Security Audits: Periodic review of our security practices and third-party services

5.2 Your Responsibility

You are responsible for:

  • Keeping your authentication credentials (Google/Apple account) secure
  • Using a strong password for your authentication provider accounts
  • Notifying us immediately of any unauthorized access to your account
  • Logging out of shared devices

5.3 No Guarantee

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security and are not liable for security breaches beyond our reasonable control.


6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You have the right to:

  • Access the personal information we hold about you
  • Request a copy of your data in a portable format (e.g., JSON)

To request access, email support@hiretech.agency with "Data Access Request" in the subject line.

6.2 Correction

You can update your account information directly in the App. If you need assistance correcting inaccurate data, contact support@hiretech.agency.

6.3 Deletion

You have the right to request deletion of your personal information. You can delete your account directly in the App:

  1. Go to Profile
  2. Select "Delete Account"
  3. Confirm deletion

Alternatively, email support@hiretech.agency with "Account Deletion Request."

6.4 Opt-Out of Communications

You can opt out of promotional emails by:

  • Clicking "Unsubscribe" in any marketing email (if applicable)
  • Adjusting notification settings in the App
  • Contacting support@hiretech.agency

Note: You cannot opt out of transactional emails (e.g., purchase confirmations, Terms updates) as they are necessary for the service.

6.5 Objection and Restriction

You may object to or request restriction of certain data processing activities. Email support@hiretech.agency to exercise this right.

6.6 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request details about the categories and specific pieces of personal information we collect, use, disclose, and sell (we do not sell personal information).

Right to Delete: You can request deletion of your personal information, subject to certain exceptions.

Right to Opt-Out: You can opt out of the "sale" of personal information (we do not sell your data).

Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your CCPA rights, email support@hiretech.agency. We will verify your identity before processing requests.

6.7 European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Legal Bases for Processing:

  • Contract: To provide the service you requested
  • Consent: When you explicitly agree (e.g., for AI data processing)
  • Legitimate Interests: To improve our service, prevent fraud, and ensure security

Additional Rights:

  • Right to withdraw consent at any time
  • Right to lodge a complaint with your data protection authority

To exercise your GDPR rights, email support@hiretech.agency

6.8 Children's Privacy

Triv is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If we learn we have collected information from a child under 13, we will delete it promptly.

If you are between 13 and 18 (or the age of majority in your jurisdiction), you must have parental consent to use the App.

Parents who believe we may have collected information from a child under 13 should contact support@hiretech.agency immediately.


7. International Data Transfers

7.1 Data Storage Location

Triv is operated in the United States. Your information is stored on servers located in:

  • United States: Firebase/Google Cloud (region: nam5)
  • Global: RevenueCat servers, Google Cloud infrastructure

If you access the App from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate.

7.2 Data Transfer Mechanisms

For users in the EEA, UK, or Switzerland:

  • Data transfers rely on Standard Contractual Clauses (SCCs) approved by the European Commission
  • Our service providers (Google, Firebase, RevenueCat) comply with GDPR requirements
  • We ensure appropriate safeguards are in place for international transfers

By using the App, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.


8. Third-Party Links and Services

8.1 Third-Party Content

The App may display information about third-party establishments (hotels, restaurants, attractions) sourced from Google Places. We are not responsible for:

  • The accuracy or completeness of third-party information
  • The privacy practices of third-party businesses
  • Content or services provided by third parties

8.2 External Links

The App may contain links to third-party websites or services (e.g., hotel booking sites, attraction websites). We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

8.3 Social Media

If we offer social media features in the future (e.g., sharing trips on Instagram), your interactions with those features are governed by the privacy policies of the respective social media platforms.


9. Cookies and Tracking Technologies

9.1 What We Use

The App uses minimal tracking technologies:

  • UserDefaults: Local device storage for caching trip data and user preferences
  • Firebase Session Tokens: To maintain your authenticated session
  • Firestore Listeners: Real-time data synchronization

9.2 What We Do NOT Use

We explicitly do NOT use:

  • Cookies (the App is not web-based)
  • Advertising cookies or pixels
  • Cross-site tracking
  • Third-party analytics trackers (Firebase Analytics is disabled)
  • Behavioral profiling for advertising

9.3 Do Not Track Signals

Since the App is not web-based and does not use behavioral tracking, "Do Not Track" signals are not applicable.


10. AI and Automated Decision-Making

10.1 AI-Powered Itinerary Generation

We use Google Gemini 2.5 Flash AI (via OpenRouter) to generate personalized travel itineraries. This process involves:

  • Analyzing your travel preferences and swipe data
  • Generating day-by-day activity recommendations
  • Optimizing routes and timing based on location data

The AI model processes your data temporarily to generate itineraries. OpenRouter and Google may use aggregated, anonymized data to improve their AI models, subject to their privacy policies.

10.2 No High-Stakes Automated Decisions

We do not use AI or automated decision-making for high-stakes purposes such as:

  • Determining credit eligibility
  • Employment decisions
  • Legal judgments
  • Medical advice

Itinerary generation is a convenience feature. You have full control to review, edit, or reject AI-generated suggestions.


11. Changes to This Privacy Policy

11.1 Right to Modify

We reserve the right to modify this Privacy Policy at any time to reflect:

  • Changes in our data practices
  • New features or functionality
  • Legal or regulatory requirements
  • Feedback from users

11.2 Notification of Changes

If we make material changes, we will notify you by:

  • Updating the "Last Updated" date at the top of this policy
  • Posting a notice in the App
  • Sending an email to your registered email address (for significant changes)
  • Displaying an in-app notification upon your next login

11.3 Continued Use

Your continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, please stop using the App and delete your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.


12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Triv Privacy Team

Email: support@hiretech.agency

Support Email: support@hiretech.agency

General Inquiries: support@hiretech.agency

Data Protection Officer (for GDPR inquiries): Email: support@hiretech.agency

Response Time: We aim to respond to all privacy inquiries within 30 days. For GDPR and CCPA requests, we will respond within the legally required timeframes (30 days for GDPR, 45 days for CCPA, with possible extensions).


13. Additional Information for Specific Jurisdictions

13.1 California Residents

Shine the Light Law: California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

CCPA Summary:

  • Categories of Data Collected: Identifiers, commercial information, internet activity, geolocation data, inferences
  • Sources: Directly from you, automatically from device, from third-party APIs
  • Business Purposes: Providing services, personalization, security, analytics, legal compliance
  • Third Parties: Firebase, Google, RevenueCat, Apple (see Section 3.1)
  • Sale of Data: We do NOT sell personal information

13.2 Nevada Residents

Nevada residents have the right to opt out of the sale of certain covered information. We do not sell personal information as defined under Nevada law. If you have questions, email support@hiretech.agency.

13.3 European Economic Area (EEA), UK, and Switzerland

Data Controller: Triv, Inc. is the data controller for your personal information.

Legal Bases:

  • Performance of contract with you
  • Your consent (which you can withdraw anytime)
  • Legitimate interests (service improvement, fraud prevention, security)

Data Protection Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

Data Transfer: We rely on Standard Contractual Clauses for transfers outside the EEA/UK.

13.4 Brazil Residents (LGPD)

If you are in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD):

  • Right to confirmation of data processing
  • Right to access your data
  • Right to correct incomplete or inaccurate data
  • Right to anonymization, blocking, or deletion
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Contact support@hiretech.agency to exercise your LGPD rights.


14. Data Processing Addendum (For Business Users)

If you use Triv for business purposes (e.g., travel agencies, corporate travel planners), we may enter into a Data Processing Addendum (DPA) upon request. Contact support@hiretech.agency for DPA inquiries.


15. Summary of Key Privacy Practices

To make this policy easier to understand, here's a quick summary:

What We DoWhat We DON'T Do
✓ Use AI to create personalized itineraries✗ Sell your data to advertisers
✓ Store your trips securely in the cloud✗ Track your real-time location
✓ Encrypt data in transit and at rest✗ Use behavioral advertising
✓ Let you delete your account anytime✗ Share your trips with other users
✓ Work with trusted service providers (Google, Apple)✗ Use Firebase Analytics or tracking pixels
✓ Keep your trip data private (only you can see it)✗ Send spam or promotional emails
✓ Give you control over your data✗ Make automated high-stakes decisions about you

BY USING TRIV, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THIS PRIVACY POLICY.

Last Updated: January 28, 2026