Privacy Policy

Last updated: April 20, 2026

This Privacy Policy describes how TripMira, Inc. ("TripMira," "we," "us," or "our") collects, uses, and shares your personal information when you use our website, applications, and services (collectively, the "Services"), including our AI-powered travel planning tools, Cost Predictor tool, and Early Access signups.

Please read this Privacy Policy carefully. By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Services.

1. What Information We Collect

We collect minimal personal information necessary to provide our Services. We are committed to data minimization and only request what is strictly needed.

Personal Information You Provide

When you sign up for Early Access or use our Services, we may collect:

• Names — your first and/or last name, provided when you register
• Email addresses — used to communicate with you about our Services, send updates, and notify you when Early Access opens

Information We Do Not Collect

We do not collect or process any sensitive personal information, including but not limited to: social security numbers, financial account details, health information, biometric data, precise geolocation, racial or ethnic origin, religious beliefs, or sexual orientation.

Automatically Collected Information

When you access our Services, we may automatically collect limited technical information through standard web server logs. This does not include personally identifying information beyond what is described above.

2. How We Process Your Information

We process your personal information to provide, improve, and administer our Services, to communicate with you, and for security and fraud prevention. Specifically, we use your information to:

• Provide, operate, and maintain our AI-powered travel planning Services
• Send you updates about TripMira, including Early Access availability
• Respond to your inquiries and provide customer support
• Deliver personalized travel planning results through our AI tools
• Power our Cost Predictor tool with aggregated, non-personal data
• Improve and optimize our Services and user experience
• Protect against unauthorized access, fraud, and abuse
• Comply with legal obligations

3. Legal Bases for Processing

We process your personal information based on the following legal grounds:

• Consent — You have given us permission to process your information for specific purposes, such as receiving communications about our Services.
• Performance of a Contract — Processing is necessary to fulfill our obligations under our Terms of Service or other agreements with you.
• Legitimate Interests — Processing is necessary for our legitimate business interests, such as improving our Services, provided those interests do not override your fundamental rights and freedoms.
• Legal Obligations — Processing is necessary to comply with applicable laws and regulations.

Where we rely on consent as the legal basis, you have the right to withdraw your consent at any time by contacting us at privacy@tripmira.com.

4. When and With Whom We Share Your Information

We may share or transfer your personal information with the following categories of third parties:

Service Providers

• Anthropic— We use Anthropic's AI models to power our natural language processing and travel planning features. Queries you submit may be processed by Anthropic's systems to generate responses. Anthropic's use of data is governed by their own privacy policy.
• Amazon Web Services (AWS) — We use AWS for cloud hosting and infrastructure. Your data is stored on AWS servers with industry-standard security measures in place.
• Resend — We use Resend to deliver transactional and marketing emails. Your email address is shared with Resend solely for the purpose of email delivery.

Other Disclosures

We may also share your information when necessary to:

• Comply with applicable laws, regulations, or legal process
• Respond to lawful requests from public authorities
• Protect our rights, privacy, safety, or property, or that of our users or the public
• Enforce our Terms of Service or other agreements
• Facilitate a merger, acquisition, or sale of company assets (in which case you will be notified before your data is transferred)

We do not sell your personal information to third parties. We do not share your personal information with third parties for their direct marketing purposes.

5. Our Use of AI Products

TripMira uses artificial intelligence as a core component of our Services. Our AI-powered features include:

• Natural Language Processing — We use AI to understand your travel preferences and queries expressed in natural language.
• AI Search — Our AI-powered search helps you discover destinations, activities, and travel options tailored to your interests.
• Text Analysis — We use AI to analyze and summarize travel-related information to provide you with concise, relevant recommendations.

When you interact with our AI features, the text you provide may be sent to our AI service provider (Anthropic) for processing. We do not use your personal information (name, email) to train AI models. Your travel queries are processed in real-time and are not retained by our AI providers for model training purposes under our data processing agreements.

6. International Data Transfers

Our Services are hosted in the United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other jurisdictions where our service providers operate.

These countries may have data protection laws that differ from the laws of your country. By using our Services, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

Where required by applicable law, we implement appropriate safeguards for cross-border transfers, including standard contractual clauses approved by relevant authorities.

7. How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Specifically:

• Account information (name, email) is retained for as long as you maintain an account or Early Access registration with us, and for a reasonable period thereafter.
• Communications — Records of your communications with us are retained for up to 3 years for customer support and legal compliance purposes.
• AI interaction data — Travel queries processed through our AI features are not retained after the session ends, unless you explicitly save an itinerary to your account.

When your information is no longer needed, we will securely delete or anonymize it. If deletion is not immediately possible (for example, because the information is stored in backup archives), we will securely isolate it from further processing until deletion is possible.

8. How We Keep Your Information Safe

We implement commercially reasonable technical and organizational security measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption of data in transit using TLS/SSL
• Encryption of data at rest
• Access controls limiting who can access personal data
• Regular security assessments and monitoring
• Secure infrastructure hosted on AWS with industry-standard protections

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of any credentials associated with your account.

9. Information About Minors

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete that information as quickly as possible.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@tripmira.com so we can take appropriate action.

10. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information, including:

• Right to Access — You can request a copy of the personal information we hold about you.
• Right to Rectification — You can request correction of inaccurate or incomplete information.
• Right to Deletion — You can request deletion of your personal information, subject to certain exceptions.
• Right to Restrict Processing — You can request that we limit the processing of your information.
• Right to Data Portability — You can request a copy of your data in a structured, machine-readable format.
• Right to Object — You can object to processing based on legitimate interests.
• Right to Withdraw Consent — Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@tripmira.com. We will respond to your request within 30 days (or sooner if required by applicable law). We will not discriminate against you for exercising your privacy rights.

11. Do-Not-Track Signals

Some web browsers transmit "Do-Not-Track" (DNT) signals to websites. Because there is no universally accepted standard for how to interpret DNT signals, our Services do not currently respond to browser DNT signals. However, you can manage your privacy preferences through your browser settings and by contacting us directly.

We will update this policy if a formal DNT standard is adopted that we are required to follow.

12. US State-Specific Privacy Rights

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). This section supplements the rest of our Privacy Policy with information specific to California residents.

Categories of Personal Information Collected:

The following table identifies the categories of personal information (as defined by the CCPA) we have collected in the preceding 12 months:

Your California Privacy Rights:

• Right to Know — You have the right to know what personal information we have collected, used, disclosed, and sold about you.
• Right to Delete — You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct — You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing — We do not sell or share (for cross-context behavioral advertising) your personal information.
• Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights.

To exercise your California privacy rights, contact us at privacy@tripmira.com. We will verify your identity before processing your request.

Virginia Residents (VCDPA)

Virginia residents have the right to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of targeted advertising, sale of personal data, and profiling. To exercise these rights, contact us at privacy@tripmira.com.

Colorado Residents (CPA)

Colorado residents have similar rights to access, correct, delete, and obtain a portable copy of their personal data, and the right to opt out of targeted advertising, sale of personal data, and certain profiling. To exercise these rights, contact us at privacy@tripmira.com.

Connecticut Residents (CTDPA)

Connecticut residents have the right to access, correct, delete, and obtain a copy of their personal data, and the right to opt out of targeted advertising, sale of personal data, and profiling. To exercise these rights, contact us at privacy@tripmira.com.

Utah Residents (UCPA)

Utah residents have the right to access, delete, and obtain a portable copy of their personal data, and the right to opt out of targeted advertising and sale of personal data. To exercise these rights, contact us at privacy@tripmira.com.

For all US state privacy requests, we will respond within the timeframe required by applicable law (generally 45 days, with the possibility of extension where permitted). If we deny your request, you may appeal by contacting us with the subject line "Privacy Rights Appeal."

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify you via email (if we have your email address) or through a prominent notice on our website
• Provide a reasonable period for you to review the changes before they take effect

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated policy.

14. How to Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all legitimate inquiries within 30 days. If you feel your concerns have not been adequately addressed, you may have the right to lodge a complaint with your local data protection authority.

15. How to Review, Update, or Delete Your Data

You have the right to request access to, correction of, or deletion of your personal information at any time. To exercise these rights:

1. Email us at privacy@tripmira.com with the subject line "Data Request" and specify what action you would like us to take (access, correction, or deletion).
2. Verify your identity — For your security, we may ask you to verify your identity before processing your request.
3. Receive confirmation — We will confirm completion of your request within 30 days (or sooner if required by applicable law).

Upon receiving a verified deletion request, we will delete your personal information from our active databases and direct our service providers to do the same. Please note that some information may be retained in encrypted backup archives for a limited period, after which it will be permanently removed.

You can also unsubscribe from marketing communications at any time by using the unsubscribe link included in every email we send.