Privacy policy

At Trively (hereinafter, the "Application", "application", "we", or "our"), we take the privacy and security of our users' data very seriously. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our mobile application, website, and related services, in compliance with Regulation (EU) 2016/679 General Data Protection Regulation (GDPR) and Organic Law 3/2018 on the Protection of Personal Data and guarantee of digital rights (LOPDGDD).

1. Data Controller

Identity: Joan Navarro Palatsi

NIF/CIF: 47479622D

Address: Calle Girona, 113, Sant Jaume d'Enveja (43877), Spain

Contact email: joannavarropalatsi@gmail.com

2. Data We Collect

To provide you with Trively travel planning and management services, we collect the following categories of data:

2.1. Data provided directly by the user

Account and Profile Data: When you register, we collect your email address, name, and optionally your profile photo.

Travel and Itinerary Data: Information about the trips you create, including dates, destinations, planned activities, and personal notes.

Travel Documents: Physical files (such as PDFs or images of tickets, accommodation bookings, travel insurance, etc.) that you voluntarily upload to the Application to associate them with your trips or activities.

Location Data (Manual): The geographic coordinates of activities or places that you manually add to your itinerary to display them in the Application's map functionality. Trively does not track your real-time GPS location.

2.2. Data collected through third parties (Social login)

If you choose to register or log in using external identity providers (such as Google Sign-In or Apple Sign-In), we will receive from those platforms only the information strictly necessary to authenticate you (name, email address, and public profile photo), according to the privacy policies of those platforms and the permissions you authorize.

2.3. Technical and usage data

Device information (operating system, application version).

Standard log data (IP addresses, access dates and times) exclusively for maintenance, security, and fraud prevention purposes.

If you authorize receiving notifications on your mobile device, we will store a unique technical identifier generated by the operating system services (Apple APNs or Firebase Cloud Messaging) for the sole purpose of sending you relevant alerts about your trips, invitations, or interactions on the platform.

3. Purpose of processing

We use your personal information exclusively for the following purposes:

Service delivery: Create and manage your account, store your travel itineraries, and allow you to view and download the documents you have uploaded.

Security: Authenticate your identity through secure tokens and protect your account against unauthorized access.

Technical functionality: Display your planned activities on interactive maps within the application.

Support: Address your inquiries, complaints, or suggestions through our contact channels.

Suggestions and recommendations: Use information from your preferences and interactions within the platform in an anonymized or aggregated way to feed our internal recommendation engine, suggesting destinations, activities, or connections (friendships) that may be of interest to you.

4. Legal basis

The processing of your data is based on the following legal bases:

Performance of a contract: Processing is strictly necessary to provide you with the Trively services you requested by accepting our Terms of Service.

Consent: For registration through social providers and uploading personal documents to our servers.

Legitimate interest: To ensure the security of the technical infrastructure and prevent fraud or abuse on the platform.

5. Data storage and security

Your personal data and the travel documents you upload to Trively are stored on secure servers.

Document isolation: Physical files (PDFs, images) are stored securely in our infrastructure, detached from public routes, and are only accessible through identity validation (authentication tokens) confirming that you belong to that trip.

Retention: We will keep your personal data and documents while your Trively account remains active. If you decide to delete your account, all your data, itineraries, and associated physical documents will be permanently deleted from our systems within a maximum period of 30 days, except for data we must keep due to legal obligation.

6. Data sharing and third parties (Affiliates)

Trively does not sell, rent, or trade your personal data with third parties. However, for the proper operation of the Application and our business model, we interact with the following third parties:

6.1. Infrastructure providers

We use cloud hosting services to run our database and store your files. These providers act as Data Processors and comply with strict security standards and European regulations.

6.2. Affiliate links

Trively includes integrations and recommendation links to third-party platforms.

We do not transfer your personal data to these platforms.

If you click an affiliate link and are redirected to the provider's platform, your browsing and any bookings you make there will be subject to that external provider's Privacy Policies and Terms of Service. Trively has no control over the data they collect and assumes no responsibility for transactions made on their platforms.

7. Your rights (ARCO and GDPR rights)

As a user, you have full control over your information. At any time, you may exercise the following rights:

Right of Access: Request a copy of the personal data we hold about you.

Right to Rectification: Modify or update inaccurate information from your profile settings.

Right to Erasure (Right to be forgotten): Request the full deletion of your account, itineraries, and uploaded documents.

Right to Portability: Request your data in a structured and readable format.

Right to Object and Restrict Processing: Object to certain processing of your data.

To exercise any of these rights, you can send an email to joannavarropalatsi@gmail.com with the subject line "Exercise of GDPR Rights". We will respond to your request within the legally established period of one month.

Likewise, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) if you consider that the processing of your data infringes applicable regulations.

8. Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy to adapt it to legal developments or changes in Trively's architecture and functionalities. We will notify you of any significant changes through the Application or by email before the modifications enter into force.