Privacy Policy

Last updated: May 2026

At Tripzic, we take your privacy seriously. This policy explains what data we collect, why we collect it, and how we keep it safe.

1. Information We Collect

1.1 Information You Provide

  • Account details: name, email address, phone number, profile photo
  • Booking information: travel dates, group preferences, payment details
  • Communications: messages to hosts, support requests, reviews
  • Identity verification: NID or passport (for hosts only)

1.2 Information Collected Automatically

  • Device information: browser type, operating system, device model
  • Usage data: pages visited, features used, time spent on platform
  • Location data: approximate location based on IP address
  • Cookies and similar technologies (see our Cookie Policy)

2. How We Use Your Information

  • Process bookings and payments securely
  • Connect you with trip hosts and fellow travelers
  • Send booking confirmations, reminders, and trip updates
  • Improve our platform and develop new features
  • Prevent fraud and ensure platform safety
  • Comply with legal obligations
  • Send marketing communications (only with your consent)

3. How We Share Your Information

We do not sell your personal data. We share information only in these cases:

3.1 With Hosts & Travelers

When you book a trip, your name and contact details are shared with the host to facilitate the trip. Other group members may see your first name and profile photo.

3.2 Service Providers

We use trusted third parties for payment processing (SSLCommerz, bKash), email delivery (Brevo), analytics (Google Analytics), and cloud hosting (Vercel, Supabase). These providers only access data necessary to perform their services.

3.3 Legal Requirements

We may disclose information if required by law, court order, or to protect the rights and safety of Tripzic, our users, or the public.

4. Data Security

We implement industry-standard security measures including:

  • SSL/TLS encryption for all data in transit
  • Encrypted storage for sensitive data (passwords, payment info)
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to personal data
  • Secure payment processing through PCI-compliant providers

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account deletion, we retain certain data for up to 12 months for legal compliance and fraud prevention. Payment records are retained for 5 years as required by Bangladesh tax law.

6. Your Rights

You have the right to:

  • Access — Request a copy of your personal data
  • Correction — Update inaccurate or incomplete information
  • Deletion — Request deletion of your account and data
  • Opt-out — Unsubscribe from marketing communications
  • Data portability — Request your data in a machine-readable format

To exercise these rights, email us at privacy@tripzic.com or use the settings in your account dashboard.

7. Children's Privacy

Tripzic is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal data, we will delete it immediately.

8. International Data Transfers

Your data may be processed on servers located outside Bangladesh (including Japan and the United States) through our cloud service providers. We ensure appropriate safeguards are in place to protect your data regardless of where it is processed.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice on our platform. Your continued use of Tripzic after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or concerns:

Tripzic — Privacy Team

Email: privacy@tripzic.com

Address: Dhaka, Bangladesh

Related: Terms & Conditions · Cookie Policy