Privacy Policy

The controller responsible for data processing on this platform is:

[Your name / company]

[Address]

[Country: Switzerland]

Email: [Contact email]

This Privacy Policy explains which personal data we collect, how we use it, on which basis this happens, and which rights data subjects have.

Personal data means any information relating to an identified or identifiable natural person. This includes in particular contact details, account information, content data, technical identifiers, and usage-related information.

Where consent is required for specific processing, we obtain it separately. Otherwise, processing takes place in particular for the performance of a contract, the provision of secure platform functions, and on the basis of overriding legitimate interests in operating, securing, and improving MakeItTrip.

We process account data such as name, display name, username, email address, authentication data, and account settings.

We process usage and content data such as created trips, planning options, votes, comments, invitations, interactions within groups, uploaded content, and other information entered by the user.

We process file and import data, in particular images, PDFs, documents, links, and extracted or structured content derived from them. Such files may contain personal data, for example booking confirmations, travel documents, or contact details of fellow travelers.

We process technical data such as IP address, browser and device information, operating system, language settings, timestamps, log data, session information, and security and error logs.

Where paid services are used, we also process billing-related data such as the selected premium model, term, status of a premium slot, Stripe customer and transaction references, and payment-related metadata. We do not store full payment card details ourselves.

We use personal data in particular to provide and operate MakeItTrip, to manage user accounts, to enable collaborative trip planning, to store and display content, and to handle support and security requests.

We also use data to process paid services, to manage premium slots with terms of 1 month, 4 months, or 1 year, to detect and prevent abuse, to analyze errors, and to technically improve the platform.

Where permitted, we also use aggregated or otherwise reduced information for statistics, capacity planning, and product optimization.

MakeItTrip may use AI technologies to process content, in particular for PDF import, text recognition, data extraction, structuring, summarization, or similar assistance features.

For this purpose, user-provided content may be transmitted to external AI service providers to the extent necessary for the requested function. This may include text, images, document excerpts, metadata, and technical accompanying information.

Processing takes place in an automated manner. AI outputs may be inaccurate, incomplete, or erroneous. Users remain responsible for reviewing and using the content. Unless expressly stated otherwise, we do not make solely automated individual decisions with legal or similarly significant effects based solely on such AI outputs.

The platform uses external service providers for data processing, in particular for hosting, database, authentication, file storage, payment processing, communication functions, and AI-supported processing.

This includes in particular cloud storage for files, for example Cloudflare R2, database and backend services, for example Supabase or comparable providers, and payment providers such as Stripe.

Data may be processed or stored on servers outside Switzerland or the EEA. In such cases, we seek to ensure an adequate level of data protection, in particular through adequacy decisions, recognized standard contractual clauses, or other appropriate safeguards where legally required.

Users may upload files and store them in MakeItTrip. These files are processed in external cloud systems and may be used for display, organization, import, or collaboration functions within the platform.

Files generally remain available for some time even after premium features end or a premium slot expires, unless technical or legal reasons require earlier deletion.

Files and related metadata may be permanently deleted after about 90 days if there is no active premium entitlement for the relevant function or if storage or usage limits require it. Mandatory legal retention obligations remain reserved.

When users purchase paid services, payment processing is carried out through external payment providers, in particular Stripe. Their own privacy notices and terms also apply.

We do not store full credit card or bank account details. However, we may process payment status, premium model, term, invoice or transaction references, and other payment metadata required for accounting, support, fraud prevention, and contract performance.

Where a premium model is structured as a recurring payment, we also process information about term, renewal, cancellation, chargeback, or refund to the extent required for contract administration.

Personal data is disclosed only where this is necessary for contract performance or for providing the platform, where we are legally obliged to do so, where legitimate interests require it, or where data subjects have consented.

Recipients may in particular include hosting, cloud, database, authentication, AI, analytics, security, support, and payment service providers. Within MakeItTrip, data may also become visible to other users where the user shares content, trips, invitations, or group functions with them.

We do not sell personal data.

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, manipulation, or disclosure.

These measures include in particular encryption, access restrictions, role-based permissions, logging, security reviews, and measures for detecting and handling security incidents.

Despite all due care, no internet transmission or electronic storage can be guaranteed to be completely secure.

Subject to applicable law, data subjects have in particular the right to obtain information about stored personal data, to correct inaccurate data, to request deletion, to restrict processing, to object to certain processing, and to receive data or have data transferred where such rights are legally provided.

Any consent given may be withdrawn at any time with effect for the future where processing is based on consent.

Requests may be sent to the contact address stated above. We may request reasonable proof of identity before processing a request.

Where applicable, data subjects also have the right to lodge a complaint with a competent data protection authority, in particular in Switzerland with the Federal Data Protection and Information Commissioner or with a competent supervisory authority in the EEA.

MakeItTrip may use cookies and similar technologies to provide sessions, keep users signed in, ensure security, store preferences, analyze usage, and technically provide functions.

Where consent is required for certain cookies or tracking technologies, we obtain it separately. Technically necessary cookies may also be used without separate consent where legally permitted.

Further details may be described in a separate Cookie Policy or in a consent banner.

Personal data is stored only for as long as this is necessary for the respective purpose, as long as a user account exists, as long as active premium services are administered, as long as legal retention obligations apply, or as long as legitimate interests in documentation, security, or legal enforcement require it.

After the purpose no longer applies or legal retention periods expire, personal data is deleted or anonymized unless legal or technical reasons require otherwise.

We may update this Privacy Policy if data processing activities, legal requirements, technical processes, or service providers change.

The current version is available on the platform. In the event of material changes, registered users may also be informed separately in an appropriate manner.

For questions about privacy or to exercise privacy rights:

Email: [Contact email]