Privacy Policy
Last updated on 17 Nov 2025
Welcome to Retrip Inc., a Delaware corporation (“Retrip”, “we”, “us”, or “our”). This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard personal and business information when you use our SaaS platform for agencies, our agentic AI infrastructure, our websites, and any related services (collectively, the “Services”).
1. General
2. Scope and Roles
3. Information We Collect
4. How We Use Information
5. Legal Bases for Processing (Where Applicable)
6. How We Share Information
7. Cookies and Similar Technologies
8. Data Security
9. Data Retention
10. Your Rights and Choices
11. International Data Transfers
12. Children’s Privacy
13. Changes to this Privacy Policy
14. Contact Information
1. General
1.1. Last updated
1.1.1. Date of last update shown at the top of this page.
1.2. Purpose of this Policy
1.2.1. This Privacy Policy explains how Retrip (“Retrip”, “we”, “us”, or “our”) collects, uses, and protects personal and business information.
1.2.2. This Policy applies to all use of our websites, platforms, APIs, SaaS tools, and agentic AI infrastructure (collectively, the “Services”).
1.3. Acceptance
1.3.1. By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
1.3.2. If you do not agree with this Policy, you must stop using the Services.
2. Scope and Roles
2.1. Covered Services
2.1.1. This Policy applies to:
2.1.1.1. The Retrip agency platform for travel agencies (internally “v1 SaaS”);
2.1.1.2. Our agentic AI infrastructure, APIs, tools, and any pay-as-you-go services (the “Agentic Services”);
2.1.1.3. Our websites and related subdomains, including retrip.ai and retrip.io.
2.2. Data Controller and Data Processor Roles
2.2.1. Retrip may act as a data controller for information we collect and use about you as a user, business contact, or website visitor.
2.2.2. Retrip may act as a data processor (or equivalent under applicable law) when we process traveller or passenger data and other information on behalf of your company to power travel operations, quotes, bookings, and agentic workflows.
2.2.3. If you are a traveller or end customer of one of our clients, your primary relationship is with that client. We process your data on their instructions and in accordance with our agreement with them.
3. Information We Collect
3.1. Account and Contact Information
3.1.1. Full name and contact details (e.g. email address, phone number).
3.1.2. Company/agency name, role, tax ID and business profile.
3.1.3. Login credentials and authentication data.
3.2. Business and Transactional Information
3.2.1. Details of your agency, operator, or OTA (e.g. branches, teams, configuration).
3.2.2. Booking, quotation, and transaction data, including:
3.2.2.1. Itineraries, routes, dates, products, prices, and margins;
3.2.2.2. Reference numbers, PNRs, and related identifiers;
3.2.2.3. Supplier and distribution channel information.
3.3. Traveller and Passenger Data (Customer Data)
3.3.1. When you use the Services, you may process traveller or passenger data, such as:
3.3.1.1. Names, contact details, and identification data as required for travel;
3.3.1.2. Booking preferences, loyalty numbers, and travel history;
3.3.1.3. Special requests (e.g. seating, dietary needs) where permitted by law and your own policies.
3.3.2. In this context, your company is typically the data controller, and Retrip processes this information solely to provide and improve the Services, in accordance with your instructions.
3.4. Usage, Logs, and Technical Information
3.4.1. IP address, browser type, device information, and operating system.
3.4.2. Dates and times of access, features used, and pages viewed.
3.4.3. API calls, agent actions, and system events for audit and debugging.
3.4.4. Session identifiers, cookies, and similar technologies.
3.4.5. For agentic workflows, we may also log:
3.4.5.1. Prompts, instructions, and system messages sent to agents;
3.4.5.2. Inputs and outputs of agentic operations, including actions taken on connected systems, for traceability and monitoring.
3.5. Payment and Billing Information
3.5.1. Billing contact details, billing address, and tax information.
3.5.2. Records of subscriptions, usage, pay-as-you-go consumption, and invoices.
3.5.3. Limited payment information; full card data is typically handled by our payment provider and not stored directly by Retrip.
3.6. Communication and Support Information
3.6.1. Emails, messages, and other communications with our team.
3.6.2. Support tickets, feedback, and survey responses.
3.6.3. Information related to participation in waitlists, beta programs, or community channels.
3.6.4. Information received from third parties (e.g. integration partners, providers, or public sources) to maintain account and business data.
4. How We Use Information
4.1. Providing and Operating the Services
4.1.1. To create and manage accounts and workspaces.
4.1.2. To operate both the v1 SaaS platform and the Agentic Services.
4.1.3. To power quotes, bookings, changes, cancellations, and operational workflows.
4.2. Agentic AI Automation and Operations
4.2.1. To execute agentic tasks and workflows based on your configurations, policies, and system connections.
4.2.2. To maintain logs, audit trails, and monitoring for safety, compliance, and troubleshooting.
4.2.3. To tune routing, orchestration, and risk controls around agent behaviour.
4.3. Improving and Developing Our Products
4.3.1. To analyze usage patterns and performance (e.g. feature adoption, error rates).
4.3.2. To test, train, and improve models, algorithms, and infrastructure using aggregated or de-identified data.
4.3.3. To design new features, pricing models (including pay-as-you-go), and integrations.
4.4. Communication and Customer Success
4.4.1. To contact you about your account, security issues, service changes, and maintenance.
4.4.2. To respond to support requests and provide onboarding or training.
4.4.3. To send product updates, invitations to betas, and relevant marketing communications, where permitted by law and with an option to opt out.
4.5. Security, Fraud Prevention, and Compliance
4.5.1. To detect and prevent abuse, unauthorized access, or harmful activity.
4.5.2. To enforce our Terms & Conditions and other agreements.
4.5.3. To comply with legal obligations, regulatory requirements, and law-enforcement requests.
4.6. No Sale of Personal Information
4.6.1. Retrip does not sell or rent your personal information.
5. Legal Bases for Processing (Where Applicable)
5.1. Contractual Necessity
5.1.1. Processing necessary for the performance of a contract with you or your company (e.g. providing the Services).
5.2. Legitimate Interests
5.2.1. Processing for purposes such as improving the Services, securing our systems, and communicating with business contacts, balanced against your rights and freedoms.
5.3. Legal Obligations
5.3.1. Processing required to comply with applicable laws, regulations, or court orders.
5.4. Consent
5.4.1. Processing based on your consent where required by law (e.g. certain marketing communications or optional features).
5.4.2. You may withdraw consent at any time, without affecting prior lawful processing.
6. How We Share Information
6.1. Service Providers and Subprocessors
6.1.1. We may share information with third-party vendors that support our operations, such as:
6.1.1.1. Cloud hosting and infrastructure;
6.1.1.2. Data storage, logging, and monitoring;
6.1.1.3. Payment processing and billing;
6.1.1.4. Email and communication tools;
6.1.1.5. Analytics and product telemetry.
6.1.2. These providers are contractually required to use data only for specified purposes and to implement appropriate security measures.
6.2. Travel and Technology Partners
6.2.1. When you connect our Services to travel systems or other tools, we may share data as necessary to complete the requested operations and maintain integrations.
6.3. Professional Advisors and Corporate Transactions
6.3.1. We may share information with legal, tax, or other professional advisors under confidentiality obligations.
6.3.2. We may disclose information in connection with mergers, acquisitions, financings, or similar transactions, subject to appropriate protections.
6.4. Legal and Regulatory Disclosures
6.4.1. We may disclose information where required by law, regulation, legal process, or governmental request.
6.4.2. We may disclose information to protect the rights, property, or safety of Retrip, our users, or others.
6.5. Marketing by Third Parties
6.5.1. We do not permit third parties to use your data for their own marketing purposes without your consent.
7. Cookies and Similar Technologies
7.1. Use of Cookies
7.1.1. Our websites and platforms may use cookies and similar technologies to:
7.1.1.1. Keep you signed in and maintain secure sessions;
7.1.1.2. Remember your preferences and configuration;
7.1.1.3. Analyze traffic, usage, and performance.
7.2. Cookie Management
7.2.1. You can manage cookie preferences through your browser settings.
7.2.2. If you disable certain cookies, some features of the Services may not function properly.
8. Data Security
8.1. Technical and Organizational Measures
8.1.1. We implement industry-standard security measures, which may include:
8.1.1.1. Encryption in transit and at rest where appropriate;
8.1.1.2. Access controls based on roles and least privilege;
8.1.1.3. Network and application-level security measures;
8.1.1.4. Logging, monitoring, and periodic security reviews.
8.2. Shared Responsibility
8.2.1. No system can guarantee absolute security.
8.2.2. You are responsible for:
8.2.2.1. Using strong, unique passwords and available security features;
8.2.2.2. Limiting and managing credentials provided to agents and integrations;
8.2.2.3. Reviewing users, roles, and access settings regularly.
9. Data Retention
9.1. Retention Periods
9.1.1. We retain information for as long as necessary to:
9.1.1.1. Provide and improve the Services;
9.1.1.2. Fulfil the purposes described in this Policy;
9.1.1.3. Comply with legal, tax, and accounting requirements;
9.1.1.4. Resolve disputes and enforce agreements.
9.2. Aggregation and Anonymization
9.2.1. We may anonymize or aggregate data so that it can no longer be linked to an identifiable person.
9.2.2. We may retain anonymized or aggregated data for analytical and product development purposes for longer periods.
10. Your Rights and Choices
10.1. Data Subject Rights
10.1.1. Depending on your location and applicable law, you may have rights such as:
10.1.1.1. Access to the data we hold about you;
10.1.1.2. Correction of inaccurate or incomplete data;
10.1.1.3. Deletion of your data, subject to legal obligations;
10.1.1.4. Restriction of certain types of processing;
10.1.1.5. Objection to processing based on legitimate interests;
10.1.1.6. Data portability for certain information.
10.2. How to Exercise Your Rights
10.2.1. To exercise your rights, please email contact@retrip.ai with a clear description of your request and the name of your company.
10.2.2. We will acknowledge your request within a reasonable period (typically within 48 business hours).
10.2.3. We aim to respond within applicable legal timeframes and in any case within a commercially reasonable period.
10.3. Travellers and End Customers of Our Clients
10.3.1. If you are an end traveller of one of our clients, you should contact that company directly to exercise your rights.
10.3.2. We will support our clients, where required, in responding to such requests.
10. Your Rights and Choices
10.1. Data Subject Rights
10.1.1. Depending on your location and applicable law, you may have rights such as:
10.1.1.1. Access to the data we hold about you;
10.1.1.2. Correction of inaccurate or incomplete data;
10.1.1.3. Deletion of your data, subject to legal obligations;
10.1.1.4. Restriction of certain types of processing;
10.1.1.5. Objection to processing based on legitimate interests;
10.1.1.6. Data portability for certain information.
10.2. How to Exercise Your Rights
10.2.1. To exercise your rights, please email contact@retrip.ai with a clear description of your request and the name of your company.
10.2.2. We will acknowledge your request within a reasonable period (typically within 48 business hours).
10.2.3. We aim to respond within applicable legal timeframes and in any case within a commercially reasonable period.
10.3. Travellers and End Customers of Our Clients
10.3.1. If you are an end traveller of one of our clients, you should contact that company directly to exercise your rights.
10.3.2. We will support our clients, where required, in responding to such requests.
11. International Data Transfers
11.1. Locations of Processing
11.1.1. Retrip may process and store information in countries other than your own, including where our infrastructure and service providers are located.
11.2. Safeguards
11.2.1. When transferring personal data internationally, we take appropriate measures to protect it in accordance with applicable law, such as contractual protections or other safeguards.
12. Children’s Privacy
12.1. Business Use Only
12.1.1. Our Services are intended for businesses and professionals, not for children.
12.2. No Knowing Collection from Children
12.2.1. We do not knowingly collect personal information directly from children under the age defined by applicable law.
12.2.2. If you believe a child has provided us with personal information without appropriate consent, please contact us and we will take appropriate steps.
13. Changes to this Privacy Policy
13.1. Updates
13.1.1. We may update this Privacy Policy from time to time to reflect changes in our Services, technology, or legal requirements.
13.1.2. When we make material changes, we will notify you by email and/or through the Services.
13.2. Effective Date
13.2.1. The “Last updated” date at the top of this Policy indicates the latest revision.
13.2.2. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Policy.
14. Contact Information
14.1. Contact Details
14.1.1. If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
14.1.1.1. Email: contact@retrip.ai