Back to home
Plotted

Privacy Policy

Last updated: March 26, 2026

1. Who We Are

Plotted ("we," "us," "our") is a map-first travel planning application. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website and services at plotted.app (the "Service").

If you have questions about this policy, contact us at privacy@plotted.app.

2. Data We Collect

Account data

When you sign in with Google, we receive your name, email address, and profile photo from Google OAuth. We store this in our database to identify your account.

Trip and planning data

Content you create within the Service: trips, activities, pins, packing lists, comments, and scheduling data. This data is stored in our database and is necessary to provide the Service.

Place data

When you search for or add places, we query the Google Places API on your behalf. We cache place details (name, address, hours, ratings, photos) to reduce API calls and improve performance. This data originates from Google and is subject to Google's Privacy Policy.

Usage and analytics data

We use Vercel Analytics, which collects anonymous, aggregated performance metrics (page views, web vitals). Vercel Analytics is cookieless and does not track individual users or use personal identifiers.

Push notification tokens

If you opt in to push notifications, we store your browser push subscription endpoint to deliver notifications. You can revoke this at any time in your browser settings.

Calendar tokens

If you connect Google Calendar, we store an OAuth refresh token to sync your trip schedule. This token is stored encrypted in our database and only grants access to create and manage calendars. You can disconnect at any time from Settings.

3. How We Use Your Data

  • To provide and operate the Service (trip planning, collaboration, scheduling)
  • To generate AI-assisted features you opt into(morning briefs, gap-fill suggestions, journal generation) using your trip context. Morning briefs are off by default — you enable them in account settings. When you use these features we send relevant trip data (trip name, destination names, activity names/times/categories, your notes) to our AI provider (Anthropic) for processing, but never for model training. We do not send your email address, phone number, or payment data to the AI provider.
  • To send push notifications you have opted into (trip updates, morning brief delivery — only if the feature itself is also enabled)
  • To sync your trip schedule with Google Calendar when you connect it
  • To improve the Service through anonymous analytics

We do not sell your personal data. We do not use your data for advertising. We do not use your data to train AI models.

4. Third-Party Processors

We use the following third-party services to operate the Service. Each processes data on our behalf under a Data Processing Agreement (DPA):

  • Supabase — Database, authentication, and real-time sync (your account data, trip data, and files)
  • Vercel — Hosting and serverless functions (request processing, analytics)
  • Anthropic — AI features (trip context is sent for processing; not used for training). Anthropic retains API logs for up to 30 days for abuse monitoring, then permanently deletes them. EU transfers are covered by Standard Contractual Clauses.
  • Google — Maps, Places, and Calendar APIs (place searches, map rendering, calendar sync)
  • Upstash — Rate limiting (stores anonymized request counts, no personal data)
  • Inngest — Background job processing (event metadata only)

5. Data Retention

We retain your data for as long as your account is active. If you delete your account:

  • Your profile and collaborator records are deleted immediately
  • Trips you own are soft-deleted and permanently removed after 30 days
  • Your comments on shared trips are deleted
  • Associated files (photos) are deleted during the 30-day cleanup

6. Your Rights (GDPR & Similar Laws)

Depending on your jurisdiction, you may have the following rights:

  • Access — Request a copy of your data (Settings → Export Data)
  • Rectification — Update your profile information at any time
  • Erasure — Delete your account and all associated data (Settings → Delete Account)
  • Portability — Export your data in JSON format (Settings → Export Data)
  • Restriction — Contact us to restrict processing
  • Objection — Contact us to object to specific processing

To exercise any right, use the in-app tools or email privacy@plotted.app. We will respond within 30 days.

7. Cookies and Local Storage

We use essential cookies only (authentication session managed by Supabase). We do not use advertising or tracking cookies.

We use browser local storage to persist UI preferences (dismissed onboarding hints, cookie consent choice, theme settings). This data never leaves your device.

8. Security

We protect your data through:

  • HTTPS encryption in transit (HSTS with preload)
  • Row-level security (RLS) policies ensuring users can only access their own data and trips they collaborate on
  • Content Security Policy headers to prevent XSS and injection attacks
  • Rate limiting on API endpoints to prevent abuse
  • OAuth tokens stored server-side, never exposed to the client

9. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact privacy@plotted.app and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance.

11. Contact

For privacy-related questions or requests:

Email: privacy@plotted.app