Privacy

TripOnTrib, S.L.
Last updated: September 29, 2025

1. WHO WE ARE (DATA CONTROLLER)

Controller: TripOnTrib, S.L.
Tax ID: B19950666.
Address: Calle Juan Bautista Monegro nº 7, 1º D, 28850, Torrejón de Ardoz (Madrid), Spain.
Data protection contact email: admin@tripontrib.com.
Scope: This policy applies to the use of our mobile applications, website, and official social media profiles (collectively, the “Services”).

At TripOnTrib we prioritize privacy and security. We are a social network designed to connect like-minded people so they can share trips and experiences.

2. DATA WE PROCESS

2.1. Registration data (mandatory)

To create an account we require: first name, last name, email address, and date of birth (to verify legal age).
These data are mandatory to open your profile and use the basic Services.

2.2. Profile data (optional)

You may complete your profile with information that helps you find compatible people, for example:

Traveler type or travel style
Companion preferences (e.g., by gender)
Estimated budget
Preferred accommodation type
Other filters/options you choose to make visible to other users

These data are optional and are used to improve recommendation matching.

2.3. Identity verification (required for advanced features)

We work with an external provider that performs profile verification (you will be asked for a photo of your identity document and a selfie).

TripOnTrib does not store copies of your documents; the provider acts as a data processor and only returns the result (verified / not verified).
Without verification, you may use basic features, but you will not be able to contact other users or participate in private groups. You will also be unable to create your own private group or trip, or join other private groups.

2.4. Usage and technical data

We may process usage information (interactions, clicks, groups you join, matches), as well as technical device data (identifiers, operating system, IP address, language, time zone).

2.5. Chats and communities

General groups: messages can be read by all members of the general group.
Private groups: only members of the private group can participate and read messages.

2.6. Payment data (Premium Service)

If you subscribe to the Premium Service, we will require payment data (e.g., credit/debit card) through a payment provider.

Current situation: Premium is free and we do not request payment data.
When charging is activated: we will inform you and securely request payment details.

3. PURPOSES AND LEGAL BASES

Account creation and management: performance of a contract
Matching and recommendations: legitimate interest and/or consent
Identity verification: performance of a contract and legitimate interest
Chats: performance of a contract
Moderation and security: legitimate interest
User support: performance of a contract
Product improvement and analytics: legitimate interest / consent
Own marketing communications: consent / legitimate interest
Premium billing: legal obligation
Social media management: legitimate interest

4. CHAT OPERATION AND VERIFICATION

General groups: any member of the general group can read messages.
Private groups: only verified members can enter and read messages.
Verification status is a condition for access to key features.
We retain minimal verification metadata and the result (approved / not approved). We do not store your documents.

5. RECIPIENTS AND DATA PROCESSORS

External providers (technical support, analytics, identity verification, payments, travel and tourism agencies) act as data processors.
Data disclosures to third parties only occur due to legal obligation, service necessity, or explicit consent.
International transfers are carried out with appropriate safeguards (Standard Contractual Clauses).

6. DATA RETENTION

Account and profile: while the account remains active. After deletion, data are blocked for legally required periods.
Chats: while the account or group remains active.
Verification: we retain the verification status, not the documents.
Payment data: according to legal requirements and the payment provider’s policies.

7. INFORMATION SECURITY

We apply appropriate technical and organizational measures (encryption, access controls, audits).
Security comes first. Any incidents will be reported in accordance with the GDPR.

8. USERS’ RIGHTS

You may exercise your rights of access, rectification, erasure, objection, restriction, and data portability by writing to admin@tripontrib.com or by postal mail to the address provided.
You may also withdraw your consent at any time and file a complaint with the Spanish Data Protection Agency (www.aepd.es).

9. MARKETING COMMUNICATIONS

You may exercise your rights of access, rectification, erasure, and objection by contacting us at admin@tripontrib.com or by postal mail.
You may withdraw your consent at any time.

10. SOCIAL MEDIA

TripOnTrib maintains profiles on social media platforms.
Data processing is governed by this policy as well as each platform’s own policies.

11. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies on the website and app.
Please refer to our Cookie Policy for more information.

12. CHANGES TO THIS POLICY

We may update this policy. The new version will be published with an updated date.
If changes are substantial (e.g., activation of paid Premium services), we will notify you explicitly.

13. ADDITIONAL INFORMATION ABOUT THE PREMIUM SERVICE

Current status: Premium is free and no payment data are collected.
Future: once payment is activated, data will be requested via a trusted provider.

14. EXTENDED LEGAL BASIS AND TRANSPARENCY NOTES

Optional sensitive data: processed only with explicit consent
You can configure the visibility of your profile
You may edit or withdraw this information at any time

QUICK GLOSSARY

Data processor: third party that processes data on behalf of TripOnTrib.
International transfer: transfer of data outside the EEA with appropriate safeguards.
Profiling: use of data to evaluate preferences and offer travel matches.