Skip to content
Privacy

Privacy Policy

Last updated: July 2026

Moodora is built around a simple promise: the trips you dream up are personal, and they should stay that way. This policy explains, in plain language, what we collect, why, and what we never do with it. No dense legal fog — just an honest account of how the app and this website work.

Who we are

Moodora is operated by Trinx Solutions (the "data controller" for the processing described here). For anything privacy-related, write to [email protected] — a real person reads it.

Your data, on your device first

Moodora is on-device first. The things that make a trip yours — your itineraries, saved destinations, mood and energy check-ins, travel journals, and your conversations with the AI planner — are created and kept on your phone, ready offline.

So your trips follow you across devices and survive a lost phone, Moodora uses an account and syncs your trip data privately to it. We store that synced data only to provide the service — it's tied to your account, never sold, never shared with advertisers or data brokers, and never used to build a profile of you. You can delete individual trips, or your entire account and its synced data, at any time.

What we collect, and why

  • Account details — your email address, display name, optional avatar, language, home city/country if you set them, and a device identifier that lets your install talk to our servers. Used to run your account, sync your trips, and secure sign-in. (Legal basis: performing our contract with you.)
  • Synced trips — the trips you choose to keep are stored on our servers so they reach your other devices. (Contract.)
  • AI requests — when you use an AI feature, the relevant context (your mood, pace, destination, the trip being edited, your chat message) is sent to our servers and on to our AI provider to generate the answer. We keep technical usage records of each AI call — feature used, timestamps, token counts and cost, and a technical fingerprint of the request — to meter plan limits, keep costs sane, and detect abuse. We don't use your AI conversations for advertising, and we don't sell them. (Contract + our legitimate interest in preventing abuse.)
  • Journal photos — if you add photos to your travel journal stickers, a resized copy is stored on our servers so it syncs and displays reliably. Deleted when you replace it or delete the account. (Contract.)
  • Security & session records — when you sign in or refresh a session we record the IP address and device/browser identifier, so we can secure accounts, revoke stolen sessions, and investigate fraud or attacks. (Legitimate interest in security.)
  • Purchases — for web purchases, our payment provider Stripe processes your payment and we store a customer reference and your subscription state; we never see your full card details. For App Store / Google Play purchases we receive only the limited receipt data needed to unlock your plan. (Contract + legal obligations like tax record-keeping.)
  • Emails we send you — account emails (verification, password reset) go through our email provider. We don't send marketing email unless you ask for it. (Contract.)
  • Product analytics — a minimal amount of privacy-respecting analytics through PostHog: anonymous usage events (screens opened, buttons tapped), marketing attribution (UTM parameters), basic technical details (device type, OS, browser, screen size, approximate region from IP), and, on this website only, session replay with all form fields and personal details automatically masked. Never the content of your trips. (Consent where required, otherwise legitimate interest in improving the product.)

We do not sell your data. We do not share it with advertisers or data brokers. We don't build profiles to follow you around the internet.

AI processing

Moodora's suggestions are generated by large language models provided by Google (the Gemini API). The context needed to answer you is processed by Google as our service provider under their API terms; we don't allow our providers to use your content to advertise to you. Hero images for destinations are looked up through Wikimedia and Google's image search using the destination name — not your personal details.

Where your data lives

Our servers are hosted in the European Union (Germany). Some of our providers (like Google, Stripe, PostHog, Apple) may process data on servers in other countries, including outside the EU. When that happens, we rely on appropriate safeguards — such as the EU's standard contractual clauses and adequacy decisions — to keep your information protected wherever it travels.

Cookies & local storage

This website uses a small number of cookies and similar local storage to remember your preferences and to power the analytics described above. We don't use cookies for advertising or cross-site tracking. You can opt out through the cookie controls, or by enabling your browser's Do Not Track / Global Privacy Control signal, which we respect — and you can clear cookies and local storage at any time in your browser or device settings.

How long we keep things

  • Your trips, journals, and chats stay on your device for as long as you keep them, and their synced copies live in your account until you delete them or the account.
  • Analytics are retained only while useful for understanding product trends — typically up to 12 months — then aggregated or deleted.
  • Purchase and subscription records are kept as long as required for support, legal, and tax obligations.
  • When you delete your account, your synced content is deleted. We may retain a minimal, non-content record of the account — such as usage metering, security logs, consumed purchase receipts, and enforcement history — for a limited period where we have a legitimate interest in preventing abuse (for example, stopping a banned account from returning), resolving disputes, and meeting legal obligations.

Your rights

If you're in the EU/EEA (and in many other places), you have the right to access, correct, export, restrict, object to, and delete the personal data we hold about you. Most of this you can do directly in the app — including deleting trips or the whole account. For anything else, email [email protected] and we'll respond within the legal deadline. You also have the right to complain to your data-protection authority — in Romania, that's ANSPDCP (dataprotection.ro) — though we'd love the chance to sort it out with you first.

Children's privacy

Moodora is made for adults planning their travels and is not directed at children under 13 (or the minimum digital-consent age in your region). We don't knowingly collect personal information from children. If you believe a child has provided us information, please reach out and we'll remove it.

Changes to this policy

As Moodora grows, this policy may need to change. When we make meaningful updates, we'll revise the "Last updated" date above and, for significant changes, let you know in the app or on this site. We'll never quietly weaken your privacy without telling you.

Contact

Questions, concerns, or a privacy request? We'd genuinely like to hear from you — email [email protected] or use our contact page, and a real person will get back to you.