Home Legal Privacy
Legal · Privacy

Privacy Policy.

How we collect, use, and protect your data — in plain English, not in ten-point Times.

Last updated: April 20, 2026 Questions? partnership@thehowtonetwork.com

RoundTrips is a group-travel planning platform operated by The HowTo Network. This policy explains what personal information we collect when you use RoundTrips, how we use it, who we share it with, and what choices you have. If anything here is unclear, email us — we'd rather explain than leave you guessing.

01Overview

We collect the minimum information we need to run the service and improve it. We do not sell your personal data. We do not build advertising profiles on you. When we use third-party services (like Supabase for database hosting or Google Analytics for usage stats), we only share what those services need to do their job.

This policy applies to roundtrips.org and any subdomains. It does not cover third-party sites we link to — those have their own policies.

02Data we collect.

Account information

When you create an account, we collect your email address, display name, and a hashed password. You may optionally provide a profile photo or bio.

Trip data

Anything you put into a trip — destinations, dates, itinerary items, expenses, RSVPs, votes, photos, notes — is stored so we can show it to you and your trip-mates.

Usage data

Pages you visit, features you use, general device info (browser, OS, approximate location from IP), and error logs. This helps us fix bugs and understand what's working.

Communications

Emails you send us, support tickets, and survey responses — kept so we can follow up and improve the product.

What we do not collect

  • We do not access your contacts, calendar, or other apps unless you explicitly connect them.
  • We do not collect biometric data, payment card numbers (handled by our payment processor if you upgrade), or precise location without permission.

03How we use it.

  • Provide the service — show you your trips, sync them with your crew, send trip-related notifications.
  • Improve the product — understand which features get used, find and fix bugs, prioritize what to build next.
  • Communicate — respond to support requests, send product updates, send occasional emails about new features (you can opt out).
  • Keep the service safe — detect abuse, prevent spam, comply with legal requirements.

We do not use your trip data to target you with ads. We do not sell your data to data brokers. Your trips are yours.

04Third-party services.

We use a small set of vendors to run the service. Each has its own privacy policy. The current list:

  • Supabase — database hosting and authentication. Stores your account info and trip data. Supabase privacy policy
  • Cloudflare — website delivery and security. May see your IP address and browser info for every page request. Cloudflare privacy policy
  • Google Analytics — aggregated site usage. Uses cookies to count visitors. Google privacy policy
  • Anthropic — AI features where applicable. Prompts may include parts of your trip content, but only when you invoke AI explicitly.
  • Travel affiliates (Viator, G Adventures, Booking.com, and similar) — only if you click outbound links to book. They may drop tracking cookies. See our Cookie Policy.

05Cookies & tracking.

We use cookies for three reasons: keeping you logged in, measuring how the site is used, and attributing affiliate bookings so we can keep the service free. Full detail — including how to opt out — is on our dedicated Cookie Policy.

06Your rights.

Depending on where you live, you may have the right to:

  • Access — get a copy of the data we hold about you.
  • Correct — fix inaccurate or incomplete data.
  • Delete — ask us to erase your account and associated data.
  • Export — take your trip data with you in a portable format.
  • Opt out — unsubscribe from marketing emails (a link is in every email).
  • Object — to certain uses of your data, including analytics.

To exercise any of these rights, email partnership@thehowtonetwork.com. We'll respond within 30 days. Residents of California (CCPA) and the EU/UK (GDPR) have additional rights under local law — those apply too.

07Data retention.

We keep your account data as long as your account is active. If you delete your account, we delete your personal profile and trip data within 30 days, except where we're legally required to keep certain records (e.g., financial transactions) for longer.

Trips you shared publicly may persist in an anonymized form (stripped of your identifying information) if other users have forked them.

08Security.

We protect your data with industry-standard measures: HTTPS everywhere, encrypted password storage, access controls on our infrastructure, and regular audits. No system is perfectly secure — if we discover a breach that affects you, we'll notify you promptly and explain what happened.

09Children's privacy.

RoundTrips is not intended for users under 13. We do not knowingly collect data from children under 13. If you believe a child has created an account, email us and we'll remove it.

10Changes to this policy.

We may update this policy as the product evolves. When we make material changes, we'll notify account holders by email and update the "Last updated" date at the top. Continued use of RoundTrips after a change means you accept the updated policy.

11Contact us.

Privacy questions, data requests, or anything else — email partnership@thehowtonetwork.com. Real humans read every message.

Questions about privacy
We read every email.