Journey Planner AI
Sign in

Privacy Policy

Last updated: 2 June 2026

This Privacy Policy explains how QUDUS APPAREL LTD, trading as Journey Planner AI (United Kingdom), collects and uses your personal data when you use our website and AI travel planning service (the "Service"). We are the data controller for the personal data described below. You can contact us at support@journeyplannerai.com.

1. Data we collect

  • Account data: email address, hashed password, account creation date.
  • Trip questionnaire data: the information you enter to generate a plan (destination, dates, travellers, budget, preferences).
  • Generated content: AI-generated itineraries saved to your dashboard, plus PDFs you download.
  • Purchase data: order references and purchase status. Card details are collected and processed by Paddle, not by us.
  • Usage data: internal analytics on which pages and booking links you interact with (category, partner, trip type, trip ID, timestamps) to measure product performance.
  • Technical data: IP address, browser, device and log data needed to run and secure the Service.
  • Support data: messages you send us by email.

2. How we use your data

  • To create and manage your account (contract).
  • To generate, store and deliver your trip plans and PDFs (contract).
  • To process payments via Paddle and provide proof of purchase (contract / legal obligation).
  • To measure which itinerary sections and booking links drive engagement, so we can improve the product (legitimate interests).
  • To detect and prevent fraud, abuse and security incidents (legitimate interests / legal obligation).
  • To respond to support requests (legitimate interests).
  • To send service-related emails. We will only send marketing emails if you opt in, and you can unsubscribe at any time (consent).

3. AI processing

Your trip questionnaire inputs are sent to AI model providers to generate your itinerary. We do not include account passwords or payment details in these requests. AI providers process this data on our behalf under contract and do not use it to train public foundation models.

4. Who we share data with

  • Paddle — our Merchant of Record and payment processor, for sale of the product, subscription management, payments, tax compliance, invoicing and refunds.
  • Hosting and infrastructure — cloud hosting, database, file storage and email delivery providers acting as our processors.
  • AI providers — to generate trip plans.
  • Analytics — internal product analytics on usage of itinerary sections and booking links.
  • Affiliate networks — when you click an affiliate booking link, the destination provider and any affiliate network receive standard referral information (such as our publisher ID and the click). We do not pass them your account email.
  • Professional advisers and authorities — where required by law or to protect our legal rights.

5. International transfers

Some of our providers are based outside the UK/EEA. Where personal data is transferred internationally, we rely on appropriate safeguards (such as UK/EU Standard Contractual Clauses and adequacy decisions).

6. How long we keep data

  • Account and trip data: for as long as your account is active, then deleted or anonymised within a reasonable period after closure.
  • Purchase records: retained as required by tax and accounting law (typically 6 years).
  • Analytics: retained in aggregated form for product reporting.

7. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, access controls and row-level security on our database.

8. Cookies

We use a small number of strictly necessary cookies and local storage items to keep you signed in and to operate the checkout. We do not use third-party advertising cookies. Paddle may set cookies on its checkout domain to process your payment.

9. Your rights (UK GDPR)

You have the right to:

  • Access the personal data we hold about you.
  • Request correction or deletion of your data.
  • Restrict or object to certain processing.
  • Request portability of data you have provided to us.
  • Withdraw consent where processing is based on consent.
  • Complain to the UK Information Commissioner's Office (ico.org.uk) or your local supervisory authority.

To exercise these rights, email support@journeyplannerai.com. We will respond within one month.

10. Changes

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above.