TRIPSO Platform Privacy Policy
1. Data Controller
The data controller of your personal data is TRIPSO sp. z o.o., with its registered office in Lublin, ul. Bohdana Dobrzańskiego 3, 20-262 Lublin, KRS: 0000949370, NIP: 5423444066, REGON: 521051445 (hereinafter referred to as "TRIPSO").
Contact for data protection matters: privacy@tripso.ai.
2. Scope of the Policy and Our Roles
The TRIPSO Platform includes tools made available to entities in the tourism and hospitality industry (hereinafter referred to as "Customers"), including a chatbot, a content management system, a website builder, a blog engine, a review system, a booking engine, and other technical components.
With respect to data processed in connection with the use of the TRIPSO Platform, it plays two roles:
Controller – for the data of Customers and visitors to TRIPSO websites (tripso.ai);
Processor – for the data of visitors to Customer websites or users of TRIPSO tools embedded by Customers; the Controller of such data is the Customer, and TRIPSO processes it only on their instructions.
If you wish to exercise your rights regarding data processed on the Customer's instructions, please contact the Customer (website operator) directly.
3. Scope and Purposes of Processing
To the extent that TRIPSO acts as a controller, we process:
contact and registration data of Customers and persons acting on their behalf (first name, last name, position, email address, telephone number, company details) – for the purpose of concluding and performing a contract, issuing invoices, and conducting communication;
data of visitors to our websites (IP address, navigation data, contact form data, newsletter subscription data) – for the purpose of operating the website, responding to inquiries, and marketing our services;
Technical data and logs – to ensure the security and proper operation of the Platform.
Legal basis: Article 6(1)(a) of the GDPR (consent), (b) (contract), (c) (legal obligation), and (f) (legitimate interest – security, own marketing to existing customers, pursuing claims).
To the extent that TRIPSO acts as a processor, the scope and purposes of processing are specified by the Client as the controller in a data processing agreement (DPA).
4. Data Recipients
Data may be shared with:
IT infrastructure, hosting, and CDN providers;
AI model providers (including Anthropic, OpenAI, Google) – solely for the purpose of generating responses;
communication, analytics, and customer service tool providers;
accounting offices, law firms, and auditors – to the extent necessary;
public authorities – where required by law.
Each processor operates under a contract ensuring an adequate level of data protection.
5. Data Transfers Outside the EEA
Some providers (particularly AI model providers) are based outside the European Economic Area. In such cases, transfers are based on the European Commission's adequacy decisions (including the EU-U.S. Data Privacy Framework) or standard contractual clauses.
6. Retention Period
We retain your data for the period necessary to achieve the purposes for which it was collected, and after those purposes cease, for the period required by law (in particular tax regulations and statutes of limitations).
7. Your Rights
To the extent that TRIPSO is the controller of your data, you have the following rights under the GDPR: the right to access, rectify, erase, restrict processing, transfer, object, withdraw consent, and lodge a complaint with the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw, https://uodo.gov.pl).
To exercise your rights, please contact privacy@tripso.ai.
8. Automated Decision-Making
TRIPSO does not make decisions that produce legal effects or significantly affect the data subjects based solely on automated processing within the meaning of Article 22 of the GDPR. The platform uses artificial intelligence to generate content – when using the chatbot, you interact with the artificial intelligence.
9. Cookies
Our websites use cookies and similar technologies necessary for the operation of the website, for functionality, and – with the user's consent – for analytical and marketing purposes. Details and consent management are available in the cookie banner on the website. On Client websites, the Client is responsible for the consent layer.
10. Changes to the Policy
TRIPSO may update the Policy, in particular due to changes in the law, Platform functionalities, or data processing practices. The current version is always available at https://tripso.ai/privacy.
11. Contact
TRIPSO sp. z o.o., ul. Bohdana Dobrzańskiego 3, 20-262 Lublin
Email: privacy@tripso.ai