Last updated: 2026-04-25
We collect the following data when you create an account: • First and last name • Username • Email address • Phone number (optional) • Travel preferences (transport mode, departure city) • Created and saved itineraries • Published reviews • Subscription and billing data (processed by Stripe)
• Managing your user account • Providing the travel planning service • Generating itineraries using artificial intelligence • Managing subscriptions and payments • Improving our service
• Consent: for non-essential cookies and marketing communications • Contract performance: for service delivery and account management • Legitimate interest: for service improvement and security
Your data may be processed by the following third-party services: • Firebase / Google Cloud (hosting, authentication, database, transactional email delivery via Cloud Functions) — USA, Standard Contractual Clauses • Google Sign-In (OAuth authentication via a Google account) — USA, Standard Contractual Clauses. Used only if you choose to sign in with Google. • Stripe (payments and subscriptions) — USA, PCI DSS certified • Google AI / Gemini (AI itinerary generation) — USA. Only your trip criteria are sent (destination, dates, preferences); no identifying profile data is transmitted. • Google Maps Platform (map rendering, geocoding, place search) — USA, Standard Contractual Clauses • Resend (transactional emails and newsletters) — USA, Standard Contractual Clauses • Sentry (error tracking and performance monitoring) — USA, Standard Contractual Clauses. Data collected: anonymous user identifier, technical data (browser, OS, error traces). No personally identifiable information is transmitted.
• Account data: retained as long as your account is active • Payment data: retained by Stripe per their retention policy • Reviews: retained as long as your account exists, anonymized upon deletion • After account deletion: all your data is deleted within 30 days
Under the General Data Protection Regulation, you have the following rights: • Right of access: obtain a copy of your personal data • Right to rectification: correct inaccurate data • Right to erasure: delete your account and all your data • Right to data portability: export your data in JSON format • Right to object: object to the processing of your data • Right to withdraw consent: change your cookie preferences at any time • Right to lodge a complaint with the French data protection authority (CNIL, www.cnil.fr) if you believe the processing of your data does not comply with the regulation To exercise these rights, use the features available in your account (data export, account deletion) or email us at plan.odysseai@gmail.com.
• Essential cookies: required for the site to function (authentication, session) • Analytics cookies: audience measurement via Firebase Analytics (can be disabled) • Preference cookies: remembering your choices (language, theme) You can change your cookie preferences at any time via the link in the footer.
We implement appropriate technical and organizational measures to protect your data: encryption in transit (HTTPS/TLS), Firestore security rules, Firebase authentication, payment processing by Stripe (PCI DSS).
Our application contains affiliate links to partner platforms (Booking.com, Skyscanner, Trainline, Rentalcars.com, GetYourGuide). OdysseAI does not transmit any personally identifying data to these partners through affiliate links — only non-personal trip information (destination, dates) may be encoded in the URL. The commercial aspects (commissions, booking conditions) are described in the Terms of Use.
This policy may be updated. The date of the last modification is indicated below. In the event of a substantial change, you will be notified via an in-app notification.