Privacy Policy

Last updated: 2026-07-10

Operator

PYNTravel is operated by:

„KOFFWARE” S.R.L.
IDNO: 1026600015511
Republica Moldova

Privacy contact: privacy@pyntravel.com

Data we process

We process account data such as email address, password hash, display name, locale, OAuth provider identifiers, email verification status, and account timestamps.

For mobile app launch updates, we also process waitlist data such as email address, optional name, platform interest, travel interest, notes, locale, and consent timestamp.

We process trip data created by users, including trip titles, dates, currencies, itinerary days, activities, locations, notes, traveler profiles, transport legs, planned budget rows, real trip expenses, analytics derived from those records, trip members, and email invitations.

Invitation flows process invitee email addresses, invitation status, role, token metadata, inviter, and accepted account when applicable.

Why we process data

We process account, trip, invitation, and payment-access data to provide and secure the service and perform our contract with users. We process limited technical and abuse-prevention data for our legitimate interests in keeping PYNTravel reliable and safe, and where required by law to meet legal obligations. We rely on consent for the mobile-app waitlist and optional analytics where consent is required; consent can be withdrawn at any time without affecting earlier processing.

Authentication and emails

The service supports password login, email verification codes, password reset emails, Google login, Apple login, and JWT authentication for the mobile API. Transactional emails are sent from no-reply@pyntravel.com with support replies directed to support@pyntravel.com.

Analytics

The website uses Umami Cloud analytics to understand page usage. The tracker is configured to respect Do Not Track and exclude URL search parameters. We do not use Umami to intentionally identify individual visitors.

Storage and retention

Account and trip data is stored while the account is active or while needed to provide the service, protect security, handle support, or meet legal obligations. Some technical records, email logs, and abuse-prevention records may be retained for a limited period after deletion.

Your rights and deletion

You can request access, correction, export, restriction, objection, or deletion by contacting privacy@pyntravel.com, using the Privacy Centre, or using the Delete Account page. We may need to verify that the requester controls the account email before acting on a request.

Third parties and international transfers

The service uses providers needed to run its features: Paddle for checkout and billing, Umami Cloud for optional analytics, Google Places for requested location autocomplete, and Google or Apple only when a user chooses those sign-in methods. It also uses hosting and email-delivery providers. Providers may process data outside your country; where required, we use an appropriate transfer mechanism and provide further information on request.

Policy changes

We update this policy before material changes to our data practices. The current version and a route for privacy requests are available on the website.

Privacy controls

Manage a privacy request

Use the Privacy Centre to request access, correction, export, restriction, objection, or deletion. We may ask you to verify account ownership first.

Open Privacy Centre