Security & Privacy

How we protect your data

A plain-language overview of the technical controls, infrastructure, and data practices behind TravelSuite — for users and clients who want the details.

Last updated: April 2026
Security Controls
🔐
Authentication
Passwords are hashed with bcrypt before storage. Sessions use short-lived JWT access tokens (15 min) and rotating refresh tokens (30 days). Stolen refresh tokens are invalidated on next use.
Active
🚦
Rate Limiting
All sensitive endpoints are rate-limited by IP address. Login: 10 attempts per 15 min. Registration: 5 per hour. Password reset: 5 per hour. Global: 300 requests per minute.
Active
🛡️
Input Validation
All POST/PUT request bodies are validated for type, length, and format before any database operation. Malformed or oversized requests are rejected before processing.
Active
🔒
Encryption in Transit
All traffic is served over HTTPS/TLS via Cloudflare. HTTP connections are automatically redirected to HTTPS. TLS 1.2+ enforced throughout.
Infrastructure
🗄️
Data Isolation
Every database query is scoped to the authenticated user's ID. No cross-user data access is possible through the API. Shared trip data is access-controlled by explicit collaborator relationship.
Active
🌐
DDoS Protection
All traffic passes through Cloudflare's global network, which provides automatic DDoS mitigation, bot detection, and edge-level threat filtering before reaching the application.
Infrastructure
💾
Nightly Backups
The full database is exported nightly to Cloudflare R2 object storage. Backups are retained for 30 days with automatic cleanup. Point-in-time restore is available via Cloudflare D1 Time Travel.
Active
🚨
Error Monitoring
All unhandled exceptions are captured by Sentry with route context and stack traces. No user data is included in error reports. Alerts are reviewed promptly.
Active
🤖
AI Controls
Users can disable AI features entirely in Settings. When AI features are used, only the data required for that specific task is sent to Anthropic's API — never your full account data.
User Controlled
Data We Collect
Data type Purpose Retention
Name & email Account identification and authentication Until account deleted
Password hash Authentication (bcrypt, never stored in plain text) Until account deleted
Trip & itinerary data Core product functionality Until account deleted
Packing list & closet Core product functionality Until account deleted
Contacts Trip collaboration and communication Until deleted by user
Session tokens Keeping you logged in securely 30 days or until logout
Phone number Optional — contact discovery only if enabled Until removed in Settings
What We Don't Do

We do not sell your data to any third party. We do not use your travel or personal data for advertising, profiling, or any purpose other than providing TravelSuite to you. We do not use tracking cookies or third-party analytics. We do not share your data with other TravelSuite users except where you explicitly invite them as trip collaborators.

TravelSuite products are ad-free. No advertiser has any influence over the product or its AI responses.

Third-Party Processors
Your Rights (GDPR)

If you are in the EU or EEA, you have the right to access, correct, or delete your personal data at any time. You can request an export of all your data or permanent deletion of your account from within the app (Settings → Account). Account deletion permanently removes all associated data after a 7-day grace period.

You also have the right to object to or restrict processing, and the right to data portability. To exercise any of these rights or to raise a concern, contact us at the address below.

Security Contact

To report a security vulnerability, raise a privacy concern, or request your data — contact us directly. We aim to respond within 48 hours.

✉️ hello@travelsuite.world