Effective date: 20 April 2026
Take Off Go Pty Ltd (“we”, “us”, or “our”) operates the Travalet iOS application and the travalet.app website (collectively, the “Service”). This Privacy Policy explains what information we collect, how we use it, and your rights.
If you have questions, contact us at privacy@travalet.app.
1. The short version
- Your itinerary data lives on your device and syncs via your iCloud account — not our servers.
- We do not have a Travalet account system, and we never ask for your name, password, or Apple ID.
- To route forwarded bookings to the right device, you register and verify the email addresses you forward from. We store those addresses on our relay alongside your device’s push token. You can remove them at any time in Settings → Travel Addresses.
- When you forward a booking email to trips@travalet.app, we parse it, deliver the structured data to your device, and delete the email. We retain parsed data for up to 30 days for delivery retry purposes only.
- We use a third-party AI model (Anthropic Claude) to parse email content. Anthropic retains submitted content for up to 30 days per their data retention policy.
- We do not sell your data. We do not run advertising.
2. Information we collect
2.1 Email parsing
When you forward a booking confirmation to trips@travalet.app, our relay service receives the email, extracts the booking details using an AI model, and delivers the structured data as a push notification to your device. The raw email content is not stored after parsing is complete.
We retain the parsed booking data (not the raw email) for up to 30 days in case delivery to your device needs to be retried. After 30 days, this data is permanently deleted.
2.2 Device registration
To deliver parsed bookings to your device, our relay stores:
- A push notification token provided by Apple’s APNs service.
- A device identifier that you generate within the app.
- The email addresses you have registered and verified in Settings → Travel Addresses, used solely to match forwarded bookings to your device. Each address is verified by sending a one-time code to it. Addresses are stored until you remove them in the app, or until you unregister the device or uninstall the app.
We do not collect your name, password, Apple ID, or any other personally identifying information, and we do not store the contents of your iCloud-synced trips.
2.3 Usage analytics
We may collect anonymised, aggregated usage metrics (such as the number of emails parsed per day) to understand how the Service is used. This data cannot be linked to an individual device or person.
2.4 Website
The travalet.app website uses standard web server logs that may include your IP address, browser type, and the pages you visit. These logs are retained for a maximum of 30 days and are used only for security monitoring and diagnosing technical issues.
3. How we use your information
We use your information only to:
- Parse booking emails and deliver itinerary data to your device (performing the Service)
- Retry failed push deliveries (legitimate interest)
- Investigate security incidents (legitimate interest)
- Comply with legal obligations
We do not use your information for advertising, profiling, or sale to third parties.
4. Third-party services
4.1 Anthropic Claude (AI model)
Email content submitted for parsing is sent to Anthropic’s API. Anthropic may retain submitted content for up to 30 days for trust and safety purposes, after which it is deleted. Anthropic does not use submitted content to train their models without explicit consent. See Anthropic’s privacy policy for details.
4.2 Apple iCloud
Your itinerary data syncs between your devices via Apple CloudKit. Apple’s privacy policies govern that data. We do not have access to data stored in your iCloud account.
4.3 Cloudflare
Our relay service runs on Cloudflare Workers. Cloudflare may process network traffic data in accordance with their privacy policy.
5. Data retention
| Data type | Retention period |
|---|---|
| Raw forwarded email content | Deleted after parsing (typically within seconds) |
| Parsed booking data (for delivery retry) | 30 days |
| Device push tokens | Until you unregister the device or uninstall the app |
| Registered sender email addresses | Until you remove the address in the app, or unregister the device |
| Website server logs | 30 days |
6. Your rights
Depending on your location, you may have rights to access, correct, delete, or port your personal data. We hold minimal data and never collect your name or Apple ID, so most requests can be handled by removing the relevant records from our relay.
If you’ve registered email addresses with the relay, you can exercise access or erasure against those records by removing the address in Settings → Travel Addresses (which deletes it from our systems), or by emailing privacy@travalet.app from one of those addresses. Otherwise, email us with your device identifier (shown in the app’s Settings screen) and we will delete the associated push token.
7. Children
The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13.
8. Changes to this policy
We will post any changes to this policy on this page and update the effective date. For material changes, we will notify you via an in-app notice.
9. Contact
Take Off Go Pty Ltd
ABN 15 634 608 567
Melbourne, Victoria, Australia
privacy@travalet.app