Privacy policy

Effective date: 23rd March 2026
Last updated: 23rd March 2026

Trippi Ltd ("Trippi", "we", "us", or "our") respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our website, web application, and related services (the "Services"), including where you choose to connect third-party services such as Google Calendar or Microsoft Outlook to enable automatic mileage tracking and related features.

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@trippi.co.uk.

1. Who we are

Trippi Ltd is the controller of the personal information described in this Privacy Policy, except where we act on behalf of a business customer under a separate agreement. We are registered with the Information Commissioner's Office (ICO) as a data controller; our ICO registration number is ZC108368.

Our contact details are:

Trippi Ltd
Company number: 17103851
Welton Pumping Station, Watford Road, Welton, Daventry, Northamptonshire, NN11 2NE
Email: privacy@trippi.co.uk

2. Information we collect

We may collect and process the following categories of information:

A. Account and profile information

This may include:

  • your name;
  • email address;
  • employer or organisation name;
  • job role;
  • login credentials or authentication-related information;
  • account preferences and settings.

B. Vehicle and mileage information

This may include:

  • vehicle registration number;
  • vehicle make, model, and related vehicle details;
  • fuel type or other vehicle characteristics;
  • mileage logs;
  • trip records;
  • journey classifications;
  • journey start and end points where relevant to the Services;
  • business and personal mileage information you create or confirm in the Services.

C. Calendar connection data

If you choose to connect a calendar provider such as Google Calendar or Microsoft Outlook, we process calendar data and associated metadata needed to provide Trippi's automatic mileage tracking, trip management, and related reporting features.

D. Google user data

If you choose to connect your Google account to Trippi, we may access and process Google user data such as:

  • calendar event title;
  • event date;
  • event start and end time;
  • event location;
  • calendar identifier;
  • timezone information.

We process this data only to the extent necessary to provide the features you enable in Trippi.

We do not access attendee information, event descriptions, or recurrence metadata from Google Calendar.

E. Microsoft user data

If you choose to connect your Microsoft account, including Microsoft Outlook calendar services, we may access and process Microsoft user data such as:

  • calendar event title;
  • event date;
  • event start and end time;
  • event location;
  • calendar identifier;
  • timezone information.

We process this data only to the extent necessary to provide the features you enable in Trippi.

We do not access attendee information, event descriptions, or recurrence metadata from Microsoft Outlook calendar services.

F. Technical and usage information

We may automatically collect certain technical information when you use the Services, such as:

  • IP address;
  • browser type and version;
  • device type and identifiers;
  • operating system;
  • referring URLs;
  • pages viewed;
  • access times;
  • crash reports;
  • diagnostics and performance data;
  • security and audit logs.

G. Communications

If you contact us, we may collect:

  • the contents of your message;
  • support requests;
  • feedback;
  • survey responses;
  • and our correspondence with you.

H. Payment and billing information

If applicable, we may collect limited billing-related information directly from you or receive it from payment providers, such as:

  • billing contact details;
  • subscription status;
  • transaction references.

We do not intentionally collect special category personal data unless you voluntarily provide it and we have a lawful basis to process it.

3. How we use your information

We use personal information for the following purposes:

  • to provide, operate, maintain, and improve the Services;
  • to create and manage your account;
  • to authenticate users and secure access to the Services;
  • to generate, organise, and manage mileage logs and related reports;
  • to support automatic mileage tracking and trip-management functionality;
  • to identify, organise, classify, and present journeys and business trips;
  • to provide customer support and respond to enquiries;
  • to send administrative, service, and account-related communications;
  • to monitor performance, diagnose errors, and improve reliability;
  • to detect, investigate, and prevent fraud, abuse, security incidents, and unlawful activity;
  • to comply with legal obligations;
  • to establish, exercise, or defend legal claims;
  • to enforce our terms, policies, and agreements.

How we use Google and Microsoft connected calendar data

If you connect Google Calendar or Microsoft Outlook calendar services to Trippi, we use that connected calendar data only to provide or improve Trippi's user-facing features, including:

  • automatic mileage tracking;
  • trip detection;
  • trip classification;
  • journey organisation;
  • mileage record creation;
  • reporting;
  • customer support directly related to the Services.

This use is based on calendar information such as event title, date, time, location, calendar identifier, and timezone information necessary to support those features.

We request only the Google and Microsoft permissions reasonably necessary to provide these features.

We do not use connected calendar data:

  • for advertising;
  • to sell to third parties;
  • for data brokerage;
  • for unrelated analytics purposes;
  • for credit-worthiness or lending decisions;
  • for any purpose unrelated to Trippi's user-facing features;
  • to train generalised artificial intelligence or machine learning models.

If we materially change how we use Google user data or Microsoft user data, we will update this Privacy Policy before making that change and, where required, notify users and obtain any necessary consent.

4. Our legal bases for processing

Where UK GDPR or EU GDPR applies, we rely on one or more of the following legal bases:

  • Performance of a contract - where processing is necessary to provide the Services you request.
  • Legitimate interests - where processing is necessary for our legitimate interests, such as operating, securing, and improving the Services, provided those interests are not overridden by your rights.
  • Legal obligation - where processing is necessary to comply with applicable law.
  • Consent - where required by law, or where we rely on your permission, such as when you choose to connect certain third-party integrations.

Where we rely on consent, you may withdraw it at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

5. How we share your information

We may share personal information with:

A. Service providers

We may share information with trusted service providers who process information on our behalf for purposes such as:

  • hosting and cloud infrastructure;
  • data storage;
  • analytics;
  • email delivery;
  • customer support;
  • security and fraud prevention;
  • payment processing;
  • product maintenance and development.

These providers are permitted to process personal information only as necessary to provide services to us and under appropriate contractual protections.

B. Professional advisers

We may share information with lawyers, auditors, insurers, accountants, and other professional advisers where necessary.

C. Legal and regulatory disclosures

We may disclose information where required to do so by law, regulation, court order, legal process, or governmental request, or where necessary to protect rights, safety, security, or property.

D. Corporate transactions

We may share or transfer information in connection with a merger, acquisition, financing, reorganisation, sale of assets, or similar transaction, subject to appropriate confidentiality and legal safeguards.

We do not sell your personal information.

Sharing of Google and Microsoft connected calendar data

We do not sell, transfer, or disclose Google user data or Microsoft user data to third parties except:

  • to service providers acting on our behalf where necessary to host, secure, maintain, or support the Services;
  • where necessary for security purposes, such as investigating abuse, fraud, bugs, or technical incidents;
  • where required to comply with applicable law, regulation, legal process, or enforceable governmental request;
  • in connection with a merger, acquisition, or sale of assets, where legally permitted and subject to appropriate protections.

We do not share Google user data or Microsoft user data with third parties for advertising, marketing, profiling, resale, or any unrelated commercial purpose.

6. Third-party integrations and connected accounts

The Services may allow you to connect third-party services such as Google Calendar or Microsoft Outlook.

If you choose to connect a third-party account:

  • you authorise us to access and process the data made available through that integration in accordance with this Privacy Policy;
  • we will use that data only for the purposes described in this Privacy Policy and only to the extent needed for the features you enable;
  • your use of the third-party service remains subject to that provider's own terms and privacy policy.

You can usually disconnect a third-party integration through your Trippi account settings or through the third party's account permissions controls.

7. Retention

We retain personal information only for as long as necessary for the purposes described in this Privacy Policy, including to:

  • provide the Services;
  • maintain records;
  • comply with legal, tax, accounting, and regulatory obligations;
  • resolve disputes;
  • enforce our agreements.

Retention periods vary depending on the type of information, the nature of the Services provided, and our legal obligations.

Retention of Google and Microsoft connected calendar data

If you connect Google Calendar or Microsoft Outlook calendar services, we retain connected calendar data only for as long as necessary to provide the Services, maintain mileage records and reports, comply with legal obligations, resolve disputes, and enforce our agreements.

If you disconnect your Google or Microsoft account from Trippi, we will stop collecting new calendar data from that account. You may also request deletion of previously stored connected calendar data by contacting privacy@trippi.co.uk, and we will delete it unless we are legally required to retain it.

8. Security

We implement appropriate technical and organisational measures designed to protect personal information against unauthorised or unlawful access, destruction, loss, alteration, or disclosure.

These measures may include:

  • encryption in transit;
  • encryption at rest where appropriate;
  • role-based or least-privilege access controls;
  • authentication safeguards;
  • logging and monitoring;
  • security testing and review;
  • restrictions on access to personal information by authorised personnel only.

Security of connected calendar data

We protect Google user data and Microsoft user data in accordance with applicable legal requirements and platform requirements, including taking reasonable and appropriate steps to protect such data and any data derived from it against unauthorised or unlawful access, use, destruction, loss, alteration, or disclosure.

However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

9. Human access to connected calendar data

We do not allow humans to read Google user data or Microsoft user data except where:

  • it is necessary to provide support you have requested;
  • it is necessary for security purposes, such as investigating abuse, fraud, bugs, or technical issues;
  • it is necessary to comply with applicable law or legal process;
  • you have otherwise given us your affirmative consent.

Any such access is limited to authorised personnel and only where necessary for the relevant purpose.

10. International data transfers

Your personal information may be processed in countries outside the UK or European Economic Area, including countries that may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal information internationally, we take appropriate steps to ensure that suitable safeguards are in place, such as:

  • adequacy regulations;
  • standard contractual clauses;
  • or other lawful transfer mechanisms.

11. Your rights

Depending on your location and applicable law, you may have the right to:

  • access the personal information we hold about you;
  • request correction of inaccurate or incomplete information;
  • request deletion of your personal information;
  • request restriction of processing;
  • object to certain processing;
  • request portability of certain information;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with a supervisory authority.

To exercise your rights, please contact us at privacy@trippi.co.uk.

We may need to verify your identity before responding to a request.

12. Cookies and similar technologies

We may use cookies and similar technologies to:

  • keep the Services functioning;
  • remember preferences;
  • understand usage;
  • improve performance;
  • support security and fraud prevention.

Where required by law, we will request your consent before using non-essential cookies or similar technologies.

You can usually control cookies through your browser settings.

13. Children's privacy

The Services are not directed to children, and we do not knowingly collect personal information from children.

If you believe that a child has provided personal information to us, please contact us and we will take appropriate steps to investigate and, where appropriate, delete that information.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

When we do, we will post the updated version on this page and update the "Last updated" date above. Where appropriate, we may also notify you by email, through the Services, or by other reasonable means.

If we change how we access, use, store, or share Google user data or Microsoft user data in a materially different way from what is described in this Privacy Policy, we will update this Privacy Policy before making that change and, where required, notify users and obtain any necessary consent before using that data for the new purpose.

15. Contact us

If you have any questions, concerns, or requests relating to this Privacy Policy or our processing of personal information, please contact:

privacy@trippi.co.uk

or write to:

Trippi Ltd
Welton Pumping Station, Watford Road, Welton, Daventry, Northamptonshire, NN11 2NE