Privacy Policy

CoGo is operated by Brendan Born, a sole proprietor based in Washington State, USA, doing business as "CoGo." In this policy, "we" / "us" means CoGo and "you" means the person using the product.

We take privacy seriously. We only collect what we need to run CoGo, we don't sell your data, and you can delete your account at any time.

• Account info: your name, email address, and a password hash when you sign up.
• Trip data: anything you add to a trip — blocks, notes, travelers, budgets, photos, forwarded booking emails — so we can save and sync it across your group.
• Basic usage analytics: events like page views and feature usage via PostHog, used to improve the product.
• Contact form submissions: the name, email, and message you send us via our contact page.
• Billing info: if you subscribe, Stripe collects and stores your payment method on its own servers; we receive a customer ID and subscription status only.

We don't collect payment card numbers directly — Stripe handles all card data. We don't track you across the web. We don't sell or rent your data to advertisers, and we don't use your trip content to train AI models.

We use the data above to run the product (sync your trips, send you account emails, parse forwarded booking confirmations using Anthropic's Claude API), to communicate with you about service-related changes, and to improve CoGo over time. We never read your trip content for any other purpose.

CoGo uses the following providers to operate. Each has its own privacy practices.

• Supabase — authentication + database hosting
• Vercel — web hosting + edge functions
• Postmark — transactional email + inbound email parsing
• Anthropic — Claude API, used to extract booking fields from forwarded emails
• Stripe — payment processing for subscriptions
• PostHog — product analytics
• Mapbox — geocoding + static map images for the Map block
• Unsplash — stock imagery shown in the image picker

We keep your trip data for as long as your account is active. When you delete your account, we delete your trips, blocks, and profile from our production database within 30 days. Backup snapshots may persist for up to 60 days before being cycled out, after which the data is gone for good. We keep server logs for up to 90 days for security and debugging, and minimal billing records for as long as US tax law requires.

All traffic to CoGo is encrypted with HTTPS. Passwords are hashed by Supabase Auth using industry-standard algorithms — we never see your password. We do our best to keep your data safe, but no internet service can guarantee perfect security.

CoGo isn't designed for children under 13. We don't knowingly collect personal information from anyone under 13. If you believe a child has signed up, email us and we'll delete the account.

You can export your trip data, edit your profile, or delete your account at any time from settings. You can also email us to request a copy of the data we hold about you, or to ask us to correct or delete it. We'll respond within 30 days.

If we make meaningful changes to this policy, we'll notify active users by email before the changes take effect.

Questions about privacy? Reach us through cogo.travel/contact. We respond to every message.