Privacy Policy

Tellvara — tellvara.com

Last updated: 11 March 2026

Tellvara is built to do one thing: help you plan a trip, quickly. To do that, we collect as little data as possible. We do not sell your personal data to any third party, ever. This page explains exactly what we collect, why we collect it, who can access it, and what you can do about it. No legal maze. Just the facts.

Who we are

Tellvara is operated by Jeffrey Koolbergen, based in the Netherlands.

If you have any questions about this policy or want to exercise your rights, contact us at hello@tellvara.com.

What we collect and why

Email address — waitlist signup If you join the Tellvara waitlist, we collect your email address. We use it to send you occasional updates on new features and to notify you when Tellvara's upcoming booking feature becomes available — the ability to book flights, hotels, and activities directly through the app. We do not use it for any other purpose (for example, we will never send you marketing unrelated to Tellvara, and we will never share it with third parties for their own marketing).

You can withdraw your consent and be removed from the waitlist at any time by emailing hello@tellvara.com or by clicking the unsubscribe link in any email we send you.

Legal basis: Consent.

Email address and hashed password — account registration If you create a Tellvara account, we store your email address and a hashed (non-reversible) version of your password. We use these to authenticate you when you sign in. Your password is never stored in readable form.

Legal basis: Contract. We need this data to provide the service you have signed up for.

What we process but do not store on our servers

Your travel requests and chat messages When you type a destination or travel request into Tellvara — including in the conversational chat or the in-app support chat — that text is sent to Anthropic's Claude API to generate your travel plan or response. We do not store these messages on our servers. However, the app stores your original trip message locally on your device as part of your saved trip, so that Tellvara can compare plans and generate new versions based on your original request. This message is deleted from your device automatically when you delete the associated saved trip.

Anthropic processes this data in accordance with their Terms of Service and Privacy Policy, available at anthropic.com/privacy.

Your generated travel plans Your generated travel plans are stored on our servers so that you can access them across devices and sessions. Each plan is linked to your account and stored in our database on Railway. You can delete any plan at any time from within the app — deletion removes the plan from our servers immediately. The full day-by-day plan content (activities, journey legs, accommodation, cost estimates) is stored; your original request message is stored locally on your device only.

Password reset codes When you request a password reset, a temporary 6-digit code is generated and stored on our servers for 15 minutes. It is deleted automatically once used or once it expires. Only a hashed (non-reversible) version of the code is stored — never the code itself.

Third-party services

Tellvara uses a small number of third-party services to operate. Each one is listed here with what data it handles.

Anthropic Anthropic processes your travel requests, chat messages, and support chat messages via the Claude API. These are not stored by us after a response is returned. See Anthropic's privacy policy at anthropic.com/privacy.

Resend Resend handles two types of email on behalf of Tellvara: waitlist notification emails (your email address is stored in Resend's audience for this purpose) and transactional password reset emails (your email address is passed to Resend to deliver the reset code, but not stored as an audience contact). Resend is a US-based provider; EU data transfers are covered by Standard Contractual Clauses.

Railway Our server infrastructure runs on Railway, a US-based cloud provider. Account data (email address and hashed password) and generated travel plans for signed-in users are stored on Railway's servers. EU data transfers are covered by Standard Contractual Clauses.

Google Places When generating your travel plan, our server queries the Google Places API to enrich results with photos, ratings, and place information. No name, email, or account details are shared with Google as part of this process.

Cloudflare Cloudflare provides our content delivery network (CDN) and web analytics. As a CDN, Cloudflare processes network traffic including IP addresses in transit — this is standard for any CDN. Cloudflare Web Analytics does not track individual users, uses no cookies, and collects no personal data — it provides aggregate traffic information only.

Paddle Payments for credit packs are processed by Paddle, our payment processor and Merchant of Record. When you make a purchase, Paddle collects and processes your payment card details and billing information directly — we do not see or store your card details. Paddle acts as an independent data controller for payment data. Paddle's privacy policy is available at paddle.com/legal/privacy.

Commission Junction and booking partners When you click a booking link in your travel plan (for hotels, flights, or activities), you are redirected to a partner booking site — such as Booking.com, Skyscanner, or Viator — via Commission Junction's affiliate network. At the point of that click, Commission Junction and/or the booking partner may place a cookie on your device to track the referral. We receive a commission if you complete a booking. No personal data from your Tellvara account is shared with Commission Junction or booking partners as part of this process. Commission Junction's privacy policy is available at cj.com/legal/privacy-uk.

Cookies and tracking

Tellvara itself does not set cookies.

When you click a booking link in your travel plan, Commission Junction (our affiliate network) and the destination booking site may place cookies on your device to track the referral. These cookies are set by the third-party site at the moment of your click — not by Tellvara. You can manage or block these cookies in your browser or device settings at any time.

Cloudflare Web Analytics, which we use to understand traffic to tellvara.com, does not track individual users, uses no cookies, no tracking pixels, and no fingerprinting.

Data storage and security

Account data (email address and hashed password) and generated travel plans for signed-in users are stored on Railway's servers with access controls in place. Waitlist email addresses are stored with Resend, a US-based provider; EU transfers are covered by Standard Contractual Clauses. All passwords are hashed before storage — they are never readable by us or anyone else. All data in transit is encrypted via HTTPS.

How long we keep your data

Waitlist email address — kept for as long as you remain subscribed to waitlist communications. You can request removal at any time by emailing hello@tellvara.com or clicking the unsubscribe link in any email we send, after which your address is removed within 30 days.

Account data (email + hashed password) — kept for as long as your account is active. To request account deletion, email hello@tellvara.com. Your account will be scheduled for deletion and permanently removed from our systems within 30 days. If you log back in within that 30-day window your account will be reinstated.

Travel requests and chat messages — not stored on our servers. Your original trip message is stored on your device as part of your saved trip and deleted when you delete that trip.

Generated travel plans — stored on our servers and linked to your account; deleted immediately when you delete a plan; deleted within 30 days of account deletion request.

Password reset codes — stored on our servers for 15 minutes, then deleted automatically.

Your rights

European Union and EEA (GDPR)

If you are based in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR).

Right of access — You can request a copy of the personal data we hold about you.

Right to erasure — You can ask us to delete your data. To delete your account and all associated data, email hello@tellvara.com. We will complete your request within 30 days.

Right to data portability — You can request your data in a structured, machine-readable format.

Right to withdraw consent — Where processing is based on consent (waitlist signup), you can withdraw that consent at any time by emailing hello@tellvara.com or by clicking the unsubscribe link in any email we send.

Right to object — You can object to processing carried out under legitimate interests.

Right to lodge a complaint — If you believe we are handling your data unlawfully, you have the right to lodge a complaint with your national data protection authority. A full list of EU data protection authorities is available at edpb.europa.eu. In the UK, contact the ICO at ico.org.uk.

To exercise any of these rights, email hello@tellvara.com. We will respond within 30 days.

California (CCPA)

If you are a California resident, you have the right to know what personal data we collect, to request its deletion, and to opt out of the sale of your personal data. We do not sell personal data. To exercise any of these rights, email hello@tellvara.com.

Minimum age

Tellvara is intended for users who are 18 years of age or older. We do not knowingly collect data from anyone under 18. If you believe a person under 18 has provided us with personal data, contact us at hello@tellvara.com and we will delete it promptly.

Changes to this policy

We may update this policy from time to time. For minor changes (such as clarifications or updates to third-party service descriptions), we will update the "Last updated" date at the top of this page. For material changes — changes that affect what data we collect, how we use it, or your rights — we will notify registered users by email before the change takes effect, giving you a reasonable period to review the updated policy.

Contact

Questions about this policy, or requests to exercise your rights:

Email: hello@tellvara.com
Data controller: Jeffrey Koolbergen, Netherlands

Tellvara — tellvara.com