Travelist
DestinationsEventsFlightsHotels
Sign inStart a trip
  • Destinations
  • Events
  • Flights
  • Hotels
  • Sign in
  • Start a trip

Legal

Privacy Policy

Last updated: 28 June 2026

Travelist helps groups plan trips, shortlist destinations, and book flights and hotels together — without losing the thread in the group chat. This policy explains what personal data we collect, why we collect it, who we share it with, and the rights you have over it. It applies to our website at thetravelist.uk and the Travelist mobile app (together, the “Service”).

The short version

  • We collect what we need to run your account, plan trips with your group, and complete bookings — nothing we don’t.
  • We never sell your personal data.
  • Card payments are handled by Stripe; we don’t store your full card number.
  • You can access, correct, export, or delete your data at any time — see Your rights.

On this page

  1. 1. Who we are
  2. 2. Information we collect
  3. 3. How we use your information
  4. 4. Our legal bases
  5. 5. How we share your information
  6. 6. Cookies & analytics
  7. 7. International data transfers
  8. 8. How long we keep your data
  9. 9. Keeping your data secure
  10. 10. Your rights
  11. 11. Children
  12. 12. Third-party links
  13. 13. Changes to this policy
  14. 14. Contact us

1. Who we are

Travelist is a trading name of AGBO Ventures Ltd (“Travelist”, “we”, “us”, or “our”), the company that provides the Service. For the purposes of UK data protection law — including the UK GDPR and the Data Protection Act 2018 — AGBO Ventures Ltd is the “data controller” of the personal data described in this policy. Our registered details are in Contact us.

2. Information we collect

Information you give us

  • Account details. When you sign up we collect your email address. You can sign in with a magic link sent to your email, or with your Apple or Google account.
  • Profile details. Your name, home airport, preferred currency, and any profile photo you add.
  • Traveller & passport details. To complete a booking we collect details such as your given name, family name, title, date of birth, and gender. You enter these once and reuse them across bookings.
  • Payment details. When you book, your card payment is processed by Stripe. We receive confirmation and limited details (such as the last four digits and card type) but we do not store your full card number.
  • Trip & group content. Groups you create or join, destinations you save or shortlist, votes and preferences, chat messages you send within a group, and your bookings. Content you share in a group is visible to other members of that group.
  • Communications. Anything you send us when you contact support or give feedback.

Information we collect automatically

  • Usage data.How you interact with the Service — pages and screens you view, features you use, and actions you take — collected through our analytics provider, PostHog.
  • Device & technical data. Information such as your device type, browser, approximate location inferred from your IP address, and identifiers needed to keep you signed in.
  • Diagnostic data. If something breaks, we collect error and crash reports (through Sentry) to diagnose and fix it.

Information from third parties

  • Sign-in providers. If you sign in with Apple or Google, we receive basic profile information such as your name and email address, in line with the permissions you grant.
  • Other group members. When someone invites you to a trip, we receive the information needed to add you to that group.

3. How we use your information

We use your personal data to:

  • create and manage your account and keep you signed in;
  • let you plan trips, build shortlists, vote, chat, and coordinate with your group;
  • search for and complete flight and hotel bookings, and process payments and refunds;
  • send you booking confirmations and service-related messages;
  • provide customer support and respond to your requests;
  • keep the Service secure, prevent fraud and abuse, and debug problems;
  • understand how the Service is used so we can improve it; and
  • comply with our legal and regulatory obligations.

4. Our legal bases

Under the UK GDPR we only process your personal data where we have a lawful basis to do so. Depending on the activity, our basis is one of the following:

  • Performance of a contract— to provide the Service you have asked for, including managing your account and completing your bookings.
  • Legitimate interests— to secure, maintain, analyse, and improve the Service, and to prevent fraud, provided your rights do not override those interests.
  • Consent— for optional analytics cookies and any marketing messages. You can withdraw consent at any time.
  • Legal obligation— where we must keep records (for example, financial records) or respond to lawful requests.

5. How we share your information

We never sell your personal data. We share it only as needed to run the Service:

  • Members of your groups see the trip content, messages, votes, and preferences you contribute to those groups.
  • Travel suppliers and booking partners— such as airlines and hotels — receive the traveller details needed to fulfil a booking you make.
  • Service providers (processors) who operate the Service on our behalf under contract, including:
    • Supabase — account, authentication, and database hosting;
    • Stripe — payment processing;
    • PostHog — product analytics (EU-hosted);
    • Sentry — error and crash diagnostics;
    • Apple and Google — sign-in, where you choose to use them.
  • Authorities and advisers where we are required to by law, or to protect our rights, users, or the public.
  • A buyer or successor if Travelist is involved in a merger, acquisition, or sale of assets, subject to this policy.

6. Cookies & analytics

We use cookies and similar technologies to keep you signed in, to remember your preferences, and — with your consent — to understand how the Service is used. Strictly necessary cookies (for example, your authentication session) are required for the Service to work. You can control non-essential cookies through your browser settings or any cookie controls we provide.

7. International data transfers

Some of our service providers may process your data outside the United Kingdom. Where they do, we make sure appropriate safeguards are in place — such as UK adequacy regulations, the UK International Data Transfer Agreement, or the EU Standard Contractual Clauses with the UK Addendum — so your data stays protected to UK standards.

8. How long we keep your data

We keep your personal data for as long as your account is active and for a reasonable period afterwards. Some records — such as booking and payment records — are kept longer where we need them to meet legal, accounting, or regulatory obligations. When data is no longer needed, we delete it or anonymise it.

9. Keeping your data secure

We use appropriate technical and organisational measures to protect your personal data, including encryption in transit, access controls, and trusted infrastructure providers. No method of transmission or storage is completely secure, so we cannot guarantee absolute security — but we work to protect your data and to notify you and the relevant authority if a reportable breach occurs.

10. Your rights

Under UK data protection law you have the right to:

  • access a copy of the personal data we hold about you;
  • ask us to correct inaccurate or incomplete data;
  • ask us to delete your data in certain circumstances;
  • restrict or object to how we process your data;
  • receive your data in a portable format, or have it transferred to another provider;
  • withdraw consent at any time, where we rely on consent; and
  • complain to a supervisory authority.

To exercise any of these rights, contact us at hey@agboventures.com. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, though we’d appreciate the chance to put things right first.

You can also delete your account and its associated data yourself — see Delete your account.

11. Children

The Service is intended for adults and is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Third-party links

The Service may link to third-party websites and services we don’t control — including travel suppliers and maps. This policy doesn’t cover their practices, so we encourage you to read the privacy policies of any third party you interact with.

13. Changes to this policy

We may update this policy from time to time. When we make material changes, we’ll update the “Last updated” date above and, where appropriate, let you know through the Service. Please check back periodically.

14. Contact us

If you have questions about this policy or how we handle your data, get in touch:

Data controller
AGBO Ventures Ltd (trading as Travelist)
Email
hey@agboventures.com
Registered office
Flat 53, Fairlie House, 76 Brunner Road, E17 7GA
Company number
16788082

Travelist

Holiday out of the group chat.

Plan

  • Destinations
  • Events
  • Flights
  • Hotels

Account

  • Sign in
  • Create account
  • Delete account

Company

  • About
  • Privacy
  • Terms
© 2026 Travelist