Privacy Policy

Last updated: 27 April 2026

TripVice ("we", "us") is a travel meta-search service operated jointly, on a personal and non-commercial basis, by Djordje Lakicevic (Leposavic, Serbia) and Luka Djelosevic (Cacak, Serbia). For the purposes of the EU General Data Protection Regulation (GDPR) and the Serbian Law on Personal Data Protection (ZZPL), we are the joint data controllers.

For any privacy-related question or request, contact us at info@tripvice.net.

1. What we collect

TripVice is intentionally minimal. We do not require user accounts, do not use cookies, and do not run analytics or tracking scripts.

When you submit a search, we process the data you enter — origin, destination, travel dates, number of travelers, and budget — solely to forward it to our upstream travel-data providers and return results to you. We do not persist these searches in our database beyond the lifetime of the request.

Our hosting infrastructure (Railway, Vercel, Cloudflare) automatically processes your IP address as part of standard request routing, security filtering, and rate limiting. We do not link these IPs to any identity, and we do not retain them beyond the default retention of those providers.

2. Third parties we share data with

To return search results, your search query is sent to:

Duffel — flight search and pricing (see Duffel Privacy Policy).
RapidAPI / Booking.com — hotel search and pricing (see RapidAPI Privacy Policy).

Our infrastructure providers — Vercel (frontend hosting), Railway (backend hosting), and Cloudflare (DNS, domain) — process technical request data on our behalf as data processors.

When you click a "Book" button, you are redirected to a third-party site (e.g. Booking.com, GetYourGuide, the airline). Once on their site, that party is the controller of your data and their privacy policy applies.

3. Affiliate disclosure

TripVice participates, or intends to participate, in affiliate programs operated by Booking.com, GetYourGuide, Viator, and similar travel providers. When you click an outbound "Book" link and complete a booking on the partner's site, TripVice may receive a commission. This does not change the price you pay. We surface results based on price, rating, and fit — not on commission rate.

4. Legal basis for processing

We process search query data on the basis of your request to use the service (Article 6(1)(b) GDPR — performance of a service requested by the data subject). We process IP-level technical data on the basis of our legitimate interest in operating a secure, abuse-resistant service (Article 6(1)(f) GDPR).

5. Your rights

Under GDPR and ZZPL you have the right to access, correct, or delete personal data we hold about you, to object to or restrict processing, and to lodge a complaint with a supervisory authority. Because we do not maintain user accounts and do not store searches, in practice there is usually no personal data tied to you in our systems. To make a request anyway, email info@tripvice.net.

6. Children

TripVice is not directed at children under 16. We do not knowingly process personal data from children. If you believe a child has submitted data to us, contact us and we will remove it.

7. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of the page reflects the most recent change. Material changes will be highlighted on the home page for at least 30 days.