Privacy Policy

Travis is built to live with you, on your computer — not on a server somewhere. Most of your work never leaves your device. This page describes exactly what we collect when you go beyond your computer (sign up, sync, or subscribe), how we use it, and the rights you have over it.

Who we are

Travis is operated by myketheguru ("Travis", "we", "us"). You can reach us at hello@usetravis.com. If you live in the EU, we are your data controller for the purposes of GDPR. If you live in the UK or California, the equivalent roles under UK GDPR and the CCPA apply.

What stays on your computer

By default — and always for the free desktop app — the following stays on your device and nowhere else:

• Your conversations, notes, captures, and reminders
• The picture Travis builds of your work over time
• Sign-in credentials for any connected services
• Documents you bring in, including their contents
• Anything Travis observes about how you're doing

None of this is transmitted to us or to any third party unless you take an explicit action — signing up for the subscription, syncing a document, or sending an email.

What we collect when you sign up

A Travis subscription requires an account. We hold the minimum required to run that account:

• Account record: email, name, sign-in method, plan, when you joined
• Subscription state: your current plan and billing status
• Usage records: the number of times Travis acted on your behalf and how much each cost — used to enforce your plan and bill correctly
• Connected accounts: if you sign in with Google, we keep your basic profile and a stored link that lets you sign back in without re-consenting
• Synced documents: only what you mark for sync, stored encrypted
• Audit log: sign-ins, plan changes, support actions — kept for security and compliance

What we never collect

• The contents of what you ask Travis or what it tells you back
• Your notes, captures, or memory (unless explicitly synced)
• Wellbeing observations — these stay on your device
• Sensitive sign-in details in plaintext (always stored encrypted)
• Your contacts (unless you've connected an address book yourself)

Cookies and tracking

Our marketing site sets no cookies by default. We do not run third-party tracking pixels, profiling analytics, or advertising trackers. See the full Cookie Policy for the small handful of technical exceptions.

Email

We send transactional email: sign-in links, plan-change confirmations, billing receipts, and security notices. We don't send marketing email without a separate opt-in. You can unsubscribe from optional emails at any time. Transactional emails are required to operate the service and can't be opted out of.

Who else processes your data

We work with a small number of vendors to deliver the service:

• Cloudflare — hosting and storage. Data encrypted at rest and in transit.
• Anthropic — provides the underlying intelligence for paid plans.
• Stripe — payment processing. We never see your full card number.
• Resend — sends transactional email.
• Google — only if you choose to sign in with Google or connect Calendar / Gmail.

We do not sell personal data. We do not share data with advertisers. We do not use your data to train any model.

How long we keep things

• Account records: while your account is active; deleted within 30 days of closure
• Usage records: 18 months for billing-dispute resolution, then deleted
• Audit log: 24 months for security investigation, then deleted
• Synced documents: while your account is active; deleted within 30 days of closure
• Local data on your device: until you delete the app or wipe its data

Your rights

Regardless of where you live, you can:

• Access a copy of the data we hold about you — email us
• Correct any inaccurate data — most fields are editable in the app
• Delete your account and all associated cloud data — in settings
• Export your data in a portable format
• Withdraw consent at any time
• Object to processing for any legitimate-interest purpose
• Lodge a complaint with your local supervisory authority

For EU residents, the legal bases for processing are: contract (running the service you signed up for), legitimate interest (security and abuse prevention), and consent (optional features). For California residents, we treat your personal information consistent with the CCPA — we do not sell or share it for cross-context behavioral advertising.

Security

Everything in transit is encrypted. Everything at rest is encrypted. Your sign-in sessions are short-lived and can be revoked instantly. Only essential staff have production access today, and every administrative action is recorded.

If you discover a security issue, please email security@usetravis.com. We respond to reports within 72 hours and credit responsible disclosure with your permission.

Children

Travis is not directed to children under 13. We do not knowingly collect personal information from anyone under that age. If you believe a child has signed up, email hello@usetravis.com and we will delete the account.

International transfers

Travis runs on a global hosting network. Data may be processed in any region that network operates in. When data moves out of the EEA, we rely on Standard Contractual Clauses as the transfer mechanism.

Changes to this policy

We will post material changes to this policy at least 30 days before they take effect, both here and by email to existing accounts. The "Last updated" date at the top always reflects the most recent version.

Contact

Privacy questions, requests, or complaints: privacy@usetravis.com. General questions: hello@usetravis.com.