Privacy Policy

Tribello helps families discover and plan activities. We take your privacy — and your children’s — seriously. This policy explains what we collect, why, your rights under the GDPR and applicable laws, and how to exercise them.

Who we are

The data controller is Tribello (operated by UpCapital). Contact us anytime at ceo@theupcapital.com.

What we collect

• Account: first name, last name, email, password (hashed by our auth provider).
• Family profile (optional): children’s first names, ages/birthdays, interests — provided by you, the parent.
• Usage: activities you view, save or book; searches; day plans.
• Payments: handled by Stripe — we never store full card details.
• Communications: messages you send us (feedback, invites, reviews).

Why we use it (lawful basis)

• Contract: to provide the service, your account, bookings and subscription.
• Consent: for optional family profiles, marketing emails and non-essential cookies.
• Legitimate interests: to improve and secure the product, and prevent abuse.
• Legal obligation: tax, accounting and responding to lawful requests.

Children’s data

Tribello is for parents and guardians, not children. Any information about a child is entered by the responsible adult, who confirms they have authority to provide it. We collect the minimum needed (e.g. age to match age-appropriate activities) and never target advertising to children. You can delete a child’s profile at any time.

Who we share with

Only trusted processors who help us run Tribello: Supabase (database/auth), Stripe (payments), Resend (email), and hosting providers. We do not sell your personal data.

Your rights

You can, at any time:

• Access a copy of your data, or correct it
• Delete your account and data (right to erasure)
• Export your data (portability)
• Object to or restrict processing, and withdraw consent
• Lodge a complaint with your data protection authority

To exercise any right, email ceo@theupcapital.com and we’ll respond within 30 days.

Retention

We keep your data while your account is active and delete it (or anonymise it) within 30 days of account closure, unless we must keep records for legal reasons.

Cookies & storage

We use essential storage to keep you signed in and remember preferences. Any analytics or non-essential cookies are only set with your consent (see the cookie banner).

Affiliate links

Some recommendations link out to retailers (e.g. Amazon, Noon, Mumzworld). When you buy through those links, Tribello may earn a small commission at no extra cost to you. Affiliate links are marked (affiliate) and never change what we recommend — recommendations come from your child's profile, favourites and our editorial picks, full stop.

International transfers

Where data is processed outside your country, we rely on appropriate safeguards such as Standard Contractual Clauses.

This policy is provided for transparency and is not legal advice. Please have it reviewed by qualified counsel for your launch markets (UAE PDPL, Canada PIPEDA, EU/UK GDPR) before going live.