Privacy Policy

Last updated: 15 March 2025

Trilo Ltd ("Trilo", "we", "us") is committed to protecting your privacy. This policy explains what information we collect, how we use it and what rights you have over your data.

1. Information we collect

We collect the following information when you use Trilo:

  • Account information - your name, email address and password when you sign up.
  • Child information - your child's first name, age and suburb, used only to personalise activity recommendations.
  • Booking information - details of trial packs purchased, sessions booked and class history.
  • Payment information - payment is processed by Stripe. Trilo does not store your card details.
  • Usage data - pages visited and actions taken on the platform, used to improve the service.
  • Communications - messages you send to us and reviews you submit.

2. How we use your information

  • To create and manage your account.
  • To process bookings and payments.
  • To send booking confirmations and session reminders by email.
  • To personalise activity recommendations for your child.
  • To improve the Trilo platform and fix issues.
  • To comply with legal obligations.

We do not sell your personal data to third parties. We do not use your data for advertising.

3. Who we share data with

We share limited information with the following third parties in order to operate the platform:

  • Activity providers - your name, child's name and age, and contact details are shared with the provider when you book a trial pack.
  • Stripe - for payment processing. Stripe's privacy policy applies to payment data.
  • Supabase - our database provider. Data is stored in secure servers.
  • Resend - for transactional emails.
  • Anthropic - your messages to our AI advisor are processed by Claude. No personal data is retained by Anthropic.

4. Children's privacy

Trilo is designed for parents to book activities on behalf of their children. We do not knowingly collect personal data directly from children under 13. All accounts must be created by a parent or guardian aged 18 or over.

5. Data retention

We retain your account data for as long as your account is active. If you delete your account your personal data is removed within 30 days. Booking records may be retained for up to 7 years for accounting and legal compliance purposes.

6. Your rights

Under New Zealand privacy law you have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Request deletion of your data.
  • Withdraw consent for optional data uses.

To exercise any of these rights email us at [email protected].

7. Cookies

Trilo uses essential cookies to keep you logged in. We do not use advertising or tracking cookies.

8. Security

We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Supabase, and access controls. No method of transmission over the internet is 100% secure and we cannot guarantee absolute security.

9. Changes to this policy

We may update this policy from time to time. We will notify you by email of significant changes. The latest version is always available at trilo.nz/privacy.html.

10. Contact

Privacy questions? Email