Privacy Policy

1. Introduction

TravelTracker ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our travel tracking application and related services ("Service").

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) for European users and the California Consumer Privacy Act (CCPA) for California residents.

2. Information We Collect

2.1 Personal Information You Provide

• Account Information: Name, email address, password (encrypted), avatar images
• Account Type: Your subscription tier (Explorer for free accounts, Adventurer for premium accounts), subscription status and billing cycle. We track your account type to determine feature access, enforce storage limits, and manage subscription benefits.
• Profile Data: Home location coordinates (optional), account preferences, onboarding information
• Travel Content: Trip details, location visits, personal notes and descriptions
• Journal Entries: Journal entry text content (plain text format), entry dates and associated locations (optional but recommended), links to visited locations and photos, word count limits (500 characters for Free users, unlimited for Premium users). Journal entries are stored as part of your trips and are visible to anyone with access to the trip (via share links or co-ownership).
• Photos and Media: Travel photos with metadata including location data (if provided), timestamps, and descriptions
• Payment Information: Subscription management and entitlement verification are handled by RevenueCat. On the web, payment information is processed securely by Stripe via RevenueCat (we do not store credit card details). On iOS and Android, payments are processed through Apple In-App Purchases and Google Play Billing respectively. We also collect subscription status and billing history, payment failure records, and payment alert dismissal tracking (to prevent notification fatigue). Payment data is retained for 7 years for legal and tax compliance.
• Badges and Achievements: Badges awarded to your account, progress toward earning badges, achievement dates and milestones. We use this data to provide gamification features, encourage engagement, and recognize your travel accomplishments. Badge data is private and only visible to you.
• Communication Data: Messages sent through our support channels

2.2 Automatically Collected Information

When you access TravelTracker, we automatically collect:

Login and Security Information:

• IP address and general location (city, region, country, coordinates)
• Device and browser details (user agent, operating system, browser type)
• Login timestamps and success/failure status
• Failed login attempt reasons (incorrect password, account locked, etc.)
• Active session information (session IDs, last activity times)

We use ip-api.com to convert your IP address to location data for security monitoring and fraud prevention. Login information is retained for 24 months to maintain security records and detect suspicious patterns, after which it is automatically deleted. Rate limiting is applied per IP address to prevent brute force attacks.

We do not collect client-side performance telemetry or analytics of any kind. Server-side operational metrics (memory, CPU, request counts, database query times) are used internally for reliability monitoring and are not linked to your account.

Login and security information helps us secure your account, detect suspicious activity, and provide technical support.

2.3 Location Information

We collect location data in the following ways:

• Location coordinates you manually enter for your home or visited places
• Photo processing: When you upload photos, all EXIF metadata (including GPS coordinates, camera settings, and other embedded data) is automatically stripped during image processing. Only resized image variants are stored — original files and their metadata are not retained.
• Location information from places you mark as visited
• General IP-based location for security and regional compliance purposes

2.4 Trip Sharing and Collaboration Data

When you share trips or collaborate with other users, we collect:

• Share Links: Unique tokens for each share link you create, creation timestamps, and expiration dates (if set)
• Co-Ownership Information: Records of who added whom as a co-owner and when, to maintain trip collaboration permissions
• Trip Merge History: When trips are merged, we record the source trips, merged content (locations, photos, journals), and who initiated the merge
• Sharing Status: Whether trips are publicly shared or private

This data enables trip sharing features, maintains collaboration permissions, and helps prevent unauthorized access to shared content.

3. Legal Basis for Processing (GDPR)

Under GDPR Article 6, we process your personal data based on the following legal grounds:

• Contract Performance: To provide our travel tracking services and maintain your account
• Legitimate Interest: To improve our services, ensure security, and provide customer support
• Consent: For optional features like marketing communications
• Legal Obligation: To comply with applicable laws and respond to legal requests

4. How We Use Your Information

We use your information to:

• Provide Services: Enable trip tracking, photo organization, statistics calculation, journal management, and trip sharing features
• Account Management: Create and maintain your account, process payments, provide customer support
• Security: Protect against fraud, unauthorized access, and security threats
• Service Improvement: Analyze usage patterns to improve features and user experience
• Communication: Send service-related notifications, updates, and support responses
• Legal Compliance: Meet regulatory requirements and respond to lawful requests

5. Data Sharing and Third Parties

We do not sell your personal data. We only share your information in the following limited circumstances:

5.1 Service Providers

• RevenueCat: Subscription management and entitlement verification. RevenueCat receives your user ID and subscription status to manage cross-platform access - Privacy Policy
• Stripe: Payment processing for web subscriptions (PCI DSS compliant, via RevenueCat) - Privacy Policy
• Backblaze B2: Secure cloud storage for photos - Privacy Policy
• ip-api.com: IP address geolocation for login tracking - Privacy Policy - We share your IP address with this service to determine your general location (city, region, country) when you log in. This helps us monitor login activity and detect potentially suspicious access to your account.
• OpenStreetMap: Mapping and geographic visualization services - Privacy Policy - When you view pages with maps, map tiles are loaded from OpenStreetMap servers. OpenStreetMap may collect standard web request data (such as IP address and browser information) when serving map tiles. We do not send your personal data or trip information to OpenStreetMap.
• Google Geocoding API: Location search and address lookup services - Privacy Policy - When you search for locations (cities, hotels, attractions, etc.) in TravelTracker, your search queries are sent to Google's Geocoding API to find matching locations. Google may collect standard web request data (IP address) when processing geocoding requests. Search results are cached to minimize API calls and improve performance.
• Akamai Cloud: Hosting infrastructure and content delivery - Privacy Policy - TravelTracker is hosted on Akamai's cloud infrastructure. All application data and user information (except photos, which are stored on Backblaze B2) is processed through Akamai's servers as part of providing the Service to you.

5.2 Public Data Sources

We use publicly available data from these sources to enhance location features:

• National Park Service (NPS): National parks reference data and information
• UNESCO: World Heritage Sites reference data and information

These are public data sources; we do not share your personal data with these entities. We only retrieve publicly available location information to display in TravelTracker.

5.3 Legal Compliance and Copyright Enforcement

In certain legal situations, we may be required to disclose your personal information to third parties:

Copyright Disputes (DMCA): When we receive valid copyright infringement notices under the Digital Millennium Copyright Act, we may share relevant user information with copyright holders, including:

• Account email address and username
• IP address and upload timestamps for allegedly infringing content
• Content metadata (filenames, upload dates, trip information)

We will notify you if your information is shared for copyright enforcement purposes, except where prohibited by law. For more information about our copyright procedures, see Section 13 of our Terms of Service.

Other Legal Requirements: We may also disclose your information when required by law, court order, subpoena, or to:

• Comply with legal processes
• Protect our rights and property
• Prevent fraud or security issues
• Protect the safety of users or the public

6. Data Retention

We retain your personal data for the following periods:

• Account Data: Until you delete your account, plus 30 days for recovery
• Travel Content: Until you delete specific content or your account
• Photos: Until you delete them or your account (permanent deletion within 30 days)
• Login Information: 24 months for security monitoring and fraud prevention, then automatically deleted
• Payment Records: 7 years for tax and legal compliance purposes
• Security Logs: 1 year for security and fraud prevention
• Support Communications: 3 years for service improvement

6.1 Joint Trip Co-Ownership Impact

• All photos in the joint trip (uploaded by any co-owner)
• All journal entries in the joint trip
• All location data and trip information
• All collaborative content

6.2 Leaving Shared Trips

You can leave a jointly owned trip at any time through the Co-Owners modal. When you leave a shared trip:

• Your Statistics: Your personal statistics (countries visited, travel achievements, badges) are automatically recalculated to exclude data from the trip you left
• Contributed Content: Photos, journal entries, and locations you contributed to the trip remain part of the trip for other co-owners
• Access Revoked: You will immediately lose all access to view or edit the trip
• Non-Reversible: Leaving cannot be undone - you would need to be re-invited by an existing co-owner to regain access
• Last Person: If you are the last co-owner and leave, the entire trip is permanently deleted including all content

6.3 Storage Limits and Data Retention

Storage Limits by Account Type:

• Free users: Maximum 200MB total photo storage (permanent limit). Journal entries are limited to 500 characters per entry but do not count against storage limits.
• Premium users: Unlimited photo storage and unlimited journal entry length

When Free users reach their photo storage limits, you will be prompted to upgrade to Premium or delete existing photos. We will not automatically delete your content without notice. Storage limits are enforced by preventing new photo uploads until you are back under the limit.

Note: Trip co-ownership requires all users to have Premium accounts, which include unlimited photo storage.

7. Your Privacy Rights

7.1 GDPR Rights (EU Residents)

Under GDPR, you have the right to:

• Access: Request a copy of all personal data we hold about you
• Rectification: Correct inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Portability: Request your data in a structured, machine-readable format. Automated data export is not currently available. To request your data, please contact [email protected] with the subject line "Data Export Request." We will manually compile your data (trips, journal entries, locations, and profile information) and provide it within 30 days. Note: Photos are not included in data exports due to file size limitations, but remain accessible in your account.
• Restriction: Limit how we process your personal data
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for optional processing activities

7.2 CCPA Rights (California Residents)

Under CCPA, you have the right to:

• Know: Learn what personal information we collect, use, and share
• Delete: Request deletion of your personal information
• Opt-Out: Opt out of the sale of personal information (we don't sell data)
• Non-Discrimination: Not be discriminated against for exercising your rights

7.3 How to Exercise Your Rights

To exercise your privacy rights, contact us at:

8. Data Security

We implement comprehensive security measures to protect your personal data:

• Encryption: All data is encrypted both in transit and at rest using industry-standard encryption protocols
• Password Security: Passwords are hashed and salted using industry best practices
• Access Controls: Strict access controls with principle of least privilege
• Security Monitoring: Continuous monitoring for threats and suspicious activity
• Regular Audits: Periodic security assessments and testing
• Attack Prevention: Multiple layers of protection against common web vulnerabilities and attacks
• Secure Development: Security-first development practices and code reviews

9. International Data Transfers

Your data may be processed in countries other than your country of residence. When we transfer personal data outside the EEA, we ensure adequate protection through:

• Standard Contractual Clauses approved by the European Commission
• Service providers certified under recognized adequacy frameworks
• Additional safeguards as required by applicable law

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For detailed information about our cookie practices, please see our Cookie Policy.

We only set essential cookies required to keep you signed in and protect your account, so we do not present a cookie consent banner. You can clear our cookies at any time through your browser's settings.

11. Children's Privacy

Our Service is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal data, please contact us immediately.

12. Data Breach Notification

In the unlikely event of a data breach that may affect your personal data, we will:

• Notify supervisory authorities within 72 hours (as required by GDPR)
• Inform affected users without undue delay
• Provide clear information about the nature and scope of the breach
• Describe measures taken to address the breach and prevent future incidents

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through our Service
• Request new consent where required by law
• Provide a summary of key changes

14. Contact Information

15. Legal User Compliance