1. Who we are
Travel Juicer ("we", "us", "our", the "App") is operated by Andres Bernadou, an independent developer. For any question about this policy or your data, email privacy@traveljuicer.app.
2. Data we collect
2.1 Data you give us directly
| Category | Examples | Purpose |
|---|---|---|
| Account | Email, display name, optional avatar | Authentication, showing you as a trip member |
| Trip content | Trip names, dates, destinations, stays, transport, activities, expenses, notes | Storing your trips so you and your group can view and edit them |
| Uploaded files | Booking confirmation emails, PDFs, images, receipts | Parsing booking info and attaching it to trips |
| Chat messages | Your prompts to the AI assistant | Generating AI responses and saving chat history per trip |
| Voice recordings | Audio of voice prompts, deleted immediately after transcription | Converting speech to text for the AI assistant |
2.2 Data we collect automatically
| Category | Examples | Purpose |
|---|---|---|
| Device info | Device model, OS version, app version, language | App functionality, bug investigation |
| Approximate location | Country / city inferred from IP address | Showing local suggestions, currency defaults |
| Precise location (only if you grant permission) | GPS coordinates | Finding nearby restaurants, cafes, attractions when you use that feature |
| Advertising ID (IDFA on iOS, AAID on Android) | Random device identifier, only if you accept tracking | Showing personalised ads via Google AdMob |
| Usage data | Which features you open, crash logs | Fixing bugs and improving the app |
We do not collect your contacts, your calendar, your photo library (except the specific photos you upload), your health data, or any biometric data.
3. App Tracking Transparency (iOS)
On iPhone and iPad, the first time you open the app we show the system prompt required
by Apple's App Tracking Transparency framework. If you choose
"Ask App Not to Track", the advertising ID (IDFA) is not read and
the ads you see are non-personalised. You can change your choice at any time in
Settings → Privacy & Security → Tracking → Travel Juicer, or inside
the app via Profile → Legal → Manage privacy choices.
4. Third-party services we use
We send parts of your data to these services so the app can work:
| Service | What we send | Why |
|---|---|---|
| Supabase | Account, trips, expenses, chat history, uploaded files | Database, authentication, file storage |
| Google Gemini API | Your chat prompts, trip context (trip name, stays, activities), uploaded images and PDFs when sent to the AI | Generating AI assistant responses and extracting booking info |
| Google AdMob | Advertising ID (only if you accept tracking), approximate IP-based location, device info | Showing in-app ads |
| Google Places API | Location coordinates, search keywords | Finding nearby places for the "Nearby" feature |
| Pexels | City names and search keywords | Fetching stock photos for trip covers |
| Travelpayouts | Referral identifier appended to booking links when you click them | Earning a commission when you book through the link — at no extra cost to you |
| CloudMailin | Booking confirmation emails you forward to our address | Receiving the emails and passing them to our parser |
| Apple / Google (Sign-in) | The identity token returned by Sign in with Apple or Google, which contains your email | Creating and authenticating your account |
Each provider processes data under its own privacy policy (linked above). We choose vendors that offer data-processing agreements compatible with the EU GDPR and the CCPA.
5. How we use your data
- Run the app: show you your trips, let the group edit them, generate AI responses, import booking emails, track shared expenses.
- Keep it working: fix crashes, prevent abuse, enforce daily rate limits on the AI assistant.
- Make money from ads: show banner, interstitial and rewarded video ads through Google AdMob. Ads can be personalised or non-personalised depending on your tracking choice.
- Earn affiliate commissions: if you book a hotel, activity or flight through a link we provide, the partner may pay us a commission. This never changes what you pay or what we recommend.
We do not sell your personal data. We do not share your trip content with advertisers. We do not train AI models on your chat history.
6. Data sharing with your group
When you invite someone to a trip or accept an invite, everyone in that trip can see the trip's content (stays, transport, activities, expenses, chat history, uploaded documents). This is the whole point of the app. You remain in control: you can remove a member, leave a trip, or delete a trip at any time.
7. Your rights
Regardless of where you live, you can always:
- Access and export your data.
Profile → Export my data. You get a JSON file with every trip, expense, chat message and file reference we have about you. - Delete your account.
Profile → Delete my account. This permanently removes your profile, trips where you were the only member, and your chat history. Trips where other members remain are transferred to the next member. - Correct your data. Edit anything directly in the app, or email us.
- Change your ad tracking choice.
Profile → Manage privacy choicesreopens the consent form. On iOS you can also useSettings → Privacy & Security → Tracking.
If you are in the EU/UK, you additionally have the right to lodge a complaint with your national data protection authority, and to object to or restrict processing under specific grounds.
If you are in California, you have the rights described in the CCPA, including the right to know, delete, and opt out of sale — we do not sell personal information.
8. Data retention
- Account data and trip content: kept while your account is active.
- Chat messages: kept while the trip exists. Deleted when the trip is deleted.
- Voice recordings: deleted within seconds of transcription.
- Crash logs: 90 days.
- Daily AI usage counters: kept for 30 days for rate-limit enforcement.
- After you delete your account: data is purged within 30 days from our active systems. Backup copies are rotated out within 90 days.
9. Children
Travel Juicer is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, please email us and we will delete it.
10. Security
Data in transit is protected with HTTPS. Data at rest in Supabase is encrypted at the infrastructure level. Access to your trips is enforced with Row Level Security policies — users can only read and write rows for trips they are members of. We use industry-standard password hashing and signed authentication tokens.
No system is 100% secure. If we discover a breach affecting your personal data, we will notify you and the relevant authorities within the timeframes required by applicable law (72 hours under GDPR).
11. International transfers
Our Supabase project and Cloudflare hosting primarily operate from data centers in the European Union and the United States. Google Gemini and AdMob run on Google's global infrastructure. By using Travel Juicer you consent to your data being transferred to, stored in, and processed in these jurisdictions. Where required, we rely on the European Commission's Standard Contractual Clauses with our providers.
12. Changes to this policy
If we change this policy in a way that materially reduces your privacy, we will notify you inside the app before the change takes effect. Minor updates (clarifications, typos, new sub-processors of the same category) will be reflected here with a new "Last updated" date.
13. Contact
Questions, requests, concerns? Email privacy@traveljuicer.app and we'll respond within 30 days (usually much sooner).