Privacy policy

Daypin is built around a simple privacy principle: the less we know about you, the less we can lose. Trips and chats live on your device by default. We only send data to outside services when it's directly needed to fulfil what you asked for. We never sell your data, never use it for advertising, and never let our partners train models on it.

This policy explains exactly what we do collect, why, who we share it with, and the rights you have to access, correct, or delete it.

Trip data — the destinations, days, stops, ratings, and notes you create or save. We collect this so the app can show you your trips and improve recommendations over time.

Chat messages — the text you send to the Daypin assistant during planning or refining a trip. We collect this so the AI can build itineraries that match what you described.

Account information — once you sign in (with Apple or Google), we receive your name and email address from Apple/Google. We use these to back up your trips across devices and to contact you about your account.

Purchase records — when you generate a single-city trip ($3.99) or a multi-city tour ($7.99), Apple or Google sends us a transaction receipt. We store the receipt id so you can restore purchases on a new device. We never see or store your payment card details.

Device identifiers — a randomly generated identifier so we can recognise your device for crash reporting and security. Reset anytime by reinstalling the app.

We do NOT collect: your contacts, your photo library, your precise location, your microphone audio (voice input is transcribed on-device), your browsing history, or any data we don't need to make the app work.

Local-first by default — your trips and chats are stored on your device using AsyncStorage. They never leave your phone unless you explicitly share, sync, or back them up.

Once you sign in, your trips also sync to Daypin's cloud storage on Supabase, hosted in the United States. This lets you access your trips on a new device and ensures paid purchases survive a reinstall. You can delete this server-side data at any time via Me → Delete account and reset data.

For users in the European Economic Area, United Kingdom, or other regions with data residency rules: by signing in, you consent to your data being transferred to and stored in the United States. We rely on the EU-U.S. Data Privacy Framework + Standard Contractual Clauses (SCCs) for these international transfers, as both Supabase and our other US-based service providers are signatories.

When you turn on "Share with Daypin Hub" for a trip — either from the Trip Recap screen toggle or the trip's menu — we publish the route to other Daypin users. Specifically: places, day order, your overall trip rating, and per-stop ratings.

We do NOT share: your chat history with the AI, your personal trip notes, your exact travel dates, your full name (unless you choose to), your email, or your precise location.

Hub trips appear under the display name you pick at share time — your first name, an initial like "S.", or "Anonymous". Default is whatever you choose.

You can revoke sharing at any time from the trip's menu. Once you revoke, the trip stops appearing to new viewers; users who already saved a snapshot keep their copy (we don't reach into other users' devices to delete content).

To plan trips, we send the text of your messages to Anthropic (Claude AI, hosted in the United States). Anthropic processes the data per their privacy policy and is contractually prohibited from using it to train their models.

To find places, we send search queries (a city name, "vintage shops", etc.) to Google Maps Platform's Places API. Google processes these per their privacy policy.

To process payments, we use the Apple App Store (iOS) or Google Play Store (Android). These stores handle your payment information directly — Daypin only ever sees a transaction receipt id, never your card details.

For purchase management across devices, we use RevenueCat (United States), which validates receipts and tracks your entitlements. RevenueCat receives your store user id but no personal information beyond that.

For authentication, we use Sign in with Apple and Sign in with Google via Supabase Auth. Apple/Google verify your identity; we receive only your name and email address, and only what you choose to share.

All these providers have signed Standard Contractual Clauses (SCCs) for international data transfers, so EU/UK users' data is treated to GDPR-equivalent standards even when processed in the US.

Place photos shown in the app are served directly by Google's content delivery network. When your device displays one, Google may log the image request as part of normal CDN behavior. Daypin does not see what you view, when, or for how long.

Trips and chats: as long as your account is active. When you delete a trip, we delete it from your device immediately and from our cloud within 30 days.

Account data: until you delete your account. After deletion, we retain only what's required by law (e.g., transaction records for tax purposes) and only for as long as legally required.

Anonymous Hub trips: kept indefinitely as part of the public Hub corpus, even if you delete your account, since other users may have saved them. To remove a Hub trip entirely, untick the "Share with Hub" toggle BEFORE deleting your account.

Regardless of where you live, you can:

· Access — see all data we hold about you (in-app: every trip, chat, rating).

· Delete — wipe trips individually (Trips list → trip menu → Delete) or all at once (Me → Delete account and reset data). Once cloud sync is live, this also deletes server-side copies.

· Correct — edit any trip, note, or rating directly in the app.

· Export — request a JSON copy of your data by emailing hello@daypin.app.

Our lawful basis for processing your data:

· Performance of contract — trip or tour generation (the $3.99 single-city trip / $7.99 multi-city tour IAP creates a contract).

· Legitimate interest — making the app function (account, sync, crash reporting).

· Consent — sharing trips with the Hub, sending optional product updates.

Beyond the rights listed above, GDPR also gives you the right to: restrict processing, object to processing, data portability, and to lodge a complaint with your local supervisory authority.

To exercise any of these rights, email hello@daypin.app. We respond within 30 days.

Daypin does not sell your personal information. We do not share it for cross-context behavioural advertising. We don't run ads at all.

Categories of personal information we collect are described above ("What we collect"). We use this only to provide the service and never disclose it to third parties for their own marketing.

California residents have the right to: know what we collect, delete it, correct it, and not be discriminated against for exercising these rights. Submit any request by emailing hello@daypin.app.

Daypin is not directed to children under 13 (United States) or under 16 (European Union, where the GDPR digital-consent age applies). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with information, email hello@daypin.app and we will delete it promptly.

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not target advertising at children, do not use behavioural profiling, and do not share children's data with third parties.

We use industry-standard practices to protect your data: HTTPS for all network traffic, encryption at rest for cloud storage, scoped API keys for third-party services, and access logging for our infrastructure. Your password is never stored — we use Apple/Google sign-in with cryptographic tokens.

No system is perfect. If we ever discover a security incident affecting your data, we will notify you within 72 hours per GDPR requirements (and sooner where possible).

We will revise this policy as Daypin evolves. Material changes will be communicated in-app at least 7 days before they take effect, so you have time to review and decide whether to continue using the service.

Email hello@daypin.app for any privacy question, data request, or concern. We read every message and respond within 30 days (much faster, usually).