Privacy Policy - Itineru

1. Information We Collect

Account details: name, email, and optional profile fields you provide.
Usage data: app sessions, routed destinations, credits consumed, device type, and crash analytics.
Location inputs: searches, map selections, or manually entered places used to generate walking tours or road trips.
Photo library access (optional): When you grant photo library permission, we may read location metadata (EXIF data) from your photos to help you tag visited places on your Scratch Map. We do not upload, store, or access the photos themselves—only the embedded GPS coordinates if present.
Background location (optional): If you enable background location, the app may track your position during an active audio tour to trigger location-based narration. You can disable this at any time in your device settings.
Push notifications (optional): We may send notifications about tour updates, route completion, or service announcements. You can manage notification preferences in your device settings.
Audio playback: The app plays AI-generated audio narration for walking tours. We do not record or access your device microphone.

Generate itineraries, audio tours, and stats such as Scratch Map progress.
Troubleshoot performance issues, improve AI models, and detect abuse or spam.
Send transactional notifications (e.g., route readiness, credit warnings) and optional product updates.

Location is only accessed when you submit a search, request directions, or explicitly enable background sharing.
Privacy settings let you toggle profile visibility, shared countries, and travel activity. You can change these at any time under Settings → Social & Privacy.
Friends only see Scratch Map highlights if you grant permission. We never expose private routes without your consent.

Mapping and directions are provided by third-party mapping services. AI-generated itineraries, walking tours, and audio narration are powered by third-party AI and voice synthesis services.
Authentication, data storage, and realtime features are hosted on secure cloud infrastructure.
Crash reports include device type, OS version, app version, and stack traces to help us diagnose and fix technical issues. These reports do not include location data or personal content.
We use analytics to monitor service quality and performance. No personal travel data is shared with analytics providers.
Content you upload (e.g., profile images) is protected by access controls and security policies.
We do not sell or rent personal data. Service providers only process information needed to deliver the service.

Route history, Scratch Map progress, and usage logs persist while your account remains active so you can revisit past journeys.
Use Settings → Data Management to export an archive or request deletion. You can also email support@itineru.app for assistance.
When you delete your account, user-generated content is removed within 30 days unless legal retention is required. Aggregated, non-identifying analytics may be kept to improve planning models.

Database security policies restrict access to user records. Secrets and API keys are stored in encrypted environments.
We monitor for suspicious login attempts and may temporarily lock accounts if abuse is detected.
No mobile app can guarantee perfect security—please avoid sharing your credentials or reusing weak passwords.

Itineru is not directed at children under 13. If we learn that a child has created an account, we will remove it promptly.

We will notify you of material policy updates via in-app banners or email. Continued use after changes constitutes acceptance of the revised policy.
Questions? Contact support@itineru.app or use the in-app Help Center. We respond within two business days.

Right to Access: You can request a copy of all personal data we hold about you via Settings → Data Management or by emailing support@itineru.app.
Right to Deletion: You can delete your account at any time through Settings. User-generated content is removed within 30 days unless legal retention is required. Aggregated, anonymized analytics may be retained to improve AI models.
Right to Correction: Update your profile information at any time in Settings → Edit Profile.
Right to Portability: Export your route history, Scratch Map data, and account information in JSON format via Settings → Data Management.
Data Retention: Active account data is retained indefinitely. After account deletion, user content is removed within 30 days. Crash reports are retained for 90 days. Service analytics are retained for 12 months.
Legal Basis: We process data based on your consent (account creation), contract performance (service delivery), and legitimate interests (fraud prevention, service improvement).
International Transfers: Data may be processed in the US, EU, and Australia via our service providers. These transfers are protected by standard contractual clauses and adequacy decisions.
California Residents: Under CCPA, you have the right to know what personal information is collected, opt-out of sales (we do not sell data), and request deletion. Contact support@itineru.app to exercise these rights.