Skip to content
Our Time Away

Privacy Policy

Last updated: May 12, 2026

1. Information We Collect

Account information: When you create an account, we collect your name, email address, and authentication credentials. If you sign in via Google or Apple, we receive your name and email from the provider.

Trip data: Trip details (destinations, dates, activities), journal entries, and photos you upload. This data is stored on our servers to enable syncing across devices and group features.

Photo metadata, including precise GPS (sensitive personal information): Photos you upload may contain GPS location metadata embedded by your device camera. Photo location data (precise GPS coordinates extracted from photo EXIF metadata) is classified as sensitive personal information under California law (CPRA). We use it only to organize your photos by trip location and to power the trip map (a planned future feature, not active today). You can disable location tagging in your device camera settings before taking photos, strip GPS from photos before upload, or disable GPS extraction in Settings → Privacy & Data.

Email content (7-day retention): When you forward booking confirmations to your trip email address, we parse the email to extract itinerary information (flights, hotels, activities). Forwarded email content (text body, HTML body, and attachments) is retained for up to 7 days after parsing so we can recover from parsing failures and clarify ambiguous bookings. After 7 days the content is automatically deleted; structured data extracted from the email (your activities, hotel bookings) remains.

Journal entries: Free-form text you write as part of daily journaling, which may include reflections, opinions, or other intimate content. Treated as sensitive personal information.

Device information: Device type, operating system, app version, and a device identifier for push notifications and trusted device verification.

Usage data: App usage patterns (screens viewed, features used) collected via PostHog when you consent. This data is privacy-friendly and does not require App Tracking Transparency (ATT) consent.

2. How We Use Your Information

  • Provide and improve the Our Time Away service
  • Sync your trip data across devices
  • Generate journal prompts, trip narratives, and photo captions, and import itineraries from your forwarded confirmation emails, using AI (enabled by default; you can turn it off anytime in Settings)
  • Process keepsake orders and payments
  • Send transactional emails (order confirmations, account notifications)
  • Analyze usage patterns to improve the product (aggregated, not individual)

3. Legal Bases for Processing (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under GDPR Article 6 (and, where applicable, Article 9) to process your personal information:

  • Contract (Art. 6(1)(b)): Trip data, journal entries, photos, expenses, and core account information are processed because they are necessary to provide the service you signed up for.
  • Consent (Art. 6(1)(a)): AI processing of your content via Anthropic and OpenAI (enabled by default and presented for an explicit choice during onboarding; you can turn it off at any time in Settings → Privacy & Data → AI-generated Content), product analytics via PostHog (cookie banner consent), Sentry session replay (where enabled), and marketing/lifecycle emails (opt-in at signup, opt-out via the unsubscribe link in every message).
  • Legitimate interest (Art. 6(1)(f)): Essential service performance monitoring, basic Sentry error tracking with user IDs for diagnosing crashes, fraud detection, and security operations. Transactional emails (order confirmations, trip invites) are also supported by legitimate interest in addition to contract necessity.
  • Legal obligation (Art. 6(1)(c)): Tax records, payment records retained per applicable financial regulations, and responses to lawful government requests.

For sensitive personal information (precise GPS coordinates in photo EXIF, journal entries, content of forwarded emails), we additionally rely on your explicit consent or, where unavoidable, the performance-of-contract basis for the specific feature you are using.

You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

4. AI-Generated Content

We use third-party AI services (currently Anthropic and OpenAI) to generate journal prompts, trip narratives, and photo captions, and to import itineraries from your forwarded confirmation emails. These features are enabled by default; you can turn them off at any time in Settings. Your journal entries and trip data are sent to these AI providers for processing. These providers do not use your data to train their models.

Your rights: You can opt out of AI-generated content features at any time in Settings → Privacy & Data → AI-generated Content. When opted out, we will not send your content to AI providers and you will see standard prompts instead of personalized ones.

AI-generated content disclosure: Any narrative, prompt, or caption generated by AI is labeled as such in the app. We do not use AI to impersonate any real person, and AI-generated content is not used for marketing without your explicit consent.

AI usage tracking: We track AI feature usage (token counts per feature) to monitor service costs and improve quality. Usage records are retained for 90 days. Token counts are not personally identifying.

5. Data Sharing & Sub-Processors

We do not sell your personal information. We share data with the following sub-processors so they can deliver parts of the service on our behalf:

  • Supabase — primary database, authentication, and object storage
  • Railway — application and worker infrastructure hosting; has infrastructure-level access to application data
  • Cloudflare — CDN and DDoS protection; receives web traffic metadata (IP addresses, pages visited)
  • Stripe — payment processing (PCI DSS compliant; we never receive raw card data)
  • Gelato — keepsake printing and fulfillment (receives shipping address and product photos)
  • SendGrid — transactional and lifecycle email delivery, plus inbound email parsing for itinerary forwarding
  • Mapbox — mapping and geocoding; receives map tile and geocoding requests that may reveal travel destination interest
  • Apple — Sign in with Apple authentication
  • Google — OAuth (Sign in with Google) and Google Play Services on Android
  • Anthropic — AI processing of your content when you have consented
  • OpenAI — AI fallback provider when you have consented
  • PostHog — product analytics when you have consented
  • Sentry — error tracking and (where enabled) session replay
  • Expo — mobile application delivery, over-the-air updates, and build infrastructure

6. Data Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Authentication tokens are stored in secure device storage. We use Row Level Security (RLS) policies to ensure users can only access their own data.

7. Internal Access to Your Data

A limited number of authorized personnel may access your account and data for the following purposes:

  • Responding to customer support requests you submit
  • Investigating and resolving technical issues or bugs you report
  • Ensuring the security and integrity of the Service
  • Complying with legal obligations

This access may include viewing your account as you would see it. All internal access is restricted to staff with admin privileges and is logged for accountability. We do not access your account for marketing purposes or to review your personal content without cause.

Support access auditing: When our team needs to investigate a support issue, an admin may impersonate your account temporarily. Every impersonation is logged with the admin's identity, the reason, and a timestamp. Audit logs are retained per SOC 2 compliance requirements (typically 12 months).

8. Your Rights

Under GDPR, UK GDPR, and similar laws, you have the right to:

  • Access your personal data (data export available in Settings)
  • Correct inaccurate data
  • Delete your account and all associated data
  • Object to or restrict data processing
  • Port your data to another service
  • Withdraw consent for processing based on consent
  • Lodge a complaint with your local data protection authority

To exercise these rights, use the in-app Settings or email us at [email protected].

9. California Residents (CCPA / CPRA)

This section applies to California residents and is provided under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

Categories of personal information collected in the past 12 months

  • Identifiers: name, email address, account ID, IP address, device identifier.
  • Commercial information: keepsake orders, transaction history, discount redemptions.
  • Internet or other electronic network activity information: analytics events, screens viewed, feature usage (collected when you consent).
  • Geolocation data — including precise geolocation (sensitive PI): GPS coordinates extracted from photo EXIF metadata.
  • Audio, electronic, visual, or similar information: photos you upload.
  • Professional or employment-related information: none collected.
  • Inferences drawn from other personal information: AI photo analysis (e.g., scene tagging, photo grouping) when you have consented to AI features.
  • Sensitive personal information: precise geolocation (photo EXIF GPS), journal entries (free-form personal content), and the content of emails you forward to the service (retained for 7 days as described in Section 1).

Categories of personal information sold or shared in the past 12 months

None. We have not sold or shared (as those terms are defined under the CCPA/CPRA, including for cross-context behavioral advertising) any category of personal information in the past 12 months. We also do not knowingly sell or share personal information of consumers under 16 years of age.

Your California rights

  • Right to know what personal information we have collected, the categories of sources, the business or commercial purpose for collection, and the categories of third parties with whom we share it.
  • Right to access a copy of the specific pieces of personal information we have collected about you.
  • Right to correct inaccurate personal information.
  • Right to delete personal information we have collected from you.
  • Right to opt out of the sale or sharing of personal information. As stated above, we do not sell or share personal information; this right exists regardless.
  • Right to limit the use and disclosure of sensitive personal information. We use sensitive PI only as necessary to provide the service you requested, and we do not use it to infer characteristics about you for any purpose unrelated to the service.
  • Right to non-discrimination. We will not deny you service, charge you a different price, or provide you a different level of service because you exercised any of these rights.

Do Not Sell or Share My Personal Information

We do not sell or share personal information. No opt-out is required because no sale or sharing takes place. If this ever changes, we will update this notice and provide a clear opt-out mechanism in Settings and on our website before any such sale or sharing begins.

How to exercise your rights

To exercise any of the rights above:

  • Email [email protected], or
  • Open the app and go to Settings → Privacy & Data → Export Your Data or Delete Account.

We will verify requests by matching the email address you contact us from against the email on your account, and we may ask for additional confirmation for sensitive requests. Authorized agents may submit requests on your behalf with written permission and verification of your identity.

10. Data Retention

We retain your data for as long as your account is active. When you delete your account, all personal data is permanently deleted within 30 days. Anonymized usage analytics may be retained indefinitely.

Forwarded email content: Text and HTML bodies of forwarded itinerary emails are deleted automatically 7 days after parsing.

Shared itinerary items: Itinerary items you shared with your travel group (hotels, flights, activities) will be anonymized — your account will no longer be associated with them — but the trip activity content may remain visible to your fellow travelers as part of their shared trip record. Activity documents (attached files from forwarded emails) are permanently deleted. Your personal journals and photos are fully deleted.

10a. Leaving a Trip

If you leave a trip without deleting your account, your shared journals and photos will be hidden from other travelers immediately. Your data remains in our system associated with your account and will be fully deleted if you later delete your account.

11. Children's Privacy

Our Time Away is not directed at children under 13. We do not knowingly collect personal information from children under 13. Trip organizers can add travelers by name only (without requiring an account) for underage travelers.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes via email or in-app notification.

13. Contact

Our Time Away
Austin, TX
[email protected]
(512) 766-4548