Privacy Policy

Last updated: April 19, 2026

Periplo, operated by Nikita Baklazhenko ("we", "our", or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Periplo mobile application.

1. Information We Collect

Account Information

When you create an account, we collect your email address and display name through our authentication provider (Clerk). You may also use Periplo as a guest without creating an account, in which case a local anonymous identifier is generated on your device.

Location Data

With your explicit permission, we access your device location to show activities and points of interest near you. Location data is processed only while the app is in use ("when in use" permission) and is not stored on our servers or shared with third parties.

Trip and Preference Data

We store the trips you create, your travel preferences, and interaction data (such as activities you save or swipe on) to personalize your recommendations. This data is sent to our backend servers for AI processing.

Device Information

We collect basic device information (device type, operating system version, crash logs) for app performance and error tracking via Sentry. This data is anonymized and cannot be used to identify you personally.

Payment and Subscription Information

If you subscribe to Periplo Pro, all payment processing is handled entirely by Apple (App Store) or Google (Google Play). We do not collect, store, or have access to your payment card details, billing address, or other financial information. We receive only your subscription status (active, cancelled, or expired) and renewal dates through our subscription management provider (RevenueCat) to enable Pro features in the app.

On-Device Storage

Periplo stores certain data locally on your device, including cached trip data (retained for up to 24 hours for offline access), authentication tokens (stored in encrypted device storage), and your app preferences. This data never leaves your device unless explicitly sent to our servers as part of normal app functionality.

2. How We Use Your Information

• To generate personalized trip itineraries using AI
• To show relevant activities and points of interest near you
• To improve recommendations based on your preferences
• To send trip reminders and travel notifications (with your permission)
• To diagnose technical issues and improve app performance

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data on the following legal bases:

• Consent — for location data access and push notifications. You can withdraw consent at any time via your device settings.
• Contract performance — for account creation, trip generation, and delivering the core service you requested.
• Legitimate interest — for crash reporting, performance monitoring, and improving our recommendations, where these interests are not overridden by your rights.

4. Third-Party Services

Periplo uses the following third-party services, each of which may process data as described:

• Clerk (clerk.com) — Authentication and account management. Processes your email and login credentials.
• Sentry (sentry.io) — Crash reporting and error tracking. Receives anonymized device and error data.
• Google Cloud Platform (cloud.google.com) — Backend hosting and AI processing. Trip data and preferences are processed on Google Cloud servers.
• RevenueCat (revenuecat.com) — Subscription management. Receives your anonymous user identifier and subscription status from Apple or Google to manage your Pro access. RevenueCat does not receive your name, email, or payment card details.

When you tap on booking links within the app, you may be redirected to third-party travel services (such as booking platforms). These services have their own privacy policies, and we encourage you to review them. We may earn a commission from these referrals through affiliate partnerships. We do not share your personal data with these affiliate partners.

5. International Data Transfers

Your data may be processed on servers located outside your country of residence, including in the United States and European Union (via Google Cloud Platform). Where data is transferred outside the EEA, we rely on appropriate safeguards such as Google Cloud's standard contractual clauses and data processing agreements.

6. Data Storage and Security

Your data is stored on secure servers hosted on Google Cloud Platform. We use industry-standard encryption for data in transit (HTTPS/TLS). Authentication tokens are stored securely on your device using encrypted storage (Expo SecureStore). We implement reasonable technical and organizational measures to protect your data, but no method of electronic transmission or storage is 100% secure.

7. Data Retention

We retain your account and trip data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymized, aggregated usage data may be retained for service improvement purposes. Crash reports in Sentry are automatically deleted after 90 days.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete data
• Deletion — request deletion of your account and associated data. You can delete your account directly in the app via Settings > Delete Account. All personal data will be removed within 30 days.
• Data portability — request your data in a structured, machine-readable format (EEA/UK users)
• Restriction — request that we restrict processing of your data in certain circumstances (EEA/UK users)
• Withdraw consent — revoke consent for location access or notifications at any time via your device settings
• Lodge a complaint — if you are in the EEA/UK, you have the right to lodge a complaint with your local data protection supervisory authority

To exercise any of these rights, contact us at support@periploapp.com. We will respond within 30 days.

9. California Residents (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used
• Request deletion of your personal information
• Be free from discrimination for exercising your privacy rights

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. To make a request, contact us at support@periploapp.com.

10. Tracking and Advertising

Periplo does not track you across other apps or websites. We do not use advertising identifiers (IDFA), and we do not participate in ad networks. We do not sell, rent, or share your personal data with third parties for their marketing purposes.

11. Children's Privacy

Periplo is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at support@periploapp.com and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by updating the "Last updated" date above. Your continued use of Periplo after changes are posted constitutes acceptance of the updated policy.

13. Contact Us