Privacy Policy
Effective: 2025-01-15 | Version 2.0
This Privacy Policy explains how we collect, use, and protect your information when you use the TripGuard app ("App"). "We", "us" and "our" refer to the TripGuard provider.
1. Controller (Responsible Party)
The controller responsible for data processing is:
Pilatusmedia
Philipp Waldispuehl
Schuetzenrain 18
6012 Obernau
Schweiz
Email: tripguard@protonmail.com
2. Data We Collect
2.1 Account Data
- Email address (required for registration)
- Display name (optional)
- Encrypted password (stored as hash, never in plain text)
- User ID (UUID)
2.2 Trip and Expense Data
- Trip details: title, description, dates, destination, coordinates
- Budget information: amounts, currencies, daily budgets
- Transactions: amounts, categories, payment methods, descriptions
- Location data of expenses (if you add location to transactions)
- Custom categories you create
2.3 Receipt/Photo Data
- Photos of receipts (if you use the receipt scanning feature)
- Extracted receipt data: merchant name, amounts, dates
2.4 Location Data
- GPS coordinates (only when you grant location permission)
- Used for: map display, weather information, location-based expense tracking
2.5 Device and Technical Data
- Device model and manufacturer
- iOS / Android version
- App version
- Push notification tokens (APNs / FCM tokens)
- Crash logs and diagnostics
- IP address (automatically collected by servers)
2.6 Subscription and Payment Data
- Subscription status (Free, Trial, Premium)
- Purchase tokens from App Store (iOS) or Google Play (Android)
- Trial start/end dates
Note: We do NOT store credit card numbers or payment details. All payments are processed by App Store (iOS) or Google Play (Android).
3. Purposes and Legal Bases (GDPR Art. 6)
| Purpose | Legal Basis |
|---|---|
| Provide App functionality (trips, expenses, sync) | Contract performance (Art. 6(1)(b)) |
| User authentication and account security | Contract performance (Art. 6(1)(b)) |
| Process subscription payments | Contract performance (Art. 6(1)(b)) |
| Send password reset emails | Contract performance (Art. 6(1)(b)) |
| Send push notifications | Consent (Art. 6(1)(a)) |
| Display personalized advertising (Free tier) | Consent (Art. 6(1)(a)) |
| Improve app stability, fix bugs | Legitimate interest (Art. 6(1)(f)) |
| Analyze app usage (anonymous) | Legitimate interest (Art. 6(1)(f)) |
| Fraud prevention and security | Legitimate interest (Art. 6(1)(f)) |
4. Third-Party Services
We use the following third-party services that may process your data:
4.1 Google AdMob (Advertising)
Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose: Display advertisements in the Free tier of the App
Data collected: Advertising ID, IP address, device information, ad interactions
Note: Premium and Trial users do not see ads and no advertising data is collected.
Privacy Policy: https://policies.google.com/privacy
4.2 Firebase Cloud Messaging (Push Notifications)
Provider: Google LLC
Purpose: Send push notifications about subscription changes, trip invitations
Data collected: FCM token, device information
Privacy Policy: https://firebase.google.com/support/privacy
4.3 Firebase Analytics
Provider: Google LLC
Purpose: Analyze app usage, crashes, and performance
Data collected: App events, device info, crash reports (anonymized)
Privacy Policy: https://firebase.google.com/support/privacy
4.4 App Store / Google Play Billing
Provider: Apple Inc. (iOS) / Google LLC (Android)
Purpose: Process in-app purchases and subscriptions
Data collected: Purchase information, subscription status
Note: Payment details are handled exclusively by App Store or Google Play, not by us.
4.5 Google Maps
Provider: Google LLC
Purpose: Display maps, trip routes, expense locations
Data collected: Location coordinates, map interactions
Privacy Policy: https://policies.google.com/privacy
4.6 Geoapify (Geocoding)
Provider: Geoapify GmbH, Germany
Purpose: Convert addresses to coordinates and vice versa (Premium feature)
Data collected: Search queries, coordinates
Privacy Policy: https://www.geoapify.com/privacy-policy
4.7 Open-Meteo (Weather)
Provider: Open-Meteo, open-source weather API
Purpose: Display weather information for trip destinations
Data collected: GPS coordinates
4.8 Microsoft Azure Document Intelligence (Receipt Scanning)
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA
Purpose: Extract text and data from receipt photos (Premium feature)
Data collected: Receipt images you upload
Note: Images are processed and not stored permanently by Microsoft.
Privacy Policy: https://privacy.microsoft.com/privacystatement
4.9 Hetzner (Server Hosting)
Provider: Hetzner Online GmbH
Purpose: Host our backend servers and database
Data stored: All account, trip, and transaction data
Privacy Policy: https://www.hetzner.com/legal/privacy-policy
5. Data Transfers to Third Countries
Some of our service providers are located outside the European Economic Area (EEA), particularly in the USA:
- Google LLC (AdMob, Firebase, Maps, Play Billing) - USA
- Microsoft Corporation (Azure Document Intelligence) - USA
These transfers are protected by:
- EU-US Data Privacy Framework (where applicable)
- Standard Contractual Clauses (SCCs) approved by the European Commission
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until account deletion + 30 days |
| Trip and expense data | Until you delete them or delete your account |
| Receipt images | Until you delete them or delete your account |
| Server logs (IP addresses) | 90 days |
| Analytics data | 14 months (Google Analytics default) |
| Payment/subscription records | 10 years (legal requirement) |
| Push notification tokens | Until logout or account deletion |
7. Local Data Storage
The App stores some data locally on your device:
- Authentication tokens: Stored in encrypted storage (AES-256-GCM)
- User preferences: App settings, selected currency
- Cached data: For offline functionality
This data is deleted when you log out or uninstall the App.
8. Your Rights (GDPR)
You have the following rights regarding your personal data:
- Right of access (Art. 15): Request a copy of your data
- Right to rectification (Art. 16): Correct inaccurate data
- Right to erasure (Art. 17): Request deletion of your data
- Right to restriction (Art. 18): Limit how we use your data
- Right to data portability (Art. 20): Receive your data in a portable format
- Right to object (Art. 21): Object to processing based on legitimate interests
- Right to withdraw consent: Withdraw consent at any time (e.g., for ads, push notifications)
To exercise these rights, contact us using the details in Section 1.
You also have the right to lodge a complaint with a supervisory authority.
9. Advertising Consent (Free Tier)
If you use the free version of TripGuard, we show personalized advertisements via Google AdMob. Before showing personalized ads, we request your consent through a consent dialog.
You can change your consent settings at any time in the App settings.
Premium and Trial users: No advertisements are shown, and no advertising-related data is collected.
10. Push Notifications
We may send push notifications for:
- Subscription status changes
- Trip invitation updates
- Expense reminders (if enabled)
You can disable push notifications in your device settings at any time.
11. Password Reset
If you use the "Forgot Password" feature, we send a password reset email to your registered email address. This email contains a time-limited reset link. We do not share your email with third parties for this purpose.
12. Security Measures
We implement appropriate technical and organizational measures to protect your data:
- HTTPS/TLS encryption for all data transmission
- Passwords stored as secure hashes (never in plain text)
- Encrypted local storage on your device (AES-256-GCM)
- JWT token-based authentication
- Server hosted in Germany (EU) with Hetzner
- Regular security updates
13. Children
TripGuard is not intended for children under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will indicate the new effective date at the top. For significant changes, we will notify you through the App or via email.
15. Contact
For privacy questions, data requests, or complaints, please contact us using the details provided in Section 1.