TripBoard is built with privacy as our core principle. Unlike most expense tracking apps, we don't store your financial data on our servers. Your trips, expenses, and receipts stay on your device - where they belong.

A. What We DON'T Do:

1. Store your trips on our servers

2. Store your expenses on our servers

3. Store your receipts on our servers

4. Access your financial information

5. Sell your data to third parties

6. Mine your data for advertising

B. What We DO:

1. Keep everything on your device (or your personal iCloud if you enable it)

2. Give you complete control over your data

3. Ensure that deleting the app = deleting your data - no trace left behind

4. Eliminate central database risks (no server breaches possible)

II. INTRODUCTION AND SCOPE

Welcome to TripBoard, a privacy-first travel expense tracking application developed by Gizmo Labs LLC ("we," "our," or "us"). This Privacy Policy explains our privacy-first approach and how we handle the minimal information we do collect to provide you with the best travel expense tracking experience.

III. INFORMATION WE COLLECT

A. Information You Create (Stored Locally Only)

The following data is stored exclusively on your device and never sent to our servers:

1. Trip Data: Trip names, destinations, dates, budgets, and photos

2. Expense Records: Transaction amounts, categories, descriptions, locations, payment methods, tags, notes, and receipt photos

3. User Preferences: Language settings, default currency, and app customization choices

4. Location Coordinates: GPS data you choose to attach to expenses

🔒 IMPORTANT: We cannot access, view, retrieve, or recover any of this data. It exists only on your device (and optionally in your personal iCloud account).

B. Information We Do Collect

To provide essential app functionality, we collect limited, non-personal information:

1. Analytics Data (via Firebase)

a. Purpose: Improve app performance and fix crashes b. What we collect: i. Device type and model (e.g., "iPhone 14 Pro") ii. Operating system version (e.g., "iOS 17.2") iii. App version (e.g., "2.1.0") iv. Crash logs and error reports (anonymized) c. What we DON'T collect: Your trips, expenses, amounts, locations, or any personal financial data

2. Subscription Data (via RevenueCat & Apple)

a. Purpose: Manage premium subscriptions b. What we collect: i. Anonymous user ID for entitlement verification ii. Purchase receipts (processed by Apple, not stored by us) iii. Subscription status (active/expired/trial) c. What we DON'T collect: Payment card details, billing addresses, or personal identity

3. Currency Exchange Rate Requests

a. Purpose: Provide real-time currency conversions b. What we collect: Currency pair requests (e.g., "USD to JPY") c. What we DON'T collect: Associated amounts or transaction details

4. Location Services (Optional, On-Device Only)

a. Purpose: Help you tag expenses with locations b. What happens: When you search for a place or use "current location", your device communicates with Apple Maps directly c. What we receive: Nothing - location queries go directly to Apple, not through our servers d. Your data: Location coordinates are stored only on your device

IV. DATA STORAGE AND SECURITY

A. Local Storage: Your Device is Your Vault

All your sensitive financial data is stored exclusively on your device using:

1. Secure iOS storage APIs

2. Encrypted app container

3. No transmission to external servers

4. No cloud storage by default

What this means:

a. Your data never travels across the internet to our servers b. We cannot access your trips or expenses - ever c. No central database means no server breaches d. Your privacy is protected by your device's security (Face ID, passcode, etc.)

B. Optional iCloud Sync

If you enable iCloud Documents sync:

1. Where data goes: Your personal iCloud account only

2. Who controls it: You (via your Apple ID)

3. Who can access it: Only you and devices signed into your iCloud account

4. Encryption: End-to-end encrypted by Apple

5. Our access: Zero - we never see your iCloud data

6. How to disable: Turn off in app Settings or iOS Settings > iCloud > TripBoard

🔒 IMPORTANT: iCloud sync is provided by Apple, not Gizmo Labs LLC. Your data is subject to Apple's iCloud Terms: https://www.apple.com/legal/internet-services/icloud/

V. DATA DELETION

Want to delete your data?

A. Delete the app from your device - all local data is immediately removed B. Disable iCloud sync to stop syncing across devices C. Delete from iCloud (if synced): Remove the app from your iCloud settings D. Result: Your data is permanently gone. We cannot recover it because we never had it.

VI. HOW WE USE INFORMATION

A. The Information We Collect (Analytics & Subscriptions)

We use the minimal data we collect to:

1. Improve the App

a. Identify and fix crashes b. Understand which features are used c. Optimize performance d. Plan new features based on usage patterns

2. Provide Premium Features

a. Verify subscription status b. Enable premium functionality c. Process refunds if needed

3. Provide Customer Support

a. Troubleshoot technical issues b. Answer questions about features c. Respond to feedback

4. Comply with Legal Requirements

a. App Store guidelines b. Financial regulations c. Legal obligations

B. What We DON'T Do With Your Data

1. Sell or rent your information

2. Share with advertisers

3. Use for targeted advertising

4. Mine for behavioral insights

5. Share with data brokers

6. Train AI models on your data

VII. THIRD-PARTY SERVICES

TripBoard uses minimal third-party services, chosen for their privacy standards:

A. Firebase (Google LLC)

1. Purpose: Analytics and crash reporting only

2. Data Shared: Device info, app version, anonymized usage (NO financial data)

3. Privacy Policy: https://firebase.google.com/support/privacy

4. Your Control: Disable in app Settings

B. RevenueCat

1. Purpose: Subscription management

2. Data Shared: Anonymous user ID, subscription status

3. Privacy Policy: https://www.revenuecat.com/privacy

4. Note: Payment is processed by Apple, not RevenueCat

C. Apple Services (Maps, iCloud, App Store)

1. Purpose: Location search, optional backup, payments

2. Data Shared: Depends on which features you use

3. Privacy Policy: https://www.apple.com/legal/privacy/

4. Your Control: Managed through iOS settings

D. Exchange Rate Providers

1. Purpose: Real-time currency conversion

2. Data Shared: Currency pair requests only (e.g., "EUR to USD")

3. Data NOT Shared: Amounts, context, or personal information

🔒 IMPORTANT: These services receive NO access to your trip or expense data.

VIII. YOUR PRIVACY RIGHTS

You have complete control over your data:

A. Access Your Data

1. All your data is already accessible within the app

2. Export to CSV anytime from Settings > Export Data

B. Correct Your Data

1. Edit any trip or expense directly in the app

2. Changes save immediately on your device

C. Delete Your Data

1. Option 1: Delete individual trips or expenses in the app

2. Option 2: Delete the entire app to remove all data

3. Option 3: Disable iCloud sync to stop cloud backup

D. Export Your Data

1. Go to Settings > Export Data

2. Choose CSV format (compatible with Excel, Google Sheets)

3. Share via email, AirDrop, or save to Files

E. Request Account Deletion

1. Note: Since we don't store your data, deletion is automatic when you delete the app

IX. INTERNATIONAL DATA TRANSFERS

A. Your Financial Data

Not applicable - your trip and expense data never leaves your device (unless you enable iCloud, which is governed by Apple's terms).

B. Analytics Data

If you use TripBoard outside your country, anonymized analytics may be transmitted to Firebase servers in the United States. This data does NOT include personal or financial information.

X. CHILDREN'S PRIVACY

TripBoard is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has used our app, please contact us.

XI. DATA BREACH NOTIFICATION

A. Protection by Design

Good news: Since we don't store your financial data on our servers, there's no central database to breach. Your data is protected by:

1. Your device's security (passcode, Face ID, etc.)

2. Apple's iCloud encryption (if you enable sync)

3. Local storage that never transmits to external servers

B. Breach Response Protocol

In the unlikely event of a breach affecting our analytics or subscription systems (which contain no financial data), we will:

1. Notify affected users within 72 hours

2. Explain what data was affected

3. Provide steps to protect your account

XII. CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have these rights:

A. Right to Know: What data we collect (see Section III)

B. Right to Delete: Delete your data anytime (see Section V)

C. Right to Opt-Out of Sale: We don't sell your data - ever

D. Right to Non-Discrimination: We don't penalize privacy-conscious users

Special Note: Since your financial data stays on your device, most CCPA obligations don't apply to that data.

XIII. EUROPEAN PRIVACY RIGHTS (GDPR)

If you are in the European Economic Area, you have these rights:

A. Right to Access: View all your data in the app

B. Right to Rectification: Edit data directly in the app

C. Right to Erasure: Delete the app to remove all data

D. Right to Restrict Processing: Disable analytics in settings

E. Right to Data Portability: Export to CSV format

F. Right to Object: Opt-out of analytics

G. Right to Withdraw Consent: Disable features anytime

Data Controller: Since your financial data stays on your device, you are the data controller for that information. For the limited analytics data we collect, Gizmo Labs LLC is the data controller.

Contact Supervisory Authority: If you're unhappy with how we handle data, you can lodge a complaint with your local data protection authority.

XIV. CHANGES TO THIS PRIVACY POLICY

A. Updates We May Make

We may update this Privacy Policy to reflect:

1. New features or services

2. Changes in privacy laws

3. Improvements to our privacy practices

B. How We'll Notify You

1. Updated "Last Updated" date at the top

2. App Store update notes for significant changes

C. Your Choice

Continued use after changes means acceptance. If you disagree, please stop using the app and delete it.

XV. SECURITY MEASURES

A. What We Do

1. Industry-standard encryption for API calls

2. Secure authentication for subscriptions

3. Regular security audits

4. Minimal data collection principle

5. No third-party data sharing

6. Employee training on privacy

B. What You Should Do

1. Enable device passcode/Face ID

2. Keep iOS updated

3. Enable iCloud sync only if you trust Apple's security

4. Don't share your device with untrusted users

5. Export important data regularly

XVI. OUR PRIVACY PHILOSOPHY

A. Privacy by Design

We built TripBoard with privacy as a core feature, not an afterthought. Every decision prioritizes your control over your data.

B. Minimal Data Collection

We only collect what's absolutely necessary to make the app work. If we can avoid collecting it, we do.

C. Transparency

This policy is written in plain language. If something is unclear, we want to know - contact us.

D. Your Control

Your data, your device, your rules. We give you tools to manage everything.

XVII. CONTACT INFORMATION

Questions about privacy? We're here to help.

Company: Gizmo Labs LLC
Product: TripBoard
Email: support@tripboard.app
Website: https://tripboard.framer.website