Privacy Policy for GlobeTrekkr
Effective Date: August 18, 2025
Last Updated: September 16, 2025
Globetrekkr ("we," "our," "us") values your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website and services.
Data Controller & Contact
Contact: support@globetrekkr.com
If you have questions about data protection or want to exercise your rights, contact us at the address above. If you are in the EU you may also lodge a complaint with your local supervisory authority.
Legal basis for processing
We process personal data on one or more of the following bases:
- Performance of a contract: to provide account services and subscription features.
- Legitimate interests: to operate and improve the service, provide support, and prevent fraud.
- Consent: for marketing communications and analytics where required by law. You can opt out of marketing at any time.
How to exercise your rights
To exercise your rights (access, rectification, erasure, restriction, portability, objection), email support@globetrekkr.com. We will verify your identity and aim to respond within 30 days. Complex requests may take longer (up to 90 days) and we will notify you if an extension is necessary.
Data retention
We retain personal data as long as necessary to provide the service and for legitimate business purposes (for example, to comply with legal obligations, resolve disputes, and enforce our agreements). Typical retention periods:
- Account data: retained while the account is active and up to 2 years after deletion for fraud prevention and backups.
- Subscription and billing records: retained for 7 years for accounting and tax purposes.
- Support logs and audit trails: retained for 12 months unless longer retention is required.
Third-party processors & international transfers
We rely on third-party service providers to operate the service, including authentication, storage, and payments. Primary processors include Supabase (database, auth, storage) and Stripe (payments). These providers may transfer data outside the EU/EEA; where transfers occur we rely on appropriate safeguards such as standard contractual clauses or other lawful mechanisms. Links to processors' privacy policies are available on their websites.
Cookies & analytics
We use cookies and analytics tools to understand usage and improve the service. You can control cookies through your browser settings. For marketing and analytics that require consent, we will ask for your consent where required by law.
Data export & audit
When you request an export of your data via the Edit Profile page, we will compile the personal data we hold about you and provide it as a downloadable JSON file. Export requests are logged (requesting account, timestamp, IP address) for security and compliance purposes; logs are retained for 12 months.
1. Information We Collect
Account Information:
Name, email, username. Passwords are managed by our authentication provider (for example, Supabase). Passwords are stored only in hashed form by the auth provider and we do not store or have access to plaintext passwords. If you use social or third-party sign-in, we may store connection metadata (provider, connected_at) but not the external account's raw credentials.
Travel Data:
Countries, cities, and locations you log.
Device & Usage Data:
IP address, browser type, app usage analytics.
Optional Data:
Photos, notes, or wishlist entries you add.
2. How We Use Your Information
- To provide and improve our services.
- To display your travel maps, stats, and social features.
- To communicate with you (updates, newsletters, support).
- To process payments (if you subscribe to premium features).
3. Sharing of Information
With Your Consent:
When you share trips with friends or add information to your public profile.
Service Providers:
Payment processors, hosting, analytics.
Legal Requirements:
If required by law.
We do not sell your personal information to third parties.
4. Data Storage & Security
- Data is stored securely in Supabase.
- We use encryption and other safeguards to protect data.
- You may request deletion of your data at any time by contacting us at support@globetrekkr.com.
5. Your Rights
Depending on your location (e.g., GDPR in the EU, CCPA in California), you may have rights to:
- Access your data.
- Correct inaccuracies.
- Request deletion.
- Opt out of marketing communications.
Request a copy of your data
You can download a copy of your personal data (including profile information, travel entries, subscriptions, and uploaded profile images) from your account.
To export your data, sign in to your account and visit your Edit Profile page and click "Export my data". The export will be compiled under your account and provided as a JSON file. For large exports, the download may take a few moments.
If you need assistance or cannot access the export feature, contact support@globetrekkr.com.
6. Children's Privacy
Globetrekkr is not intended for children under 13 (or the minimum legal age in your jurisdiction).
7. Updates to Policy
We may update this Privacy Policy from time to time.
8. Contact Us
For questions or requests, contact: