Privacy Policy

Account information. When you sign in with Google, Apple, or email and password, we receive or collect your name, email address, and profile photo. We store this in your user profile to personalize your experience.

Travel data. We store the travel groups, trips, photos, notes, and other content you create within the app. This includes trip destination names, countries, cities, start and end dates, trip descriptions, travel mode (plane or car), and trip status. We also store trip origin and destination coordinates (latitude and longitude) to calculate distances traveled.

Location data. You may optionally set a home base location in your profile. This is stored as coordinates (latitude and longitude) in your user profile. Location data is obtained through a place name search — the app does not silently track your device's GPS position. Trip destination and origin coordinates are also stored as part of your travel records.

Photos. Photos you add to trips or set as your profile picture are uploaded to and hosted by Cloudinary, a cloud media service. Photo URLs are then stored in your trip and user records in our database.

Photo comments. When you comment on a photo, we store the comment text along with your user ID, display name, and the timestamp.

Social features. The app generates a unique friend code for your account to allow other users to connect with you. We store friend requests (including sender and recipient identifiers and request status) and group membership information (including member names, profile photos, and invite codes).

Device permissions. The app may request access to your camera and photo library to let you add travel photos. On Android, notification permissions are also requested. We do not access any device resource without your explicit action or permission grant.

Push notifications. If you enable notifications, we store your notification preferences and schedule local notifications on your device for trip reminders, travel anniversaries, monthly recaps, and milestone alerts. No notification data is sent to a remote push notification server beyond what is needed to deliver those notifications.

Subscription data. If you purchase a premium subscription, payment is processed entirely by Apple or Google. We receive only your subscription status from RevenueCat — we never see or store your payment card details or billing information.

Feedback. If you submit feedback through the app, we collect your user ID, display name, email, feedback category, message text, app version, and any photos you attach to the feedback.

Waitlist email. If you submitted your email on our website to join the waitlist, we store it solely to notify you of app updates. You may request removal at any time by contacting us.

• To create and maintain your account
• To provide, operate, and improve the Service
• To sync your travel data across your devices
• To calculate your total miles traveled and other travel statistics
• To send push notifications you have opted into
• To manage your subscription status
• To enable social features such as travel groups and friend connections
• To respond to support requests and feedback
• To comply with applicable legal obligations

We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

We use the following third-party services to operate the app. Each processes data under its own privacy policy:

• Firebase (Google) — authentication and cloud database (Firestore) for storing user profiles, trips, groups, and social data. Firebase Privacy Policy
• Cloudinary — cloud storage and hosting for all photos uploaded through the app (trip photos, profile pictures, feedback attachments). Cloudinary Privacy Policy
• Google Sign-In — account authentication. Google Privacy Policy
• Apple Sign-In — account authentication. Apple Privacy Policy
• RevenueCat — subscription and in-app purchase management. RevenueCat Privacy Policy
• Expo / EAS — app delivery infrastructure. Expo Privacy Policy
• OpenStreetMap Nominatim — free geocoding API used to convert place name searches into coordinates for home base and trip destinations. Queries are sent to the Nominatim public API. OpenStreetMap Privacy Policy
• OSRM (Open Source Routing Machine) — open-source routing service used to calculate driving distances between trip origin and destination coordinates. Coordinates are sent to the public OSRM API. OSRM
• Netlify — website hosting and waitlist form. Netlify Privacy Policy

We do not control and are not responsible for the privacy practices of these third-party services.

We retain your data for as long as your account is active. If you delete your account, your profile, trips, group memberships, photos, and all associated data are permanently deleted from our systems within 30 days. Photos hosted on Cloudinary are also deleted as part of this process. Waitlist emails are deleted once you have been notified or upon your request.

You may:

• Access or update your profile information directly within the app
• Delete your account at any time via Settings → Delete Account
• Opt out of push notifications at any time via your device settings or the in-app notification preferences
• Revoke camera or photo library permissions at any time through your device settings
• Request a copy or deletion of your personal data by contacting us at twopassportsapp@gmail.com

Two Passports is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at twopassportsapp@gmail.com and we will delete that information promptly. If you are under 13, please do not use the Service or provide any personal information to us.

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS/TLS), Firebase security rules that restrict data access to authorized users, and Cloudinary's secure upload and access controls. Apple Sign-In authentication uses a cryptographic nonce to protect against replay attacks. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you additional rights regarding your personal information.

Your California rights include:

• Right to Know — the right to request disclosure of the categories and specific pieces of personal information we have collected about you
• Right to Delete — the right to request deletion of your personal information, subject to certain exceptions
• Right to Correct — the right to request correction of inaccurate personal information
• Right to Opt-Out — the right to opt out of the sale or sharing of your personal information. We do not sell or share your personal information for cross-context behavioral advertising.
• Right to Non-Discrimination — we will not discriminate against you for exercising any of your CCPA rights

To exercise any of these rights, contact us at twopassportsapp@gmail.com. We will respond to verifiable requests within 45 days.

If you are located in the European Union or United Kingdom, the General Data Protection Regulation (GDPR) or UK GDPR gives you additional rights regarding your personal data.

Lawful basis for processing. We process your personal data on the following legal grounds:

• Contract performance — to create and manage your account and provide the core features of the Service
• Legitimate interests — to improve the Service, ensure security, and prevent fraud
• Consent — for push notifications and optional communications, which you can withdraw at any time

Your additional GDPR rights. In addition to the rights listed in Section 5, you have the right to:

• Rectification — request correction of inaccurate or incomplete personal data
• Restriction — request that we limit how we process your data in certain circumstances
• Data portability — request a copy of your data in a structured, machine-readable format
• Object — object to processing based on legitimate interests
• Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing
• Lodge a complaint — file a complaint with your local supervisory authority (e.g., the ICO in the UK, or your national DPA in the EU)

International data transfers. Your data is stored and processed in the United States via Firebase (Google) and Cloudinary. Google's data transfers comply with the EU Standard Contractual Clauses. See Firebase's privacy documentation and Cloudinary's privacy policy for details.

Data controller. Two Passports is the data controller for personal data collected through the Service. To exercise any of your rights, contact us at twopassportsapp@gmail.com. We will respond within 30 days.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, where changes are material, notify you via the app or email. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your data, please contact us at:

Two Passports
twopassportsapp@gmail.com