Privacy Policy

A Traveler's Journal ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website at atravelersjournal.net and related services.

1. Information We Collect

We collect the following information when you use our service:

• Google Account Information: When you sign in with Google, we receive your name, email address, and profile picture from Google.
• Google Photos Access: With your permission, we create and manage albums in your Google Photos account on your behalf. We do not store your photos on our servers.
• Trip Data: Information you provide about your trips, including trip names, dates, and the QR code identifiers from your physical journal.
• Usage Data: We collect basic information about how you use our site, including pages visited, features used, browser type, and IP address. If you are located in the EU or UK, we will request your consent before setting any non-essential cookies.

2. How We Use Your Information

We use the information we collect to:

• Create and manage your account
• Create Google Photos albums linked to your journal trips
• Display your trip albums on your personal dashboard
• Send transactional emails related to your account, such as welcome and account deletion confirmations
• Improve our service

3. Google Photos Integration

Our service integrates with Google Photos to create and organize trip albums on your behalf. We access your Google Photos account only to create albums when you scan a QR code in your journal. We do not read, modify, or delete existing photos or albums unless explicitly initiated by you. Your photos remain in your Google account and are subject to Google's own Privacy Policy.

A Traveler's Journal's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we only use Google user data to provide and improve user-facing features that are prominent in our application's user interface. We do not use this data for serving advertisements, and we do not allow humans to read this data unless we have your affirmative agreement, it is necessary for security purposes, to comply with applicable law, or our use is for internal operations and the data has been aggregated and anonymized.

4. Data Storage

Our website is hosted on Vercel, and account and trip data is stored in Supabase. Both providers encrypt data in transit (HTTPS) and at rest. We do not store your photos or Google Photos content on our servers. Your photo content remains in your Google account at all times.

5. Sharing Your Information

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

• With Google, when making API calls on your behalf to provide the Google Photos integration
• With Supabase, our database provider, to store your account and trip data
• With Vercel, our hosting provider, which processes server logs and request data
• With Resend, our transactional email provider, to deliver account-related emails
• If required by law or to protect our legal rights

6. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us at the email below. Upon receiving a deletion request, we will delete your account data from our systems within 30 days, except where retention is required by law. Deleting your account does not delete your Google Photos albums — those remain in your Google account and can be managed through Google Photos directly.

7. Your Rights

Depending on your location, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Request a portable copy of your data
• Object to or restrict certain processing of your data
• Revoke Google account access at any time via your Google account permissions page
• Lodge a complaint with your local data protection authority (for EU/UK residents)

The legal bases on which we process your personal data are your consent (for Google Photos access) and the performance of our service agreement with you (for account management).

California residents: We do not sell or share personal information as those terms are defined under the California Consumer Privacy Act (CCPA).

8. Children's Privacy

Our service is not directed to children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children under this age. If you believe we have inadvertently collected such information, please contact us immediately.

9. Security

We take reasonable measures to protect your information from unauthorized access, disclosure, or destruction, including encryption in transit (HTTPS) and at rest through our database provider. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date.

11. Contact Us

A Traveler's Journal is operated by Julian Scarpa and Julianna Tully. If you have any questions about this Privacy Policy, please contact us at:
thejandjcompany.shop@gmail.com