Legal

Privacy Policy

Last updated:

This Privacy Policy explains how BackToTrip (“we”, “us”, “our”) collects, uses, and protects information about you when you use our mobile application and related services.

1. Overview

BackToTrip is a group trip management app designed for Android and iOS. We are committed to respecting your privacy and handling your personal data responsibly. This policy describes our practices in plain language.

2. Information We Collect

Information you provide

  • Account information: name, email address, and profile photo when you create an account via Google Sign-In or email/password.
  • Trip data: itinerary items, locations, trip names, dates, and notes you add to trips.
  • Expense data: payment amounts, payer names, and split configurations you record within trips.
  • Uploaded files: ticket images or PDFs you upload for a trip.

Information collected automatically

  • Device information: operating system version, app version, and device type — used for crash reporting and compatibility.
  • Usage data: features you interact with, in aggregate form, to help us improve the product.
  • Crash logs: anonymised stack traces when the app encounters an error (via Firebase Crashlytics).

Information we do NOT collect

  • We do not collect your precise GPS location unless you explicitly search for a place inside the app.
  • We do not sell your data to advertisers or data brokers.
  • We do not use your data to serve targeted advertisements.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the BackToTrip app and services.
  • Sync your trip data across devices and share it with members of your trip.
  • Authenticate your identity and keep your account secure.
  • Send transactional notifications related to trips you are part of (e.g. when a new expense is added).
  • Diagnose and fix technical issues using anonymised crash data.
  • Comply with applicable legal obligations.

4. Sharing Your Information

We do not sell, rent, or trade your personal information. We share data only in the following circumstances:

  • With your trip members: Trip data (itinerary, expenses, tickets) is visible to all members of the trip you create or join. You control who joins via the trip code.
  • With service providers: We use Firebase (Google) for authentication, real-time database, file storage, and crash reporting. Google's data processing is governed by their own privacy policy.
  • For legal reasons: If required by law, court order, or to protect the rights and safety of our users.

5. Data Retention

We retain your account data for as long as your account is active. Trip data is retained for as long as the trip exists in our system. You can delete your account and associated data at any time from within the app settings. Upon deletion, we will remove your personal data within 30 days, except where retention is required by law.

6. Security

We implement industry-standard security practices including:

  • Data encrypted in transit using TLS/HTTPS.
  • Data at rest encrypted by Firebase (AES-256).
  • Authentication handled by Firebase Authentication with optional Google Sign-In.
  • Role-based access control within trips to prevent unauthorised access.

No system is perfectly secure. If you believe your account has been compromised, please contact us immediately at asyncapp1@gmail.com.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update inaccurate or incomplete data within the app or by contacting us.
  • Deletion: Delete your account and associated data at any time.
  • Portability: Request your data in a machine-readable format.
  • Objection: Object to certain processing activities.

To exercise any right, contact us at asyncapp1@gmail.com. We will respond within 30 days.

8. Children's Privacy

BackToTrip is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal data, we will delete it promptly. If you believe a child has provided us data, please contact us at asyncapp1@gmail.com.

9. Third-Party Services

The app uses the following third-party services, each with their own privacy policies:

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, where the changes are significant, notify you via the app or email. Continued use of BackToTrip after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

← Back to BackToTrip