Privacy Policy

Version: 0.9 · Last updated: [DATE] · Effective date: [DATE]

DRAFT — pending legal review before publication
This document is the authoritative English version. Translations are provided for convenience; in case of conflict, the English version prevails.

1. Who we are

Camino GO ("the App", "we", "us") is operated by:

EU Representative (Art. 27 GDPR): [TO BE APPOINTED BEFORE LAUNCH]

We act as the data controller for the personal data described in this policy.

2. Scope

This policy covers the Camino GO mobile application, related backend services, and the caminogo.app website. It does not cover third-party websites or services we link to (e.g., an accommodation's own booking page).

3. What data we collect

3.1 Account data

3.2 Location and activity data

3.3 Photos and AI inputs

3.4 User-generated content (UGC)

3.5 Purchases

Purchase entitlements (Trip Pass, subscription status, point balance) and platform receipts. Payment is processed entirely by Apple App Store / Google Play; we never receive your card details.

3.6 Technical data

3.7 Website visitors (caminogo.app)

4. Why we process it (purposes and legal bases)

PurposeDataLegal basis (GDPR)
Provide the App (account, maps, planner, tracking)3.1, 3.2, 3.6Art. 6(1)(b) contract
AI features you invoke (photo analysis, chat, daily briefing)3.2, 3.3Art. 6(1)(b) contract
Weather for your routeApproximate locationArt. 6(1)(b) contract
Community features (chat, forum, community edits)3.4Art. 6(1)(b) contract
Content moderation of public content3.4Art. 6(1)(f) legitimate interest (keeping the community safe)
Purchases and entitlements3.5Art. 6(1)(b) contract; Art. 6(1)(c) legal obligation (accounting)
Security, abuse prevention, rate limiting3.6Art. 6(1)(f) legitimate interest
Service announcements3.1Art. 6(1)(b) contract
Launch notification list (website)3.7Art. 6(1)(a) consent
Aggregate, cookieless website analytics3.7Art. 6(1)(f) legitimate interest (understanding site usage without tracking individuals)
Website hosting, security & CDN server logs3.7Art. 6(1)(f) legitimate interest
Marketing communications (if any)3.1Art. 6(1)(a) consent — opt-in only

We do not sell personal data. We do not use personal data for third-party advertising.

5. AI processing — what you should know

6. Processors and international transfers

ProcessorPurposeLocation / transfer safeguard
Hetzner Online GmbHApplication servers, databaseEU (Germany/Finland)
Cloudflare, Inc. (R2, Workers, Pages, Workers KV, Web Analytics)Image storage, map tile delivery, website hosting, launch-list storage, cookieless website analyticsEU jurisdiction setting; EU–US Data Privacy Framework (DPF) / SCCs where applicable
Google (Firebase Authentication, Cloud Messaging)Sign-in, push notificationsUS; DPF / SCCs
Google (Gemini API)AI featuresUS; DPF / SCCs
OpenAI, L.L.C.Automated moderation of public contentUS; DPF / SCCs
WeatherAPI.comWeather forecasts for approximate route locations (coordinates only; no account identifiers are sent)Per their privacy policy; SCCs where applicable
Apple / GoogleIn-app purchasesPer their own privacy policies (independent controllers)

Where data leaves the EEA, we rely on the EU–US Data Privacy Framework and/or Standard Contractual Clauses.

7. Retention

DataRetention
Account dataUntil account deletion
Walking records / tracks / diariesUntil you delete them or your account
AI photos & session context~30 minutes (server session), then deleted
AI text questions in server logsUp to 30 days, for reliability and abuse prevention
UGC (posts, chat, direct messages)Until you delete it or your account (see §8 for what remains anonymized); moderation records of removed content kept up to 12 months for abuse prevention
Purchase recordsAs required by tax/accounting law
Server logs (including IP addresses)Up to 90 days
Launch notification list (website)Until the launch announcement is sent, then deleted within 90 days — or immediately upon your request
BackupsRolling backups retained up to 35 days; deleted data ages out of backups within this window

8. Your rights

Under the GDPR (and, where applicable, Taiwan's PDPA and other local laws) you have the right to: access, rectify, erase, port, restrict, and object to processing of your personal data, and to withdraw consent at any time where processing is based on consent.

9. Security

Data in transit is encrypted (TLS). Access to production systems is restricted and logged. AI photo sessions are short-lived by design. No system is perfectly secure; we will notify affected users and authorities of personal data breaches as required by Art. 33/34 GDPR.

10. Children

Camino GO is not directed at children. You must be at least 16 years old (or the digital consent age in your country, if higher) to create an account.

11. Offline data

Route data, maps, and your settings are cached on your device for offline use. Data stored only on your device is under your control and is removed when you uninstall the App.

12. Changes

We will notify you of material changes in-app before they take effect. Continued use after the effective date constitutes acceptance.

13. Contact

Privacy requests: support@caminogo.app
General support: support@caminogo.app
EU representative: [TO BE APPOINTED — see §1]