Privacy Policy

Last updated: 22 Feb 2026 · Effective: 22 Feb 2026 · Aligned with Google Play Data Safety declarations

1. Who we are

Your Travel Companion is a mobile application published by Autopilot Labs (the "developer", "we", "us"), an independent software studio. You can reach us anytime at hello@yourtravelcompanion.app.

This policy describes how the Your Travel Companion mobile application (the "App"), our website yourtravelcompanion.app, and any related services handle personal information.

2. What data lives only on your device

The following is created, stored, and encrypted locally on your device. It never leaves your phone unless you explicitly export or share it:

• Photos and videos attached to journal entries.
• Voice memos and audio recordings.
• Vault contents — passport scans, boarding passes, visas, travel insurance, any file you store there. Encrypted with AES-256 and gated by your device biometrics.
• Location data used for trip-tagging: processed on-device only, never transmitted.
• Your biometric template: stored exclusively in your device's secure enclave; we never receive it.

If you uninstall the App, wipe your device, or revoke storage permissions, this data is permanently gone — including from any subsequent reinstall, unless you use a Recovery Phrase (see Section 4).

3. What data is stored on Autopilot Labs infrastructure

To enable cross-device continuity, account-free recovery, and Studio PDF export, the following data is securely stored on infrastructure operated by Autopilot Labs. It is encrypted in transit via TLS 1.2+ and encrypted at rest. We never sell, share, profile against, or use it for advertising:

• Trip metadata: trip titles, destinations, dates, cover-image references, trip ordering.
• Booking details: flight numbers, hotel names, activity titles, dates and times you save into the itinerary.
• Journal entry text content (the typed note itself; not the attached photos or audio, which stay local).
• Vault item metadata only (document title, category, date added). The actual document file contents stay encrypted on your device.
• Anonymous device token: a randomly generated identifier (no email, no phone number, no name) used to link your installation to your records on subsequent app launches.
• Purchase tokens from Google Play Billing — see Section 5.

Why this is on infrastructure and not just your device: the app does not require you to create an email/password account, but you still expect your itinerary to be there after a reinstall, on a second device, or if your phone breaks. Server-side storage of metadata is what makes that possible without forcing you to sign up. If you would rather have a strictly local-only setup, contact us and we will provide a "local-only mode" toggle in a future release.

4. Anonymous device tokens and Recovery Phrases

Your Travel Companion uses an anonymous device token — a randomly generated identifier created on first launch — to associate your app installation with your trip metadata stored on our infrastructure. We never receive your name, email, phone number, or any personally identifiable account credential.

Because there is no email/password, restoring access on a new or reset device requires a Recovery Phrase: a 12-word phrase generated on your device during onboarding (or anytime in Settings). The phrase is computed locally and never transmitted to or stored by us. You write it down or save it to your password manager. On a new device, entering the phrase regenerates your device token and reconnects you to your trip metadata.

If you do not back up your Recovery Phrase and lose access to your device, your metadata cannot be recovered. Because we hold only an anonymous token — never your email or any other contact — we have no way to identify or restore "your account" without the phrase.

5. What other data we may collect

We collect the minimum data required to operate the App and only as listed below.

5.1 Anonymous crash & diagnostic data (optional, opt-in)

If you opt-in during onboarding, the App may send anonymous crash reports and basic diagnostic data (device model, OS version, app version, anonymized stack traces) to help us fix bugs. This data does not include your trip content, journal text, vault files, location, name, email, or any identifier that can be tied back to you. You can disable this at any time in Settings → Privacy → Diagnostics.

5.2 Purchase data

If you purchase Companion Pro, a Day Pass, or an Export Credit, the transaction is processed by Google Play Billing. We receive only:

• A confirmation that the purchase succeeded.
• An anonymous purchase token used to validate your entitlement.
• The product purchased and the country of purchase.

We never receive your full name, payment card number, billing address, or email address from Google Play. Refer to Google's privacy policy for how Play Billing handles your payment information.

5.3 Live Flight Lookup (Pro / Day Pass only, when you use it)

When you tap "Look up flight" with an active Pro subscription or Day Pass, the App sends only the flight number and date to a third-party flight data provider (AirLabs) to retrieve real-time status. No other personal information is transmitted. The query is not stored long-term by us.

5.4 Smart Paste (Pro, when you use it)

When you tap "Smart Paste" on a booking confirmation, the pasted text is sent to a third-party large-language-model provider (Google Gemini) for the sole purpose of extracting structured booking details (airline, flight number, date, destination). The provider has contractual commitments not to train models on or retain this data beyond the processing window. No other personal information is transmitted.

5.5 Optional support correspondence

If you email us at support@, hello@, or hello@yourtravelcompanion.app, we receive your email address and message contents so we can reply. We retain support emails for up to 24 months for service-quality purposes.

6. What we do not do

• We do not require you to create an account, sign-up, or provide an email address.
• We do not collect your name, phone number, or postal address.
• We do not upload, transmit, or read your photos, voice memos, or vault file contents.
• We do not track your location in the background.
• We do not show ads.
• We do not use behavioural advertising trackers, fingerprinting, or third-party analytics SDKs that profile users.
• We do not sell, rent, or share your personal information with data brokers — full stop.
• We do not train AI models on your content.

7. Permissions the App requests

• Camera: only when you choose to scan a document into the Vault or take a journal photo. Photos go directly to local storage.
• Photo library: only when you choose to attach an existing photo to a journal entry.
• Storage: to save your encrypted database, journal media, and PDF exports on your device.
• Biometric / Face Unlock: to unlock the Vault. The biometric template never leaves your device's secure enclave.
• Network: required only for: app updates, optional crash reporting, Google Play purchases, and Live Flight Lookups during an active Day Pass.

You can revoke any permission at any time in your device settings.

8. Children's privacy

The App is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect data from children. If you believe a child has used the App and contacted us, email hello@yourtravelcompanion.app and we will delete any record.

9. International users

The App is offered worldwide. Trip metadata stored on our infrastructure may be processed in the United States, the European Union, or New Zealand by us or our service providers, all of whom are bound by appropriate data-protection obligations. Photos, audio, and Vault contents never leave your device, so no cross-border transfer of that data occurs.

10. Your rights — including data deletion

You have full control to view, edit, export, or delete any item at any time, both within the App and from our infrastructure.

How to delete your data:

• Delete individual items: Open the App → long-press any trip, journal entry, or vault document → tap Delete. The item is permanently removed from both your device and our infrastructure.
• Delete everything in the App: Open the App → Settings → Privacy → "Erase all app data". This cascade-deletes every trip, entry, document, booking, and setting from both your device and our infrastructure within 24 hours. The action is irreversible.
• Delete by uninstalling: Uninstalling the App destroys all on-device data immediately. To also remove your trip metadata from our infrastructure, use the "Erase all app data" option above before uninstalling, or submit a web-based deletion request below.
• Delete incidental data we hold: Email hello@yourtravelcompanion.app with the subject line "Data Deletion Request". This covers support emails, anonymous diagnostics, and purchase tokens. We will confirm deletion within 30 days.
• Web-based deletion request: yourtravelcompanion.app/privacy/data-deletion/

No account = no login to "close". Your Travel Companion does not require an account, sign-up, login, email address, or any persistent identifier other than the anonymous device token described in Section 4. There is no login account to delete because no login account ever existed.

Residents of the EU, UK, California, and other jurisdictions with comprehensive privacy laws have additional rights including the right to object, restrict processing, and lodge a complaint with a supervisory authority.

11. Security

Vault contents and journal media are encrypted on-device using AES-256 and protected by your device biometrics. The application database is sandboxed by the operating system. Trip metadata stored on our infrastructure is encrypted at rest. All network calls use TLS 1.2 or higher. API requests are signed with HMAC to prevent tampering. While no system is 100% secure, we follow modern Android security best practices.

12. Data retention

• On-device data: retained until you delete it or uninstall the App.
• Trip metadata on our infrastructure: retained for as long as your device token is active, or until you submit a deletion request. Inactive tokens (no app activity for 24 months) are automatically purged.
• Anonymous diagnostics (if enabled): retained up to 90 days.
• Purchase tokens: retained for the lifetime of your subscription plus 24 months for tax and dispute records.
• Support emails: retained up to 24 months.

13. Third-party services

The App uses the following limited third-party services. Each is invoked only when needed:

• Google Play Billing — to process purchases. Google Privacy Policy
• Google Play Services (crash reporting) — only if you opt in. Google Privacy Policy
• AirLabs Flight Data — only during a Pro / Day Pass lookup. We send only the flight number and date.
• Google Gemini — only when you tap Smart Paste on a booking confirmation. We send only the pasted text.
• Sentry — only if you opt in to crash reporting. Anonymous diagnostics only.

14. Changes to this policy

If we update this policy, we will post the new version on this page and bump the "Last updated" date at the top. Material changes will be highlighted in-app at next launch.

15. Contact

Questions, requests, or concerns? Email hello@yourtravelcompanion.app. We respond to every email, from real humans.

← Back to home