Privacy Policy

Last updated: March 19, 2026

Guilherme Teixeira de Mello ("we," "us," or "our") operates the Jornada mobile application ("App"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the App.

By using Jornada, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the App.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (provided directly or obtained through Apple Sign-In or Google Sign-In)
• Display name (if provided through your sign-in method)
• Authentication provider (email, Apple, or Google)
• Unique user identifier assigned by our authentication system

1.2 Travel Planning Data

When you use the App to plan trips, you may provide:

• Trip details (destination, dates, budget, notes, status)
• Daily itinerary information (activities, accommodations, transportation)
• Expense records (amounts, categories, currencies)
• Packing lists
• Trip photos and captions
• Travel preferences (travel styles, budget level, dietary restrictions, spoken languages, home airport, home currency)

1.3 Document Vault Data

If you use the Document Vault feature, you may store:

• Scanned images of personal documents (passports, visas, ID cards, driver's licenses, insurance documents, vaccination records, boarding passes, reservations)
• Document metadata (name, type, number, issue and expiry dates, issuing country)
• Text extracted from scanned documents via on-device optical character recognition (OCR)

1.4 AI Conversation Data

When you use the AI-powered features (Discover and AI Assistant), we collect:

• Messages you send to the AI assistant (limited to 4,000 characters per message)
• Conversation history (stored locally on your device and synced via iCloud)
• Trip context included with AI requests (destination, dates, budget, planned activities, and your travel preferences)

1.5 Location Data

With your permission, we collect your precise location (when the App is in use) for the following purposes:

• Displaying local weather conditions
• Discovering nearby places and recommendations

We do not collect location data in the background, and location data is not stored persistently in the App.

1.6 Purchase Information

If you subscribe to Jornada Premium, we collect purchase information through our subscription management provider (RevenueCat), including your subscription status and entitlements. We do not directly process or store your payment card details.

1.7 Information We Do Not Collect

• We do not use analytics or tracking SDKs
• We do not collect device advertising identifiers
• We do not track your activity across other apps or websites
• We do not collect health, fitness, or biometric data (biometric authentication for the Vault is handled entirely by iOS and no biometric data is accessible to the App)

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain the App — create and manage your account, store your travel plans, and sync data across your devices via iCloud
• Power AI features — send your trip context and messages to our AI service to generate personalized travel recommendations and suggestions
• Process subscriptions — manage your Jornada Premium subscription and provide access to premium features
• Send local notifications — alert you about upcoming trips, document expiry dates, and budget thresholds (notifications are generated on your device, not from our servers)
• Improve the App — understand usage patterns to fix bugs and improve features (without analytics tracking)

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data with the following service providers only as necessary to operate the App:

3.1 Firebase (Google Cloud)

• Purpose: User authentication, user profile storage, AI usage tracking, backend API hosting
• Data shared: Email address, display name, authentication tokens, user identifier, AI usage counts

3.2 Anthropic (Claude AI)

• Purpose: AI-powered travel recommendations and chat assistance
• Data shared: Your messages, conversation history, and trip context (destination, dates, budget, activities, travel preferences)
• How: Data is sent through our secure backend server — never directly from your device to Anthropic
• Retention: Trip context is sent per-request only and is not persistently stored on our servers. Anthropic may process and retain data according to their API terms.

3.3 Google Places API

• Purpose: Search for places, restaurants, attractions, and accommodations
• Data shared: Search queries and location coordinates

3.4 RevenueCat

• Purpose: Subscription management and in-app purchase processing
• Data shared: User identifier, purchase and subscription status

3.5 Apple (iCloud / CloudKit)

• Purpose: Sync your travel data across your Apple devices
• Data shared: All travel planning data (trips, activities, expenses, packing items, photos, AI conversations, preferences)
• Note: Data is stored in your private iCloud database and is accessible only to you

3.6 Apple WeatherKit / Open-Meteo

• Purpose: Display weather forecasts for your travel destinations
• Data shared: Geographic coordinates (latitude and longitude)

3.7 Frankfurter.app

• Purpose: Currency exchange rate conversions
• Data shared: Currency codes only (no personal data)

3.8 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

4. Data Storage and Security

4.1 Where Your Data Is Stored

• On your device: Travel data, AI conversations, document vault, photos, and preferences are stored locally using SwiftData
• iCloud (CloudKit): Travel data (excluding vault documents) is synced to your private iCloud database, managed by Apple
• Firebase (Google Cloud): Account information and AI usage tracking are stored on Google Cloud servers
• Our backend (Google Cloud Functions, europe-west1): Processes AI requests but does not persistently store your trip data or conversation history

4.2 Security Measures

• Document Vault: Protected with iOS Complete File Protection (data is encrypted and inaccessible when your device is locked) and optionally secured with biometric authentication (Face ID, Touch ID, or Optic ID)
• API security: All communication between the App and our backend uses HTTPS encryption. Requests are authenticated with Firebase App Check and Firebase Authentication tokens
• Server security: AI API keys are stored exclusively on our server and are never included in the App binary. Request size is limited to 100 KB. Rate limiting is enforced server-side
• Access control: Firestore security rules ensure users can only access their own data
• Sensitive keys: API keys that must reside on the device (Google Places, RevenueCat) are stored in the iOS Keychain

5. Data Retention and Deletion

5.1 Data Retention

• Account data is retained as long as your account is active
• Travel data is retained on your device and in iCloud until you delete it
• Vault documents are retained on your device until you delete them
• AI conversations are retained on your device and in iCloud until you delete them

5.2 Account Deletion

You can delete your account at any time through the App's Settings screen. When you delete your account:

• Your Firebase authentication account is permanently deleted
• Your Firestore user profile and AI usage records are permanently deleted
• Your iCloud (CloudKit) data remains tied to your Apple ID and can be managed through your iCloud settings
• Local data on your device (vault documents, trip photos) remains until you uninstall the App or manually delete it

5.3 Data Portability

Your travel data synced to iCloud is accessible through your Apple ID. Local data (photos, vault documents) is stored in the App's documents directory on your device.

6. Children's Privacy

Jornada is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will take steps to delete such information.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate personal information
• Delete your personal information (see Section 5.2)
• Object to or restrict certain processing of your personal information
• Data portability — receive your data in a structured, machine-readable format

To exercise any of these rights, please contact us using the information in Section 10.

7.1 California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request deletion of your data, and opt out of the sale of your personal information. We do not sell your personal information.

7.2 European Residents (GDPR)

If you are located in the European Economic Area, our legal basis for processing your personal information includes:

• Contract performance — to provide the App's services as described in our Terms of Use
• Consent — for location access and optional features
• Legitimate interests — to maintain and improve the App

You may withdraw consent at any time by adjusting your device permissions or contacting us.

8. Third-Party Links

The App may contain links to third-party websites or services (e.g., Google Maps, Waze, place websites). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

This privacy policy applies to the Jornada iOS application published by Guilherme Teixeira de Mello.