DayLeap

dayleap.app

Privacy Policy

DayLeap ("we", "our", "the app") is a day trip planning app powered by AI. This policy explains what data we collect, why, and how we protect it.

1. What we collect

We collect only what is necessary to run the app:

• Account data — when you sign in with Google: your display name, email address, and Google profile photo. We do not store your Google password.
• Usage data — your remaining starter credits, active plan type, and plan usage count. Stored in Firestore linked to your user ID.
• Location data — when you allow device location for "Now in the city", your approximate current coordinates are used to find nearby place suggestions and build a route. Location access is optional and only used when you request this feature.
• Plan inputs — destination, day style, pace, budget, and interests you enter into the form. These are sent to the Gemini API to generate your plan and are not stored permanently on our servers.
• Analytics events — anonymous usage events (e.g. plan generated, screen viewed) via Firebase Analytics. No personally identifiable data is included in analytics events.

2. What we do NOT collect

• We do not collect payment card details. Payments (when enabled) are processed by third-party providers.
• We do not sell, rent, or share your personal data with advertisers or third parties for marketing purposes.
• We do not build advertising profiles.

3. Third-party services

DayLeap uses the following third-party services, each governed by their own privacy policies:

• Firebase Authentication (Google) — handles sign-in. Firebase Privacy
• Firestore (Google) — stores your user document (credits, plan status). Firebase Privacy
• Firebase Analytics (Google) — anonymous usage analytics. Firebase Privacy
• Gemini API (Google) — generates your day plan from the form inputs you provide. Gemini API Terms
• Google Places API — powers destination autocomplete. Google Privacy Policy
• RevenueCat — manages subscription status and purchase entitlements. RevenueCat Privacy
• Apple App Store / Google Play — processes purchases and subscriptions. We do not receive your payment card details.
• Stripe — processes web subscriptions and provides subscription management. We do not receive your payment card details. Stripe Privacy

4. Data storage and security

Your data is stored in Google Firebase (Firestore), hosted in the EU/US region. We use Firebase Security Rules to ensure each user can only access their own data. Data in transit is encrypted via HTTPS.

Guest users (not signed in) have no personal data stored on our servers. Their usage counter is stored locally in the browser (localStorage).

5. Data retention

Your Firestore user document is retained as long as your account exists. You may request deletion at any time by contacting us. We will delete your record within 30 days of a verified request.

6. Your rights (GDPR)

If you are located in the European Economic Area, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to or restrict processing of your data
• Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at [email protected].

7. Children

DayLeap is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

8. Changes to this policy

We may update this policy as the app evolves. We will update the "Effective" date above when we do. Continued use of DayLeap after changes constitutes acceptance of the updated policy.

9. Contact

Questions or requests regarding this policy:

• Email: [email protected]
• Delete account: dayleap.app/delete-account
• Website: dayleap.app