Back to home

Privacy Policy

LAST UPDATED: APRIL 10, 2026

What We Collect

GUS collects only the minimum information needed to provide the service. This includes your email address, chosen codename, and the travel data you voluntarily enter into the app such as cities visited, journal entries, routes, and uploaded photos.

We do not collect data passively. Every piece of information in your GUS profile was put there by you.

What We Never Collect

  • Third-party analytics or tracking scripts
  • Behavioral tracking or fingerprinting
  • Background location data
  • Advertising cookies or marketing pixels
  • Data from other apps on your device

Third-Party Services

GUS uses a small number of trusted third-party services to operate:

  • Supabase -- Authentication, database hosting, and file storage. Your data is stored on Supabase infrastructure with Row Level Security (RLS) ensuring only you can access your data.
  • Cloudflare -- DNS and CDN services for fast, secure page delivery. Cloudflare does not have access to your application data.
  • Google Fonts -- Web fonts loaded from Google's CDN. Google may log standard web request data (IP address, browser type). No cookies are set.
  • OpenStreetMap -- Map tiles for the atlas feature. OpenStreetMap may log standard web request data. No personal information is transmitted.

We do not sell, share, or provide your personal data to any other third parties.

Cookies & Tracking

GUS does not use cookies for advertising, analytics, or tracking purposes. The only cookies used are essential authentication tokens required to keep you signed in. These are first-party, secure, httpOnly cookies that cannot be read by third-party scripts.

We do not use any tracking pixels, beacons, or fingerprinting techniques.

Your Rights

You have full control over your data at all times. You may:

  • Export all your data at any time in standard formats
  • Request complete deletion of your account and all associated data
  • Access and review all data we store about you
  • Modify or correct any personal information

To exercise any of these rights, contact us at the email below. Deletion requests are processed within 30 days and are irreversible.

Data Security

Your data is stored securely on Supabase infrastructure with encryption at rest and in transit. We use Row Level Security (RLS) policies to ensure that only you can access your data through the API. No GUS employee can view your journal entries, routes, or photos.

All connections to GUS are made over HTTPS/TLS. We follow industry best practices for secure application development and regularly review our security posture.

Children's Privacy

GUS is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. We encourage you to review this page periodically for any changes.

If we make material changes that affect how we handle your personal data, we will notify you via email or through a prominent notice within the application.

Questions? Contact us at [email protected]
Features Pricing Privacy Terms Contact
2026 EPH Tech Solutions. All rights reserved.