Privacy Policy

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support.

Account and Profile Information

• Email address and account credentials
• Display name, username (handle), and bio
• Profile photo or avatar
• Home base location
• Social media links (Instagram, TikTok, YouTube)

Travel and Trip Information

• Trip names, descriptions, and dates (start and end dates)
• Trip status (planned, in-progress, completed, cancelled)
• Trip thumbnail images
• Favorite trip designations
• Travel companions
• Country codes and place information

Place and Location Data

• Place names, titles, and place information
• Geographic coordinates (latitude and longitude)
• Bounding box coordinates for map display
• Place IDs and geohash data
• Arrival and departure dates for each place
• Place thumbnail images with photographer attribution
• Country and country code information
• Place tags

Transportation and Accommodation Details

• Transportation types (flight, train, bus, car, ferry, other)
• Departure and arrival locations and dates
• Transportation confirmation codes
• Accommodation types (hotel, hostel, couchsurfing, resort, home, other)
• Accommodation names, check-in and check-out dates
• Reservation codes

Content and Notes

• Rich text notes and travel journal entries
• Media files (photos and videos) you upload
• Posts and social content
• Booking information

Preferences and Settings

• Privacy settings (location precision, default post visibility)
• Locale and timezone preferences
• Unit preferences (metric or imperial)
• Notification preferences (email, push notifications, weekly digest)
• Marketing consent preferences
• Map theme and display preferences

Usage and Technical Information

• Usage analytics and trends
• Communications with our support team
• Technical logs and error reports

We use the information we collect to:

• Provide, maintain, and improve our travel planning and trip management services
• Store and organize your trips, places, transportation, and accommodation information
• Display your travel data on maps and visualizations using location coordinates
• Process and manage your travel bookings, reservations, and confirmations
• Enable you to create, edit, and manage travel notes and journal entries
• Personalize your experience based on your preferences and settings
• Send technical notices, updates, and support messages
• Respond to your comments, questions, and support requests
• Monitor and analyze usage trends to improve our services
• Send marketing communications (only with your consent)
• Comply with legal obligations and protect our rights

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information in the following circumstances:

• With your consent
• To comply with legal obligations
• To protect our rights and safety
• In connection with a business transfer

We use cookies and similar tracking technologies to provide, maintain, and improve our services. Cookies are small text files stored on your device that help us remember your preferences and authenticate your sessions.

Types of Cookies We Use

• Essential Authentication Cookies: We use HTTP-only cookies to securely store your authentication tokens (access tokens and refresh tokens). These cookies are required for you to access and use our services. They are set with the HttpOnly flag, which means they cannot be accessed by JavaScript, providing enhanced security against cross-site scripting (XSS) attacks.
• Session Cookies: These cookies help maintain your session while you use our services and are automatically deleted when you close your browser.
• Preference Cookies: These cookies remember your preferences, such as theme settings, language preferences, and display options.

Cookie Security

Our authentication cookies are:

• Set with the HttpOnly flag to prevent JavaScript access, reducing the risk of XSS attacks
• Set with the Secure flag in production to ensure they are only sent over HTTPS connections
• Configured with appropriate expiration times (access tokens: 1 hour, refresh tokens: 7 days)
• Protected by SameSite policies to help prevent cross-site request forgery (CSRF) attacks

Managing Cookies

Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. However, if you disable cookies, you may not be able to access or use certain features of our services, as authentication requires cookies to function properly.

You can manage cookie preferences through your browser settings. Please note that disabling essential authentication cookies will prevent you from logging in or using our services.

We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

• Encryption of data in transit and at rest
• Secure authentication using HTTP-only cookies to protect authentication tokens from client-side JavaScript access
• Server-side authentication checks and token validation
• Regular security assessments and updates
• Protection of sensitive information such as confirmation codes and reservation details
• Location data privacy controls based on your preferences

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

You have the right to:

• Access and update your personal information, including profile data, trips, places, and travel details
• Delete your account and all associated data, including trips, places, transportation, accommodation, notes, and media
• Export your data in a portable format
• Control location precision settings to protect your privacy
• Opt out of marketing communications (you can manage this in your settings)
• Request a copy of all data we have stored about you
• Correct inaccurate or incomplete information
• Object to certain processing of your personal information

To exercise these rights, please contact us at privacy@nomu.land or use the data export and deletion features available in your account settings.

If you have any questions about this Privacy Policy, please contact us at privacy@nomu.land.