Privacy Policy
Ultreia ("we", "us", "the App") is a companion application for pilgrims walking the Camino de Santiago. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
1. Information We Collect
1.1 Authentication Data
When you first open the App, an anonymous account is created automatically via Firebase Authentication. No personal information is required at this stage.
If you choose to link your email address (for booking lookups), the following is collected:
- Email address — used to find your booking and verify your identity
- Firebase User ID (UID) — an anonymous identifier assigned by Firebase
1.2 Location Data
The App requests access to your device's GPS to show your position on the trail map and track your walking progress. Location data is processed entirely on your device and is not transmitted to our servers.
📍 GPS coordinates are used locally for trail snap calculations and progress tracking. We do not store, transmit, or share your location history.
The App uses foreground-only location access. Background location tracking is not used.
1.3 Booking Data (via Galiwonders)
If you have a booking through Galiwonders (our booking partner), the App retrieves your booking details using your verified email address. This data includes:
- Your name, phone number, nationality
- Trip dates and accommodation details
- Dietary and medical notes (if provided to the booking agent)
- Companion details (names, contact information)
This data is retrieved in transit from the Galiwonders API and displayed in the App. It is not stored in our database. It may be cached locally on your device for offline access.
1.4 Itineraries
You can create custom itineraries in the App. The following data is stored on our server, linked to your Firebase UID:
- Trail selection and stage preferences
- Start date and number of pilgrims
- Custom title and notes you add to stages
1.5 Accommodation Search
When you search for nearby accommodations, your approximate location coordinates are sent to our server to return relevant results. These coordinates are not stored — they are used only to process your search request.
2. Data Stored on Your Device
The App follows an offline-first approach. The following data is stored locally on your device using an embedded SQLite database:
| Data | Purpose | Contains personal data? |
|---|---|---|
| Trail routes, stages, POIs | Offline navigation and map display | No |
| Narratives and stories | Cultural content along the Camino | No |
| Booking cache | Offline access to your booking | Yes — may include name, email, trip details |
| Itinerary cache | Offline access to your itinerary | Yes — may include custom notes |
| App preferences | Map filters, selected trail, stage progress | No |
This data remains on your device and can be deleted by uninstalling the App or clearing its data in your device settings.
3. Third-Party Services
The App uses the following third-party services that may process data:
| Service | Purpose | Data shared | Privacy policy |
|---|---|---|---|
| Firebase Authentication (Google) |
User authentication | Email, UID, IP address | Firebase Privacy |
| Sentry (Functional Software) |
Error monitoring & crash reporting | Crash reports, device info, IP address, technical request metadata | Sentry Privacy |
| Mapbox (Mapbox Inc.) |
Map display & navigation | Map viewport location, device type, OS | Mapbox Privacy |
| Galiwonders | Booking data retrieval | Email address (for lookup) | Galiwonders Privacy |
| Google Places API (Google) |
Accommodation information | Hotel names and locations (no user data) | Google Privacy |
4. Error Monitoring & Crash Reporting
We use Sentry to monitor application stability and diagnose issues. When an error occurs, the following technical data may be collected:
- Error stack traces and diagnostic information
- Device model, operating system, and app version
- IP address and technical request metadata (server-side)
- Screenshots of the app screen at the time of the error (client-side)
Sentry error data is stored in the EU region and is retained for up to 90 days. This data is used exclusively for debugging and improving app stability.
5. What We Do Not Collect
- We do not use analytics or behavioral tracking
- We do not collect advertising identifiers
- We do not access your contacts, photos, or camera
- We do not track your browsing history
- We do not use background location access
- We do not sell or share your data with advertisers
6. Data Retention
| Data | Retention period |
|---|---|
| Itineraries | Until you delete them via the App |
| Booking data | Not stored — retrieved on demand from Galiwonders |
| Firebase Auth account | Until you request deletion |
| Sentry error reports | 90 days |
| Local device data (SQLite) | Until you uninstall the App or clear its data |
7. Your Rights
You have the right to:
- Access — request a copy of the data we hold about you
- Delete — remove your itineraries through the App, or request full account deletion
- Opt out of location — deny or revoke location permissions at any time in your device settings; the App will continue to work without GPS features
To request data access or deletion, please contact us at the email address below.
8. Children's Privacy
The App is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.
10. Contact
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
Ultreia
Email: Loading…