Privacy Policy

Last updated: January 6, 2025

Introduction

Welcome to Journey ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

By using Journey, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

When you create an account, we may collect:

  • Email address
  • Username
  • Profile information (name, bio, profile picture)
  • Authentication credentials (via Google Sign-In or Apple Sign-In)

Content You Create

When you use Journey, we collect:

  • Photos and videos you capture and upload
  • Captions, comments, and other text content
  • Likes, shares, and other interactions
  • Location data (only if you choose to add it to your posts)

Device Permissions

To provide our services, we request access to:

  • Camera: To capture photos and videos
  • Microphone: To record audio with videos
  • Photo Library: To save and access media
  • Notifications: To alert you about likes, comments, and follows

Automatically Collected Information

We automatically collect certain information:

  • Device type and model
  • Operating system version
  • IP address
  • App usage data and analytics
  • Crash reports and error logs (via Sentry)

How We Use Your Information

We use your information to:

  • Provide and maintain our services
  • Create and manage your account
  • Enable you to share photos and videos
  • Connect you with other users (followers/following)
  • Send you notifications about app activity
  • Improve our app and develop new features
  • Detect and prevent fraud, spam, and abuse
  • Comply with legal obligations

Data Sharing and Disclosure

Public Content

Content you mark as public (posts, profile information) will be visible to all Journey users and may appear in search results.

Service Providers

We share information with third-party service providers:

  • Supabase: Database and authentication services
  • Bunny CDN: Content delivery and media storage
  • Sentry: Error monitoring and crash reporting
  • Google/Apple: Authentication services

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights and users' safety.

Data Security

We implement industry-standard security measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via OAuth 2.0
  • Regular security audits and monitoring
  • Access controls and authentication

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

Your Privacy Rights

Access and Control

You have the right to:

  • Access: View and download your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a structured format
  • Objection: Object to certain data processing

GDPR Rights (European Users)

If you're in the EU/EEA, you have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.

CCPA Rights (California Users)

California residents have specific rights under CCPA:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information
  • Right to delete personal information
  • Right to non-discrimination for exercising your rights

We do not sell your personal information.

Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you delete your account:

  • Your profile and posts will be removed from public view immediately
  • Complete data deletion occurs within 30 days
  • Backup copies may persist for up to 90 days
  • Some data may be retained longer for legal compliance

To delete your account, visit our account deletion page.

Children's Privacy

Journey is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will delete it immediately. If you believe we might have information from a child under 13, please contact us at privacy@journey.airforce.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the app. Your continued use of Journey after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or want to exercise your privacy rights, contact us at:

Email: privacy@journey.airforce

Support: support@journey.airforce

Website: journey.airforce/support