Privacy Policy

Effective Date: March 31, 2026

This Privacy Policy explains how Map My Parks ("Map My Parks," "we," "our," or "us") collects, uses, stores, and shares information when you use the Map My Parks mobile app, Map My Parks Pro features, and related services.

1. Information We Collect

We collect information you provide and information required to operate syncing and account security.

• Account data: email address used for shared-map sign-in.
• Authentication data: login challenge records, hashed one-time login codes, hashed session tokens, session expiry, request IP, and user agent for security and abuse prevention.
• Trip and map content: visited park checkoffs, trip dates, notes, and trip photo metadata.
• Trip media: trip photo files you upload for shared-map sync.
• Location data (optional): if you enable location features, the app accesses device location only to show your position on the map. We do not use that location data for other purposes.
• Subscription status: Pro entitlement state from Apple App Store / Google Play Billing.

2. How We Use Information

• Provide core app features, including visited parks and trip logging.
• Sync shared-map data across devices and between iOS and Android.
• Authenticate users and protect accounts from abuse.
• Determine Pro access status and restore purchases.
• Operate, troubleshoot, and secure our services.

3. Where Data Is Stored

• On-device: iOS stores app data in app sandbox storage (including trip photos) and stores shared-map auth tokens in Keychain. iOS trip photos are written with Apple file-protection controls. Android stores shared-map auth data in EncryptedSharedPreferences and stores trip data/photos in app-private storage with app backup disabled.
• Cloud sync (iOS Apple services): iOS trip/log sync uses iCloud key-value storage and iOS photo sync may use CloudKit private database when shared-map sync is not enabled.
• Cloud sync (Map My Parks shared map): shared-map metadata is stored in Cloudflare D1 and shared trip photos are stored in Cloudflare R2 object storage.

4. Security and Encryption

• Data in transit uses HTTPS/TLS between app clients and our API endpoints.
• Shared-map auth sessions and one-time login codes are stored server-side as SHA-256 hashes (not plaintext values).
• iOS stores shared-map session data in Keychain; Android stores shared-map session data in EncryptedSharedPreferences (AES-based encryption via AndroidX Security Crypto).
• Cloudflare-managed infrastructure (D1/R2) is used for backend data storage, with provider-managed encryption controls.
• Shared-map trip photo uploads are validated server-side for supported image types and file size limits.
• Android app network security disallows cleartext HTTP traffic in production builds.
• Current architecture does not implement end-to-end encryption with user-managed keys for shared-map notes/photos.

5. How We Share Information

We do not sell personal information. We share data only as needed to operate the service:

• Cloudflare (API, database, storage, and edge infrastructure).
• Apple (iCloud/CloudKit, App Store billing and purchase restore on Apple platforms).
• Google (Google Play Billing on Android).
• Resend (email delivery for shared-map login codes, when configured).
• Other users in your shared map can see shared-map trip content that you sync into that map.

6. Data Retention

• On-device data remains until you delete it or uninstall the app.
• Shared-map data remains while the shared map exists. Deleting a shared map by its owner removes associated shared-map records and shared-map photo objects from our backend services.
• Some deleted shared-map photo records may be retained in a soft-deleted state for up to 30 days before scheduled permanent cleanup.
• Security and authentication records are retained for operational and abuse-prevention purposes for a limited period consistent with service needs.

7. Your Choices

• You can disable location access through app settings and OS permission controls.
• You can remove trips and photos in the app.
• You can leave a shared map, or if you are the owner, delete that shared map.
• You can cancel Pro subscriptions through Apple or Google subscription management.

8. Children’s Privacy

Map My Parks is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

9. Policy Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page with a new effective date.

Contact: [email protected]