Privacy Policy
Last updated: July 16, 2026
This Privacy Policy describes how Viajaro (“we”, “our” or “the app”) collects, uses and protects your information when you use our AI-powered travel planning application, available on iOS, Android and Web (the “Service”).
1. Information we collect
- Account data: email, name, and login credentials when you sign up or sign in with email/password, Google, or Apple (Sign in with Apple, iOS only). You can also use the app in anonymous mode without providing personal data until you decide to create a full account.
- Trip and itinerary data: destinations, dates, travel preferences (budget, interests, pace) and the AI-generated itineraries you create and edit.
- Booking data: flights (including layovers), lodging, car rentals, tours, restaurants, entry tickets and passes, and long-distance transport (train/bus). This includes documents you scan (PDF or photo) so the app can auto-fill booking details using OCR and AI extraction.
- Identity documents (sensitive data): scanned passports, visas and other travel documents you choose to store in your document vault.
- Expense data: expenses you log, categories, how they’re split among trip participants, and the resulting balances and settlements.
- Group trip data: collaborators you invite by email, participants without an account you add as placeholders, their assigned roles (owner/editor/viewer), and any information you choose to share with them (such as a booking or your full itinerary through a temporary link).
- Approximate location: an approximate city (not precise GPS) inferred from your IP address through a third-party geolocation service, used to suggest a default “home city” when you start creating a trip.
- Push notification token: used to deliver reminders about upcoming bookings, pending charges, and trip invitations.
- Diagnostic data: crash and error reports collected automatically to keep the app stable and fix issues.
2. How we use your information
- Generate and personalize itineraries with AI.
- Auto-fill bookings from documents you scan.
- Create, maintain and secure your account, including group trips, roles and sharing.
- Track expenses and calculate balances between travelers.
- Send push notifications about your bookings and invitations.
- Diagnose errors and improve the Service.
- Respond to your support requests.
3. Use of artificial intelligence
To generate itineraries and extract booking details, Viajaro sends the information you provide — such as destination, dates, preferences, and the content of scanned documents — to OpenAI. OpenAI processes this information only to return the requested output, under its own privacy policy and terms of use. We don’t send more information than necessary to generate your itinerary or extract your booking data.
AI-generated itineraries and extracted data are suggestions and may contain errors; see the disclaimer in our Terms of Service.
4. Service providers
We work with the following providers to operate the Service. We don’t sell your personal information; we share only what’s needed for each provider to perform its function, and these providers may process your data outside your country of residence:
- OpenAI — itinerary generation and OCR/AI extraction of data from scanned documents and bookings.
- Supabase — database, authentication and file storage, including files in your document vault.
- Sentry — crash and error reporting for technical diagnostics. Configured to avoid including sensitive trip or document content.
- Expo — delivery of push notifications.
- IP-based geolocation service — approximate city detection from your IP address, without GPS.
- Google and Apple — social sign-in (OAuth and Sign in with Apple).
5. Data retention and deletion
We keep your data while your account is active. When you delete a trip, booking, expense or document, it moves to a trash/recycle bin first and is automatically and permanently purged after 30 days. Identity documents live only in your account’s vault — they are not downloaded for offline use outside the app.
You can request deletion of your account and all your data at any time; see our Delete account page for instructions, both inside the app and by contacting us directly.
6. Your rights
Depending on your location, you may have the right to access, correct, export or delete your personal information, and to object to or limit certain uses of your data. Most of these actions are available directly in the app; for anything else, contact us at support@viajaro.app.
7. International data transfers
Because our service providers operate internationally, your information may be processed in countries other than your own, including the United States, under those providers’ own data protection safeguards.
8. Security
We apply reasonable technical and organizational measures to protect your information against unauthorized access, loss or alteration. However, no system is 100% secure and we cannot guarantee absolute security.
9. Children’s privacy
The Service is not directed at children under 16 years old, and we don’t knowingly collect personal information from children under that age. If you believe a child has provided us with personal information, please contact us so we can delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. We’ll post any changes on this page along with the date of the last update.
11. Contact
Data controller: OASIS HOSPITALITY & TECH E.I.R.L., a company registered in Peru.
If you have questions about this Privacy Policy, contact us at support@viajaro.app.