Privacy Policy

1. Who we are

Adrift ("we", "our", "us") is a travel planning application available at adrift-app.com. We help travelers organize bookings, itineraries, and trip details in one place. If you have questions about this policy, contact us at adriftapplegal@gmail.com.

2. What data we collect

We collect only what's necessary to provide the service:

• Account information: Your name and email address from Google when you sign in.
• Trip data: Trip names, destinations, dates, budgets, and notes you enter.
• Booking data: Activity details, confirmation codes, and prices you add manually or via screenshot scanning.
• Screenshots: Images you upload for AI extraction are processed immediately and not stored on our servers.
• Usage data: Basic analytics to understand how the app is used (page views, feature usage). No personally identifiable information is included.

3. How we use your data

• To provide and maintain the Adrift service
• To authenticate you securely via Google OAuth
• To process booking screenshots using AI (Anthropic Claude)
• To send you service-related communications if necessary
• We do not sell your data to third parties
• We do not use your data for advertising

4. Third-party services

We use the following trusted third-party services:

• Supabase: Database and authentication. Data is stored securely with row-level security enabled.
• Google OAuth: Sign-in only. We do not access your Google account beyond your name and email.
• Anthropic Claude: AI processing of booking screenshots. Images are sent for extraction and not retained.
• Vercel: Hosting and deployment.

5. Data sharing

Your trip data is private by default. You control what you share:

• Activity share links: When you share an activity link, anyone with that link can view that activity's details.
• Trip invites: When you invite someone to a trip, they can view your trip details after accepting.
• We never share your data with third parties for commercial purposes.

6. Your rights (GDPR & CCPA)

Depending on where you live, you have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate data
• Deletion: Delete your account and all associated data
• Portability: Export your data in a readable format
• Objection: Object to certain types of processing

To exercise any of these rights, email us at adriftapplegal@gmail.com or use the delete account option in your dashboard settings.

7. Data retention

We retain your data for as long as your account is active. When you delete your account, all your data is permanently deleted within 30 days. Screenshots uploaded for AI processing are not stored after extraction.

8. Cookies

We use essential cookies only — specifically, a session cookie to keep you logged in. We do not use tracking or advertising cookies. By using Adrift, you consent to this essential cookie usage.

9. Children's privacy

Adrift is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Changes to this policy

We may update this policy occasionally. We'll notify you of significant changes by updating the date at the top of this page. Continued use of Adrift after changes constitutes acceptance.

Contact us

Questions about this privacy policy? We're happy to help.