Privacy Policy
Effective July 3, 2026
Petrel Voyage ("Petrel Voyage", "we", "us") is a travel-itinerary app. This policy explains what we collect, how we use it, and your choices. Questions? Email hello@petrelvoyage.com.
1. Information we collect
- Account info. Your email address. Petrel Voyage uses passwordless sign-in (a one-time link emailed to you); we do not store passwords.
- Trip content. The trips, days, events, places, notes, and other itinerary details you create in the app.
- Gmail data (only if you connect it). If you choose to connect your Google account, Petrel Voyage requests read-only access to your Gmail (the
gmail.readonly scope) for the sole purpose of finding travel confirmations (flights, hotels, reservations) so you can add them to your trips. You review and confirm what gets added.
- Technical data. A session cookie needed to keep you signed in.
2. How we use information
- To provide the app: create and store your trips, sign you in, and (if connected) scan your email for travel confirmations you choose to import.
- To extract structured details (dates, flight numbers, addresses, confirmation numbers) from documents or emails you provide, using our AI processor (see Subprocessors).
- To communicate with you about the service (for example, sign-in links).
We do not sell your data, use it for advertising, or use your Google user data to train generalized AI or machine-learning models.
3. Google user data: Limited Use
Petrel Voyage's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We access your Gmail read-only, solely to identify travel confirmations and extract the details you choose to add to your trips.
- We do not sell this data, use it for advertising, or transfer it except to the subprocessors below strictly to provide this feature.
- We do not use it to train generalized AI or ML models.
- Email content read for extraction is processed transiently and is not retained beyond the trip items you choose to save. Only an encrypted Google refresh token is stored so you stay connected, and you can revoke it at any time.
4. Subprocessors
We use these providers strictly to operate the app:
- Cloudflare: hosting and database.
- Anthropic (Claude API): extracts travel details from documents and emails you provide. Anthropic does not use API data to train its models.
- Resend: delivers sign-in emails.
- Google: OAuth and the Gmail API (only if you connect Gmail).
5. Storage, security, and retention
- Sign-in tokens and Google refresh tokens are stored hashed or as opaque tokens; sessions are revocable.
- Your trips are stored until you delete them.
- You can disconnect Gmail at any time in the app, which removes the stored token. You can request deletion of your account and data by emailing us.
6. Your choices
- Connecting Gmail is optional; the app works without it.
- Disconnect Gmail anytime in the app.
- Request access to or deletion of your data via hello@petrelvoyage.com.
7. Children
Petrel Voyage is not directed to children under 16, and we do not knowingly collect their data.
8. Changes
We may update this policy. The effective date above reflects the latest version.