§ Privacy

What we keep, why, and what you can do about it.

Wanderline is built and operated by a small team. This page explains what data Wanderline holds about you, where it lives, and how to get it back or have it removed. It is intentionally written in plain language.

Last updated · 2026-05-24

§ 1 — What we collect

When you sign up, Wanderline stores:

  • Your email address and your Google account identifier. Wanderline uses Google as its sign-in provider — we never see or store your Google password.
  • The trips you create — names, destinations, dates, accommodations, transport, activities, notes.
  • Documents you upload (PDFs, screenshots of e-tickets) — stored alongside the extracted entities so you can re-process them if extraction misses something.
  • Chat history with the planning agent, scoped to your trips.
  • Connection tokens if you choose to link an external service (currently Gmail; nothing else).

That is the entire surface. Wanderline does not track you across sites, does not run analytics scripts on the marketing pages, and does not have any third-party advertising integration.

§ 2 — Gmail data (only if you connect it)

If you connect Gmail via the in-app Profile page, Wanderline requests read-only access to your inbox under the Google scope https://www.googleapis.com/auth/gmail.readonly. Specifically:

  • We scan for booking confirmations (airlines, hotels, rail operators, transfer services) and parse the relevant fields — dates, places, confirmation numbers, prices — into your trip timeline.
  • We do not share Gmail-derived data with third parties, including affiliate partners and AI providers, beyond what is needed to render your own trip on your own screen.
  • We do not use Gmail data for advertising.
  • We do not allow humans to read your Gmail data, with two narrow exceptions: (1) if you explicitly ask for support and authorize us to inspect a specific message, and (2) where required by law.
  • We do not use Gmail data to train AI models, ours or anyone else's.

This use is consistent with the Google API Services User Data Policy, including the Limited Use requirements.

You can disconnect Gmail at any time from the Profile page in the app. When you disconnect, we delete the OAuth refresh token immediately. We do not keep a shadow copy of your inbox — only the fields we've already parsed into your trip timeline remain.

§ 3 — Where your data lives

Wanderline runs on:

  • Vercel (hosting). Your IP address is briefly visible for request routing; Vercel does not store it beyond standard operational logs.
  • Supabase (Postgres database). Your account, trips, documents, and tokens.
  • Google Sign-In. We rely on Google to verify your identity at sign-in. Google sees the timestamp of each sign-in and the basic profile fields it shares with us (email, name, profile picture) under its standard terms. Google does not see your trip data.
  • Anthropic and OpenAI. When you chat with the agent or upload a document, the relevant text is sent to one of these providers under their commercial terms (no training on your data, no human review by default). We do not send your Gmail messages or full document contents — only the extracted fields needed to populate the trip.
  • Mapbox and Google Maps. Geocoding and map tile lookups. Place names you search are sent to these providers under their standard terms.
  • Booking.com, Kiwi.com, Aviasales, Hotellook, WayAway, GetYourGuide, and other affiliate partners. When you click an outbound booking link, the destination URL contains an affiliate identifier so the partner can attribute the click. No user data is transferred to them beyond what your browser sends as part of the click itself.

§ 4 — How long we keep things

Trips, accommodations, transport, documents, and chat history are kept as long as your account exists. You can delete any of them from inside the app.

If you delete your account (email privacy@wanderline.app and we'll do it), we remove your record from the database within 14 days. Backups may retain a copy for up to 30 days for disaster recovery, after which they are rolled off.

OAuth refresh tokens (Gmail) are deleted immediately when you disconnect.

§ 5 — What you can do

You can:

  • View everything we store about you by signing in.
  • Edit or delete any trip, destination, document, or chat session.
  • Disconnect Gmail at any time.
  • Request full account deletion: privacy@wanderline.app.
  • Request a data export: privacy@wanderline.app.

You do not need to give a reason. We aim to action requests within 14 days.

§ 6 — Cookies

The site uses a single first-party cookie — your authenticated session token. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. If product analytics are added later, this page is updated and the date at the top changes.

§ 7 — Children

Wanderline is not intended for children under 13. If you believe a child has signed up, email privacy@wanderline.app and we will delete the account.

§ 8 — Changes to this policy

If we make material changes, the date at the top of this page updates. We'll keep prior versions available on request.

§ 9 — Contact

For any questions, requests, or concerns about this policy — including Google / Gmail data handling questions — privacy@wanderline.app.