Privacy Policy

Last updated: 3 April 2026

In plain English: WanderSave collects only what it needs to run the app, never sells your data, and gives you full control to access, correct, or delete it at any time.

1. Who we are

WanderSave is a travel organisation application operated by WanderSave Ltd ("we", "us", or "our"). In this Privacy Policy, "you" refers to any individual who uses the WanderSave mobile application or any associated websites and services (collectively, the "Service").

We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other applicable privacy laws. For questions about this policy, please contact us at privacy@wandersave.app.

2. Information we collect

Information you provide

  • Account details — your name, email address, and password (stored securely via Supabase)

  • Profile information — profile photo and any optional details you choose to add

  • Saved content — travel posts, links, images, captions, location tags, and notes that you import and save into the app from social media platforms such as Instagram

  • Collections — the names, structure, and contents of the collections you create to organise saved places by city and country

  • Communications — messages or feedback you send us via email or in-app support

Information collected automatically

  • Usage data — features used, screens visited, actions taken, session duration, and app crash reports

  • Device information — device model, operating system version, unique device identifiers, and mobile network

  • Log data — IP address, timestamps, and app version

Information from third-party platforms

When you import content from a social media platform (for example, an Instagram post or reel), WanderSave processes only the content you explicitly choose to save — including the post URL, thumbnail, caption, and any location data embedded in that post. We do not access your social media account credentials, log in on your behalf, or retrieve any content beyond what you actively choose to import.

Subscription and payment information

Subscription purchases are handled through the Apple App Store or Google Play, managed via RevenueCat. We do not collect or store your payment card details. RevenueCat may share anonymised subscription status and entitlement data with us solely to manage your access to premium features. Please review RevenueCat's Privacy Policy for full details of how they handle your data.

What we do not collect

We do not knowingly collect personal information from anyone under the age of 16. If you are under 16, please do not use the Service or provide us with personal information.

3. How we use your information

  • Create and manage your account and authenticate your identity

  • Provide the core features of the Service — saving, organising, and browsing imported travel content in personal collections

  • Sync your saved content and collections across your devices

  • Send transactional communications — account confirmation, password resets, and important service updates

  • Send optional marketing communications about new features — only where you have given explicit consent, which you may withdraw at any time

  • Detect fraud, abuse, and security incidents

  • Comply with legal obligations and enforce our Terms & Conditions

  • Conduct internal analytics, aggregated and anonymised, to improve the app

We will never sell your personal data to third parties or use it for purposes incompatible with those described here.

4. Legal basis for processing (UK GDPR)

  • Contract performance — processing necessary to deliver the Service you signed up for

  • Legitimate interests — analytics, fraud prevention, and product improvement, balanced against your rights and interests

  • Consent — marketing emails and push notifications, which you may withdraw at any time via app settings

  • Legal obligation — where required by UK law

5. Sharing your information

  • Service providers — Supabase (database and authentication), RevenueCat (subscription management), Expo / Apple / Google (app delivery and push notifications), and analytics providers. All operate under data processing agreements and may only use your data to provide their services to us.

  • Legal requirements — courts, regulators, law enforcement, or government bodies where we are legally required to disclose information

  • Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your information is subject to a materially different privacy policy.

  • With your consent — any other disclosure requires your explicit permission

We will never sell, rent, or trade your personal data to advertisers or data brokers.

6. Third-party social media platforms

WanderSave allows you to save content originating from third-party social media platforms such as Instagram. We are not affiliated with, endorsed by, or partnered with any of these platforms. Content you import is stored in your private WanderSave library for your personal use only. You are responsible for ensuring your use of imported content complies with the originating platform's terms of service and the intellectual property rights of the original creators.

We do not share your saved content with any social media platform, and we do not transmit data to those platforms as a result of your use of WanderSave.

7. International data transfers

WanderSave operates primarily within the UK and EEA. Some service providers, including Supabase and RevenueCat, may store or process data in the United States. Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place — including Standard Contractual Clauses or an adequacy decision — in compliance with UK GDPR Chapter V.

8. Data retention

We retain your personal data for as long as your account is active or as needed to provide the Service. When you delete your account, we remove your personal data from our active systems within 30 days, subject to any legal obligations to retain certain records. You may also request deletion at any time (see Section 9).

9. Your rights

Under UK GDPR, you have the following rights:



Access

Request a copy of the data we hold about you


Rectification

Correct inaccurate or incomplete information


Erasure

Request deletion of your personal data


Portability

Receive your data in a structured, machine-readable format


Restriction

Ask us to limit how we process your data


Object

Object to processing based on legitimate interests

To exercise these rights, email privacy@wandersave.app. We will respond within 30 days and may need to verify your identity before fulfilling certain requests. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. Account deletion

You can delete your WanderSave account at any time from within the app: Settings → Delete Account. This permanently removes your profile, all saved content, all collections, and associated personal data. This action is irreversible.

11. Security

We use industry-standard security measures including encrypted data transmission (TLS), row-level security on our database, and secure authentication via Supabase. No method of transmission over the internet is 100% secure. Please use a strong, unique password and contact us immediately if you suspect any unauthorised access to your account.

12. Cookies and tracking

Our mobile app does not use browser cookies. Our website may use essential cookies to maintain your session and optional analytics cookies. You may decline non-essential cookies via your browser settings or any cookie preference banner shown on our website.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification before the change takes effect. Continued use of the Service after that date constitutes acceptance of the updated policy.