Privacy Policy

Breadcrumbs Travel Tracker and Journal Operated by Missing Link Dev

Version: 1.1 Effective Date: 2026-05-11

Questions about this policy? Contact us at [email protected]

Changelog

Version	Date	Summary of Changes
1.1	2026-05-11	Updated business structure: now operated as a sole proprietorship doing business as “Missing Link Dev.” Removed prior LLC references. No changes to data processing, sub-processors, or your rights.
1.0	2026-05-04	Initial policy

1. Who We Are

Missing Link Dev (“we,” “us,” or “our”) is a sole proprietorship based in the State of Idaho, United States, operating under the business name “Missing Link Dev.” We operate the Breadcrumbs Travel Tracker and Journal mobile application (the “App”) and the website at https://breadcrumbsjournal.com (the “Site”).

For the purposes of the EU General Data Protection Regulation (“GDPR”) and the UK General Data Protection Regulation (“UK GDPR”), Missing Link Dev is the data controller of the personal data described in this policy.

We do not currently maintain a registered EU or UK representative. If you are located in the European Economic Area (“EEA”) or the United Kingdom and have concerns about how we process your data, you may contact your local data protection authority (see Section 14).

Contact: Missing Link Dev [email protected] https://breadcrumbsjournal.com

2. Summary of Data We Collect and Why

The table below is a high-level overview. Detailed descriptions follow in Section 3.

Category	Examples	Primary Purpose	Legal Basis (GDPR)
Account & identity	Name, email, Google ID, avatar	Create and maintain your account	Contract (Art. 6(1)(b))
Travel content	GPS coordinates, dates, photos, videos, journal text, routes	Core App functionality — your travel journal	Contract
Device location	Foreground GPS during crumb creation and map use	Pre-fill location fields; display your position on the map	Contract
Subscription & billing	Entitlement state, receipt tokens	Manage your Pro subscription	Contract
Analytics (opt-in)	App events, feature usage, app version	Improve the App	Consent
Crash & error reports	Stack traces, user ID, screenshots	Fix bugs and maintain service quality	Legitimate interest
Advertising IDs (free users)	IDFA / AAID (non-personalized only)	Display non-personalized in-app ads	Legitimate interest / Consent (EEA/UK)
Transactional email	Recipient address, export link	Deliver export-ready emails	Contract / Legitimate interest
Consent records	Policy version accepted, acceptance timestamp	Legal compliance and accountability	Legal obligation

3. Data We Collect in Detail

3.1 Account and Identity Data

When you sign in with Google, we receive from Google and store:

Your Google account ID (unique identifier)
Your email address
Your full name (from your Google profile)
Your profile photo URL (from your Google profile)

You may also upload a custom profile avatar and banner image, and write a bio (“about me” text). These are stored in your account.

3.2 Travel Content (Precise Location Data)

This is the core dataset of the App. When you create or edit a Breadcrumb, we collect and store:

Precise geographic coordinates (latitude and longitude)
City, state/region, and country labels
Arrival and departure dates and times
Travel mode (e.g., car, bus, train, plane, boat)
Activity type (e.g., park, hike, restaurant)
Cost (optional, user-entered)
Distance traveled
Title and journal description text
Collection tags you assign
Route polylines (the full GPS path geometry between Breadcrumbs)
Photos and videos you attach
Aggregated location and distance statistics (e.g., total miles, countries visited, states visited)

Important: Your travel data constitutes precise location data and is treated as sensitive personal information under applicable law. Location patterns can reveal sensitive information such as your home address, workplaces, places of worship, medical facilities visited, and other inferences about your life. We store this data solely to operate your travel journal. We do not sell it, share it for advertising, or use it for profiling beyond operating the App.

Photo EXIF data: When you select photos from your device, the App reads GPS coordinates embedded in the photo’s EXIF metadata on your device only to pre-fill the location field for a new Breadcrumb. The raw EXIF data is not transmitted to our servers; only the latitude and longitude you confirm and save as part of a Breadcrumb are stored.

3.3 Device Location (Runtime GPS)

The App requests foreground location access (“while in use” on iOS; foreground permission on Android) in two contexts:

When you are adding a Breadcrumb, to pre-fill your current location.
When you are viewing the map, to display a “you are here” indicator.

We do not collect background location or track your device continuously. Location is read from your device’s GPS hardware and is not transmitted to our servers except as part of a Breadcrumb you explicitly save.

3.4 Subscription and Billing Data

We use RevenueCat, Inc. to manage subscriptions. In connection with your subscription, we process:

A RevenueCat App User ID (which equals your Supabase user ID)
Your subscription entitlement state (free or Pro) and expiry date
App Store (Apple) or Play Store (Google) receipt tokens — these are validated by RevenueCat and the respective stores; we never receive your card number, bank details, or full payment card information
A subscription event log (purchases, renewals, cancellations, refunds) retained for financial recordkeeping

Apple and Google process all payment transactions. Their privacy policies govern the payment data they hold.

3.5 Product Analytics (PostHog — Opt-Out by Default)

We use PostHog Inc. for product analytics. Analytics are disabled by default. You will be prompted to opt in. If you opt in, we collect:

App usage events such as: app opened, sign-in, Breadcrumb created/edited/deleted, map viewed, timeline viewed, media uploaded, paywall viewed, subscription events
Device and app properties such as: platform (iOS/Android), app version, build number, locale, theme setting, subscription tier (free/Pro), and bucketed Breadcrumb count (a range, not the exact number)

We do not send your travel content — titles, descriptions, coordinates, or photos — to PostHog. Your PostHog identifier is your Supabase user ID. You can withdraw consent at any time through the App’s settings.

3.6 Crash and Error Reporting (Sentry)

We use Sentry (Functional Software, Inc.) for crash reporting and error monitoring. Sentry operates in release builds only (not in development). When the App crashes or encounters an error, Sentry may collect:

Your user ID and subscription tier (free/Pro)
Stack traces and technical error details
A screenshot of the App at the moment of the crash — this screenshot may incidentally capture travel data or other App content visible on screen at the time

You may also submit in-app feedback through the feedback button, which attaches a screenshot you annotate and a text comment you write. These are sent to Sentry.

We use Sentry data exclusively for debugging and service quality. Sentry events are retained for approximately 90 days.

3.7 Advertising (Free Tier Only — Non-Personalized)

If you use the free tier of the App, we display non-personalized in-app advertisements provided by Google AdMob. We serve only non-personalized ads globally, including to users in the EEA and UK.

We do not use your travel content, journal entries, or precise location for ad targeting
On iOS, AdMob may request your Identifier for Advertisers (IDFA) via Apple’s App Tracking Transparency (ATT) framework; we use this only for fraud prevention and ad quality, not for behavioral targeting
Ads are removed entirely when you upgrade to the Pro tier

3.8 Email Communications (Resend)

We use Resend, Inc. to send transactional emails. We send:

Export ready / failed emails — when your data export archive is ready to download (or fails), we send a notification to your registered email address

We do not send marketing emails. All emails are transactional and directly related to actions you have taken.

3.9 Local Notifications

The App generates on-device notifications only (no push servers). Notifications may be sent for:

Media upload progress
Export archive completion or failure

These notifications are generated locally on your device. We do not operate a push notification server.

We record which version of this Privacy Policy and our Terms of Service you have accepted, along with the timestamp of acceptance. This is required for our legal accountability obligations.

4. Sources of Personal Data

We collect personal data from the following sources:

Directly from you — journal entries, photos, videos, profile information, bio, feedback
Your device — GPS hardware, photo EXIF metadata, device identifiers
Google — account ID, name, email, and profile photo at sign-in
Apple / Google Play — subscription receipt tokens
Automatically — usage events (if you opt in to analytics), crash events, ad request signals

5. How We Use Your Data

We use your personal data to:

Operate the App — store, display, and sync your Breadcrumbs and journal across your devices
Authenticate you — manage your Google Sign-In session
Manage your subscription — verify entitlement, process renewals, and enforce storage quotas
Provide your data export — build and deliver your archive ZIP
Improve the App — analyze usage patterns (only with your consent) and fix errors
Display advertisements — non-personalized ads to free users
Fulfill our legal obligations — maintain consent records, cooperate with law enforcement when legally required
Enforce our Terms of Service — detect and prevent abuse

We do not:

Sell your personal data to any third party
Use your travel data for advertising targeting
Create behavioral profiles for advertising purposes
Disclose your data to third parties except as described in this policy

6. Sub-Processors (Third Parties That Receive Your Data)

The following vendors process personal data on our behalf. We enter into Data Processing Agreements with each vendor where required by law.

Vendor	Purpose	Data Received	Jurisdiction
Supabase Inc.	Database, authentication, file storage	All account data, travel content, auth records	US (AWS us-east-1)
Cloudflare, Inc. (R2 + Workers)	Media object storage, presigned uploads, export archives	Photos, videos, export ZIP files	US / global CDN edge
Google LLC (Sign-In / OAuth)	Authentication	Google ID token, account profile	US
Mapbox, Inc.	Map tiles, location search, geocoding, route directions	Coordinates, search queries, IP address	US
RevenueCat, Inc.	Subscription management and receipt validation	App User ID, receipt tokens, entitlement state	US
Apple, Inc. (App Store)	iOS in-app purchase	Apple ID-linked receipt	US
Google LLC (Play Billing)	Android in-app purchase	Google account-linked receipt	US
Sentry (Functional Software, Inc.)	Crash reporting, error monitoring, in-app feedback	User ID, subscription tier, stack traces, screenshots, feedback text	US
PostHog Inc.	Product analytics (opt-in only)	Pseudonymous user ID, usage events, app properties	US
Google AdMob (free users only)	Non-personalized in-app advertising	IDFA/AAID (device ad identifier), ad request signals	US
Resend, Inc.	Transactional email delivery	Recipient email address, export link	US

7. International Data Transfers

Missing Link Dev is based in the United States. All sub-processors listed above are primarily US-based. If you are located in the European Economic Area (EEA) or the United Kingdom, your personal data will be transferred to and processed in the United States.

We rely on the following safeguards for these transfers:

Standard Contractual Clauses (SCCs) approved by the European Commission under GDPR Art. 46(2)(c), incorporated into our agreements with sub-processors
UK International Data Transfer Agreements (IDTA) or UK addenda to SCCs where applicable for UK transfers

By using the App, you acknowledge that your data will be processed in the United States.

8. Data Retention

Data	Retention Period
Account and all travel content	Retained until you delete your account. Deletion is immediate and cascading.
Subscription event log	7 years from the event date (financial recordkeeping obligation)
Sentry crash events and feedback	Approximately 90 days
PostHog analytics events	PostHog’s default retention period (currently up to 7 years on PostHog Cloud US)
Cloudflare R2 export archives	30 days from creation, then automatically deleted
Supabase database backups	Daily backups with a 7-day point-in-time recovery window
Legal consent records	Duration of account, then 3 years after deletion

When you delete your account, we delete your Supabase database records, Supabase Storage files, Cloudflare R2 export archives, your PostHog analytics profile, and your authentication identity. Exception: subscription event log records are retained for financial compliance and cannot be erased on request; order records if applicable are similarly retained. Additionally, due to a technical limitation in our storage listing system, a small number of orphaned media files (from accounts with a very high number of Breadcrumbs) may remain in storage; we are working to implement an automated cleanup sweep to address this.

9. Your Privacy Rights

If you are located in the EEA or UK, you have the following rights:

Right of access — request a copy of the personal data we hold about you
Right to rectification — correct inaccurate or incomplete data
Right to erasure (“right to be forgotten”) — request deletion of your data (subject to legal retention obligations)
Right to restriction — ask us to limit processing in certain circumstances
Right to data portability — receive your data in a structured, machine-readable format
Right to object — object to processing based on legitimate interest
Right to withdraw consent — withdraw consent for analytics or advertising at any time without affecting prior processing

How to exercise your rights:

Data export: Settings → Export My Archive (generates a ZIP containing your breadcrumbs, photos, and data in HTML and XLSX formats)
Edit your data: Edit profile, Breadcrumbs, and media at any time within the App
Delete your account: Settings → Delete Account (immediately and permanently deletes your account and all associated data)
Opt out of analytics: Analytics consent toggle in App settings
Written requests: Email [email protected] with the subject line “Privacy Rights Request”

We will respond to written requests within 30 days. We may need to verify your identity before fulfilling a request.

9.2 Rights Under CCPA / CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know — request disclosure of the categories and specific pieces of personal information we collect, use, disclose, or sell
Right to Delete — request deletion of your personal information (subject to exceptions)
Right to Correct — request correction of inaccurate personal information
Right to Limit Use of Sensitive Personal Information — your precise geolocation data is “sensitive personal information” under CPRA. We use it only for the core purpose of operating your travel journal. We do not use it for advertising, secondary profiling, or disclose it to third parties for those purposes.
Right to Opt Out of Sale or Sharing — we do not sell your personal information. We do not share precise geolocation for cross-context behavioral advertising. Non-personalized advertising does not constitute “sharing” under CPRA.
Right to Non-Discrimination — we will not discriminate against you for exercising any of these rights

To exercise your California rights, contact [email protected] or use the in-app tools described above.

9.3 Rights Under Other Jurisdictions

We respect privacy rights beyond those listed above. Wherever you are located, you may contact us at [email protected] to request access to, correction of, or deletion of your personal data.

10. Children’s Privacy

The App is not directed to children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you are between 13 and 15 years old (or under 16 in jurisdictions with higher thresholds), you may not use the App. If you are under 13, you may not use the App under any circumstances.

If you believe we have inadvertently collected data from a child under 16, please contact us immediately at [email protected] and we will delete the data promptly.

11. Device Permissions and SDK Identifiers

11.1 Device Permissions We Request

Permission	Purpose
Location (“while in use”)	Pre-fill location when adding a Breadcrumb; show your position on the map
Photo library / media access	Select photos and videos to attach to a Breadcrumb
Camera	Capture photos or videos in-app
Notifications	On-device alerts for upload progress and export completion
Internet / network access	Sync and upload
Storage write (Android)	Save exported archive files to your device

You can revoke permissions at any time through your device settings. Revoking location permission will disable the auto-fill and map-position features but will not affect Breadcrumbs you have already saved.

11.2 Advertising Identifiers

On iOS, Google AdMob may use your Identifier for Advertisers (IDFA) for non-personalized ad delivery and fraud prevention. We display Apple’s App Tracking Transparency (ATT) prompt before AdMob accesses the IDFA. You may deny this request; non-personalized ads will still be displayed.

On Android, AdMob may use the Google Advertising ID (AAID). You can reset or opt out of ad personalization through your Android device settings (Settings → Privacy → Ads).

12. Security

We implement the following technical and organizational measures to protect your data:

Transport Layer Security (TLS) — all data transmitted between the App and our servers is encrypted in transit
Row Level Security (RLS) — our database enforces access control at the row level so you can only access your own data
Scoped storage paths — media files are stored in paths scoped to your user ID, with access controlled via short-lived presigned URLs
Google OAuth authentication — we do not store passwords; authentication is handled by Google
Service-role-only access — sensitive tables such as subscription event logs are accessible only by backend service processes, not through client APIs
Account deletion — deleting your account triggers an irreversible, cascading deletion of your data across all systems

We do not hold SOC 2 or ISO 27001 certification at this time. No system is completely secure. In the event of a data breach that affects your rights or freedoms, we will notify you and the relevant supervisory authority as required by law.

13. Changes to This Policy

We will update this Privacy Policy from time to time. When we make material changes, we will:

Update the version number and effective date at the top of this document
Display an in-app notification and require you to review and accept the updated policy before continuing to use the App
Send an email notification to your registered email address for significant changes

The version you accepted is recorded in your account. Continued use of the App after accepting an updated policy constitutes acceptance of the updated terms.

14. Contact and Data Protection Authority Complaints

For privacy questions, rights requests, or concerns:

Missing Link Dev [email protected] https://breadcrumbsjournal.com

We aim to respond within 30 days.

If you are located in the EEA and believe we have not resolved your concern satisfactorily, you have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

If you are located in the United Kingdom, you may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk.

Missing Link Dev — Breadcrumbs Travel Tracker and Journal — Privacy Policy v1.1