Legal
Privacy Policy
Last updated: May 16, 2026
1. Information We Collect
When you create an account, Wayposts collects your email address and a securely hashed version of your password. We never store plaintext passwords. All trip data, entries, and destination information you create is stored in a private database tied to your account.
2. How We Use Your Data
Your data is used solely to provide the Wayposts travel journal service. We do not sell, share, or rent your personal information to third parties. Your trips and entries are visible only to you when logged into your account.
3. Data Storage and Security
All data is stored in an encrypted database. Communications between your browser and our servers use TLS encryption. Session tokens are stored as HTTP-only cookies with secure flags enabled in production environments.
4. Cookies
Wayposts uses a single session cookie to maintain your login state. This cookie is HTTP-only, cannot be accessed by client-side JavaScript, and expires after 30 days. We do not use tracking cookies, advertising cookies, or third-party analytics.
5. Data Retention
Your data remains in your account until you choose to delete it. Deleting a trip permanently removes all associated entries. If you delete your account, all associated data is permanently removed from our systems.
6. Your Rights
You have the right to access, modify, or delete your data at any time through the Wayposts dashboard. For data export requests or other privacy inquiries, contact us at privacy@wayposts.example.com.
7. Changes to This Policy
We may update this privacy policy from time to time. Material changes will be communicated through the application. Continued use of Wayposts after changes constitutes acceptance of the updated policy.
8. Contact
For questions about this privacy policy, reach out to privacy@wayposts.example.com.