Privacy Policy
Last Updated: October 25, 2025
1. Introduction
This Privacy Policy explains how TravelHistory.us ("we", "us", "our") accesses, uses, and protects information when you use our web application and related services (the "Service"). We are committed to protecting your privacy and complying with Google's API Services User Data Policy, including the Limited Use requirements.
2. Information We Access
When you sign in with Google, we request read-only OAuth scopes to access your Google Calendar data. Specifically, we access:
- Calendar Events: Event metadata including summary, description, location, start/end times, and attendees to detect flight-related entries
- Calendar Metadata: Calendar names, time zones, and settings to properly format and organize your travel history
- Calendar Permissions: Calendar ownership and sharing information to distinguish between your own calendars and shared calendars
- Availability Information: Free/busy status to filter out non-travel calendar blocks
- Profile Information: Your email address and basic profile to authenticate your session
All requested scopes are read-only. We cannot modify, delete, or create calendar events. We do not request access to your Gmail, Google Drive, Google Contacts, or any other Google services.
3. How We Use Your Data
We use the information listed above solely to:
- Authenticate you through Google OAuth
- Identify and extract flight segments from the calendar events you own
- Generate a CSV file that you can download during the same session
We do not use your calendar data for advertising, analytics, profiling, machine learning, or any secondary purpose.
4. No Data Storage or Retention
We do not intentionally store your calendar events, processed flight data, or OAuth tokens on our servers. Calendar data is streamed, processed in memory, and discarded as soon as the CSV file is generated or the session expires.
If debugging or operational logs unintentionally capture snippets of personal data, the data is incidental, inaccessible to product teams, never analyzed, and automatically purged through rolling log retention (currently within 30 days).
5. Payment Information
Paid upgrades are handled by Stripe. We do not receive or store full payment card numbers. Stripe provides us with payment status, transaction identifiers, and limited billing metadata (such as the last four digits of a card and country) so we can grant access to the Pro tier.
6. Third-Party Services
We rely on the following providers:
- Google OAuth and Google Calendar API: Authentication and calendar data access. Your use of Google services is governed by Google's Terms of Service and Privacy Policy.
- Stripe: Payment processing for the Pro tier. Stripe's handling of personal data is subject to their own privacy policy.
We do not sell or share your personal data with advertisers or data brokers.
7. Data Security
We use HTTPS for all data in transit and follow industry best practices for securing API credentials, OAuth tokens, and infrastructure. Access to production systems is limited to authorized personnel who are bound by confidentiality obligations.
8. Your Choices and Controls
- You can revoke TravelHistory.us access to your Google account at any time from Google Account settings.
- You may delete any generated CSV files from your device; we never keep a copy.
- If you contacted us and voluntarily provided personal data (e.g., email support), you can request deletion by emailing legal@travelhistory.us.
9. Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has used the Service, please contact us so we can revoke access.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of the Service after an update constitutes your acceptance of the revised policy.
11. Contact
If you have questions about this Privacy Policy or how we handle your data, email us at legal@travelhistory.us.