Legal
Privacy policy
Last updated 2026-06-19.
Voyazen is a structured trip planning service. This policy explains what we collect when you use the planner, why we collect it, and the controls you have over your data.
Data we collect
The data we hold falls into a few narrow categories:
- Account data: the email address you provide at sign-up plus, when you set one, the password hash. If you sign in with Google, we also receive and store a stable Google identifier (the OAuth subject), the email and display name from your Google profile, and your Google profile picture URL so we can show your avatar across the app. We also retain the optional profile fields you set in your account settings (display name, home base, handle, bio, and planning preferences such as budget mode, distance unit, and timezone).
- Trip data: the trips you generate or save (destinations, dates, days, places, and any notes or refinements you attach), plus any planner drafts you have not yet submitted.
- Session data: the authenticated session token in your browser cookie, the user agent string of the device that signed in, and the timestamps of session creation and last activity. This is what powers the active sessions panel in your settings.
- Operational logs: minimal request logs needed to run the service (timestamps, status codes, error traces). We do not log request bodies that contain personal data.
We do not run third-party analytics, advertising trackers, or session replay tools.
How we use your data
Your data is used only to operate the product:
- to authenticate you and keep you signed in,
- to generate the trips you ask for and let you read, edit, and regenerate them,
- to display your saved planning preferences across the planner and account surfaces,
- to send transactional emails you trigger (password resets, share invites once that feature ships, account-related notifications), and
- to investigate errors and protect the service from abuse.
We do not sell your data, do not share your saved trips with anyone you have not explicitly invited, and do not use your trip content to train models for unrelated products.
Third-party providers
To plan a real trip, the service queries a small set of external providers. We send only the minimum query context needed for each provider, never your account email or password:
- Google OAuth (Sign in with Google): an optional sign-in path. When you choose it, Google authenticates you and returns the OAuth identity claims described under “Account data” above. You can connect or disconnect Google at any time from the security panel in your settings; disconnecting clears the Google identifiers from your account but keeps your trips, drafts, and saved preferences intact.
- Google Maps Platform: place search, place photos, route geometry, and the embedded map UI.
- SerpApi: provider snapshots for hotels and flights when those features are active.
- Resend: delivery of transactional emails you trigger.
- An LLM provider: to generate the optional display-only descriptions and tips that appear alongside your trip content. This provider never participates in the canonical trip output and never receives your account credentials.
Each provider operates under its own privacy terms. We treat their responses as ephemeral except where we explicitly persist a snapshot (for example, a hotel option you selected for your trip).
The application, its database, and encrypted backups are hosted in the European Union. The app and its PostgreSQL database run on servers operated by Hetzner Online GmbH in Germany, and encrypted database backups are stored on Cloudflare R2. Cloudflare also provides our DNS, content delivery, and the secure tunnel that fronts the service. These infrastructure providers process the data you store with us solely to host and protect the service, under their own data-processing terms.
Retention and your rights
We keep your account and trip data for as long as your account is active. You can:
- export everything tied to your account from your account settings,
- delete your account at any time from the same panel, which removes your trips, drafts, sessions, and saved preferences,
- review and revoke individual authenticated sessions from the security panel in your settings.
Operational logs are retained for a short rolling window for reliability and abuse-prevention purposes, then discarded.
Cookies
We use a first-party cookie to keep you signed in. While you are in the middle of signing in with Google we also set a short-lived first-party cookie (around 10 minutes) that carries the OAuth state, PKCE verifier, and nonce needed to validate Google’s response and protect against cross-site request forgery. That cookie is cleared as soon as the sign-in completes or fails. We do not set advertising or analytics cookies. We do not embed third-party tracking pixels.
Contact
Privacy questions, data-export requests, and account-deletion questions go to support@voyazen.app. We respond to verified requests within a reasonable timeframe.
This policy may evolve as the product evolves. Material changes will be reflected in the “Last updated” date and, where appropriate, surfaced in-product before they take effect.