PRIVACY POLICY
Your data stays yours
Last updated: July 2026
1. The short version
The current version of MileMori keeps your core profile on your device. Your survey answers, health inputs, stops, check-ins, route history, badges, and coach conversation history are stored in your browser's local storage and are not synced to an account database. You can export everything as JSON or permanently delete it at any time in Settings.
2. What we process and where
On your device only: birth date, sex selection, country, height/weight (BMI), lifestyle answers (smoking, alcohol, exercise, sleep, diet, stress), optional health answers (chronic conditions, treatment status, family longevity), interests and route-around preferences, stops, check-ins, habit transitions, points/badges, and coach chat history. Under GDPR and Türkiye's KVKK, several of these are special-category (health) data — which is exactly why we keep them local.
GPS surprise (optional): if you enable it in Settings, your device location is read at most once a day and compared against your route entirely on your device — coordinates are never transmitted or stored anywhere except the resulting "moment" note in your local data. It is off by default.
Sent to third parties or processors: map tiles are fetched from CARTO/OpenStreetMap; place search and reverse geocoding use OSM Nominatim; road geometry uses OSRM servers; fonts load from Google Fonts. These requests contain coordinates and standard technical data (IP address, user agent) as any web request does — never your survey answers. If the AI coach proxy is configured, your coach message and a derived route snapshot pass through MileMori's serverless function and are sent to Anthropic's API under Anthropic's privacy terms. If you use the Feedback tab, your message, optional reply email, feedback type, language, route label, app version, user agent, and IP address pass through MileMori's serverless function and are sent by email through Resend to the operator's inbox. MileMori does not store those coach or feedback requests server-side in this version.
3. Anonymous community stats (optional)
To show community numbers ("12,431 travelers drew their route", most popular routes and stops), MileMori can send a small set of anonymous, aggregate-only events to its own serverless endpoint. What is sent: a random install identifier (a UUID with no link to your name, email, or device), route city names, route length, a broad age band (18-29 / 30-44 / 45-59 / 60+), a 5-year horizon bucket, stop categories, and simple counters (a check-in happened, a quest was completed, a card was created).
What is never sent: your survey or health answers, your birth date, your exact age or horizon estimate, and the text of stops you write yourself — free-text stop titles stay on your device; only curated catalog suggestions are counted by title. Popular-lists are shown only after several travelers share an entry. You can turn this layer off with one toggle in Settings → "Anonymous community stats"; the app works identically without it.
4. What we don't do
No accounts, no third-party analytics trackers, no advertising SDKs, no cookies set by us, and no selling of personal data. The optional AI proxy is used only to answer coach requests. The optional Feedback endpoint is used only to deliver your message to the operator.
5. Your rights (GDPR / KVKK)
Access and portability: Settings → "Download my data" exports everything as JSON. Erasure: Settings → "Delete all my data" removes everything from your device immediately and irreversibly. Rectification: update any answer anytime from Profile. Because we hold no copy of your local profile, exercising these rights usually does not require contacting us — though feedback emails you choose to send may remain in the operator inbox until handled or deleted. Questions: yusuf@sint.com.tr.
6. Children
MileMori is for users 18 and over. We do not knowingly serve minors; the age gate is the first onboarding step.
7. When accounts launch
A future version will offer optional cloud sync and community features. Before any of that ships, this policy will be replaced with one describing encryption at rest, data minimization, anonymized community aggregation, retention windows, and your consent choices — and syncing will remain opt-in. Local-only will stay available.
8. Changes & contact
Material changes will be announced in-app before they take effect. Privacy questions and product feedback: yusuf@sint.com.tr.