Privacy Policy
Last updated: 21 March 2026
This Privacy Policy explains how Overpass Apps Ltd ("we", "us", "our") collects, uses, and protects your personal data when you use the DayRoam mobile application ("the App") and our website at dayroam.overpass.co.uk ("the Website").
We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data Controller
The data controller responsible for your personal data is:
Overpass Apps Ltd
Email: [email protected]
2. Data We Collect
2.1 Account Data
When you create an account, we collect:
- Email address
- Password (stored securely via Firebase Authentication -- we never have access to your plain-text password)
2.2 User Preferences and Content
We store data you provide through normal use of the App:
- Home country and destination selections
- Budget entries (amounts, categories, dates)
- Favourite phrases and destinations
- Recent destination history (up to 5 entries)
This data is stored in Google Cloud Firestore and is associated with your account.
2.3 Device and Technical Data
- Device locale: We read your device's language and region settings to automatically detect your home country. This data is processed locally and not transmitted to our servers.
- Device information: Operating system, app version, device model (collected via crash reporting).
2.4 Analytics Data
We use PostHog to collect anonymised usage analytics, including:
- Screens visited and features used
- Session duration and frequency
- App performance metrics
PostHog data is collected to help us understand how the App is used and to improve the experience. This data is not linked to your personal identity.
2.5 Crash Reporting
We use Sentry to collect crash reports and error logs. These may include:
- Stack traces and error messages
- Device type, operating system version, and app version
- Approximate location (country level only, derived from IP address)
Crash data is used solely to identify and fix bugs. It is automatically deleted after 90 days.
3. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Providing the App's core features | Account data, preferences, budget entries | Contract performance |
| Personalising your experience | Device locale, destination history | Legitimate interest |
| Improving the App | Anonymised analytics | Legitimate interest |
| Fixing bugs and crashes | Crash reports, device info | Legitimate interest |
| Communicating with you | Email address | Contract performance / consent |
4. Third-Party Services
We use the following third-party services to operate the App:
| Service | Provider | Purpose | Data Processed |
|---|---|---|---|
| Firebase Authentication | Google LLC | User sign-in and account management | Email, password (hashed) |
| Cloud Firestore | Google LLC | Data storage | User preferences, budget data |
| PostHog | PostHog Inc | Product analytics | Anonymised usage events |
| Sentry | Functional Software Inc | Crash reporting | Error logs, device info |
Each of these services has its own privacy policy. We encourage you to review them. Data processed by Google services is subject to appropriate safeguards for international data transfers.
5. In-App Purchases
DayRoam offers a one-time in-app purchase to unlock all 195 countries. This is a single payment with no subscription, no automatic renewal, and no recurring charges.
- Payment processing: All payments are handled entirely by Apple (App Store) or Google (Google Play Store). Overpass Apps Ltd does not collect, store, or process your payment card details at any point.
- Purchase verification: When you complete a purchase, the relevant app store returns a receipt or token confirming the transaction. This receipt is verified against the app store's servers to confirm its validity.
- Purchase status storage: Your unlock status is stored locally on your device and verified through the respective app store. No financial data is transmitted to Overpass Apps Ltd servers.
- Restore purchases: If you reinstall the App or switch to a new device, you can restore your purchase through the app store at no additional cost.
For questions about refunds or billing, please contact Apple Support (App Store) or Google Play Support directly, as all payment disputes are handled by the respective platform.
6. Data Retention
- Account and user data: Retained for as long as your account is active. Deleted within 30 days of account deletion.
- Analytics data: Retained for 12 months, then automatically deleted.
- Crash reports: Retained for 90 days, then automatically deleted.
7. Your Rights
Under the UK GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict processing of your data
- Data portability -- receive your data in a portable format
- Object to processing based on legitimate interest
- Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption in transit (TLS/HTTPS) and at rest
- Firebase Security Rules restricting data access to authenticated users
- Regular security reviews of our infrastructure
9. Children's Privacy
The App is not directed at children under 13 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. International Data Transfers
Some of our third-party service providers process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the Information Commissioner's Office (ICO).
11. Cookies (Website)
Our website uses minimal cookies:
- Google Analytics: Anonymous usage tracking to understand website traffic.
No advertising or tracking cookies are used.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the App or by email. The "Last updated" date at the top reflects the most recent revision.
13. Complaints
If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Website: ico.org.uk
Telephone: 0303 123 1113
14. Contact
For any questions about this Privacy Policy or your personal data, contact:
Overpass Apps Ltd
Email: [email protected]