YOUR PRIVACY
IS OUR CAMPFIRE
At Outcation, we believe the best data policy is a minimal one. We don't need your personal data to build a great camping community — so we simply don't collect, store, or keep it beyond what's strictly necessary.
🗺️ TABLE OF CONTENTS
⚡ TL;DR Summary
PLAIN ENGLISH VERSION
We collect the absolute minimum needed to run Outcation. If we don't need a piece of data, we don't collect it — full stop.
We do not keep personal data. Once it's no longer needed for the service, it's permanently deleted — not archived, not profiled, not sold.
We do not sell, rent, or trade your personal data to anyone. Ever. Period.
Any data that passes through our systems is encrypted and secured at every step. You are always in control — access, correct, or delete it any time.
🌿 Our Data Minimization Pledge
OUR COMMITMENT TO YOU
We Don't Need Your Data
Outcation is designed to work without unnecessary personal information. We've built our systems around the principle of collecting as little as possible.
We Don't Keep Your Data
Personal data is never retained beyond its immediate purpose. Once a task is done, the data is deleted — we don't archive or store personal information indefinitely.
What We Hold, We Protect
The small amount of data necessary to run your account is secured with industry-leading encryption at rest and in transit. No exceptions.
📍 Information We Collect
We apply a strict "if we don't need it, we don't collect it" rule. The following is the complete list of what we may collect — nothing more.
Account Information
Only your email and a hashed password. We don't ask for your real name, phone number, or any identifier beyond what's needed to log you in securely.
Camping Data You Share
Trip details, locations, and photos you voluntarily publish. This data is yours — we store it only to display it back to you and the community.
Usage Data
Anonymized, aggregated analytics (e.g. which features are used most). This cannot be linked back to you personally.
Device Information
Basic device type and OS version, used only for crash reporting to fix bugs. Never linked to your identity.
📡 Location & Camera Data
GPS & Location
Location is accessed only while the app is in use (foreground only), and only to show nearby campsites or log a route you've started. We do not store your raw GPS coordinates on our servers — location data is processed on-device where possible and immediately discarded after use. You can revoke this permission at any time in your device settings.
Camera & Photo Library
We only access photos you explicitly choose to upload. We do not scan, index, or analyze your photo library. Uploaded photos are stored securely and visible only based on your sharing settings. If you delete a photo, it is removed from our servers within 30 days.
🎯 How We Use Your Data
Provide and improve our camping platform services
Connect you with fellow outdoor enthusiasts
Process payments and manage subscriptions
Send important updates about your trips and account
Analyze anonymized, aggregated usage to enhance user experience
Ensure platform security and prevent fraud
Comply with legal obligations when required
🏕️ Community Visibility
Outcation is a community platform. Here's what other users may see depending on your privacy settings:
PUBLIC BY DEFAULT
Username & profile photo
Published trip logs
Campsite reviews & ratings
PRIVATE BY DEFAULT
Exact GPS coordinates
Email address
Payment information
You can adjust your visibility settings at any time in Account → Privacy Settings.
🕰️ Data Retention
Our core principle: we do not keep personal data. If we no longer need it to deliver the service, it is deleted — not archived, not profiled, not sold. The table below outlines our specific retention windows.
🔐 Security & Encryption
Every piece of personal data that passes through Outcation is treated as highly sensitive. Here is exactly how we protect it:
Encryption in Transit
All data sent between your device and our servers is protected by TLS 1.3 — the same standard used by banks. No one can intercept it mid-journey.
Encryption at Rest
Data stored on our servers is encrypted at rest using AES-256. Even if a server were physically compromised, your data would be unreadable.
Access Controls
Strict role-based access means only essential, authorized team members can access data — only for a legitimate reason, with full audit logs.
Password Security
We never store your password in plain text. Passwords are hashed using bcrypt with a unique salt — we cannot see or recover your password.
Breach Response
In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR.
Regular Audits
Our security practices are reviewed regularly. We run penetration tests and dependency audits to keep our entire stack secure.
🧒 Children's Privacy
Outcation is not intended for children under the age of 13 years old. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it immediately.
If you are a parent or guardian and believe your child has submitted information to us, please contact us at privacy@outcation.app and we will take prompt action.
🌍 International Data Transfers
Outcation operates globally and your data may be stored and processed in countries outside your own, including the United States. These countries may have different data protection laws than your home country.
Where we transfer data internationally, we use Standard Contractual Clauses (SCCs) approved by the European Commission, or rely on adequacy decisions where applicable, to ensure your data is protected to the same standard required by EU/UK law.
🏛️ GDPR & CCPA Compliance
🇪🇺 For EU / UK Users (GDPR)
We process your data based on contract performance, legitimate interests, or your explicit consent
You have the right to data portability — receive your data in a machine-readable format
You can object to or restrict certain processing activities
You have the right to lodge a complaint with your local supervisory authority
🇺🇸 For California Users (CCPA)
You have the right to know what personal information we collect and how it's used
You have the right to delete personal information we hold about you
We do not sell your personal information — you will not need to opt out
We will not discriminate against you for exercising your CCPA rights
🛡️ Data Protection
Encryption
All data in transit is encrypted using TLS 1.3. All data at rest uses AES-256 encryption.
Secure Storage
Your information is stored in secure, encrypted data centers with restricted access and regular backups.
Limited Access
Only authorized personnel can access your data, for legitimate purposes only, with full audit trails.
⚖️ Your Rights
Access Your Data
Request a full copy of all personal information we hold about you.
Correct Information
Update or correct inaccurate personal data in your account at any time.
Delete Account
Request deletion of your account and all personal data — permanently removed within 30 days.
Data Portability
Receive a copy of your data in a structured, machine-readable format (CSV or JSON).
Opt-Out
Control marketing communications, analytics cookies, and certain data collection practices.
Restrict Processing
Ask us to stop or limit how we use your data in specific circumstances.
📋 Policy Changes
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by:
Sending an email notification to your registered email address
Displaying a prominent in-app banner before the changes take effect
Updating the 'Last Updated' date at the top of this page
Continued use of Outcation after a policy update constitutes your acceptance of the revised terms.
📬 Questions About Privacy?
Contact our privacy team at:
privacy@outcation.app
We aim to respond to all privacy-related enquiries within 72 hours.