Privacy policy

Last updated: June 4, 2026

The short version

We built Odysa to help you plan and enjoy meaningful travel — not to harvest your data. Here's what you should know up front:

1. Who we are

Odysa ("we," "our," "us") is an AI-powered travel app based in Cebu, Philippines, that helps travelers plan, discover, and remember meaningful journeys. You can reach us anytime at hello.odysa@outlook.com.

2. What we collect

Account information

Your email address, name, and profile photo. If you sign in with Apple or Google, we receive these from your provider (Apple lets you hide your email behind a relay address — we honor that). If you create an account with email and password, you provide your email, a name, and a password. Passwords are handled and stored by Firebase Authentication using industry-standard hashing — we never see or store your password in plain text.

Your content

The trips and itineraries you create, the travel preferences you set, the chat messages you exchange with Odysa's AI assistant, and any photos you upload to a trip or set as your profile picture. Trip photos are stored on your device today; a future update will sync them to secure cloud storage so you can access them across devices.

Location — only with your permission

To make the first day of your itinerary realistic, Odysa can plan how you'll get from where you are to your destination (for example, your taxi to the airport or the ferry to an island). To do this we ask for location permission and read an approximate, city-level position once, at the moment you generate a trip. We use it only to determine your starting city, which we send to our itinerary service so Day 1 begins from where you actually are. It is never used for advertising, profiling, or cross-app tracking. If you decline, trip generation still works — Day 1 simply starts at the destination.

Diagnostics and analytics

To keep Odysa stable and understand which features help travelers, we collect:

What we do not collect

Odysa does not collect your precise GPS location (city-level only, and only with your permission), your phone contacts, your calendar, your browsing history, your social media profiles, biometric or health data, financial account information, or any cross-app advertising identifiers. We do not use advertising SDKs or fingerprinting.

3. How we use your information

We do not sell your personal information, share it with advertisers, or use it to train AI models.

4. Service providers we rely on

We share information only with the providers needed to operate the app. Each is bound by its own privacy policy and processes data only as needed on our behalf.

5. Your rights and choices

From inside the app you can, at any time:

Depending on where you live, you may also have rights to access, correct, port, or restrict processing of your data under the GDPR (EU/UK), CCPA/CPRA (California), or the Philippine Data Privacy Act. To exercise any of these, email hello.odysa@outlook.com and we'll respond within 30 days.

6. Data retention

We keep your data for as long as your account is active. When you delete your account in the app, your profile, trips, and photos are removed from our active systems immediately, and any encrypted backups are purged within 30 days.

7. Data security

We protect your data with encryption in transit (HTTPS/TLS), encryption at rest, and strict database access rules so that only you can read your own profile and trip data. No system is perfectly secure, but we treat your data the way we'd want ours treated. If we ever discover a breach that affects you, we'll notify you without undue delay.

8. Children's privacy

Odysa is not directed at children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, contact us and we'll delete it.

9. International users

Odysa is operated from the Philippines, and some of our providers are based in the United States. If you access the service from elsewhere, your information may be transferred to, stored in, and processed in these countries, protected by the safeguards applicable law requires.

10. Changes to this policy

We may update this policy as Odysa evolves. When we make material changes — for example, adding a new category of data collection — we'll update the "last updated" date above and, where appropriate, notify you in the app or by email.

11. Contact

For any privacy question, request, or complaint, email hello.odysa@outlook.com. If you are in the Philippines, you may also contact the National Privacy Commission at privacy.gov.ph.