Privacy Policy

Last updated: May 27, 2026

This Privacy Policy explains how Fuzati LLC (“Camigo,” “we,” “us”) collects, uses, and protects your information when you use the Camigo iOS app, the Camigo Android app, and any related websites (collectively, the “Service”).

1. Who we are

Fuzati LLC operates Camigo as a private group-trip platform for organized pilgrimages and faith-based group travel. We are the data controller for personal information you provide directly to us. For organizational subscribers (tour operators), the operator acts as joint controller for data about their pilgrims; the operator’s own privacy policy may also apply.

Contact: [email protected] · Fuzati LLC, mailing address available on request.

2. Information we collect

We collect only what is necessary to operate the Service.

2.1 Information you provide

  • Account: email address and, optionally, your name. We use Supabase Auth to manage sign-in via password or one-time email link.
  • Pilgrim profile (optional, supplied for trip logistics): legal name, date of birth, phone number, mailing address, passport number and expiry, passport nationality, passport photo, emergency contact information, dietary restrictions, mobility needs, medical notes, rooming preferences, and travel departure city.
  • User-generated content: chat messages, photos you upload (including any GPS location embedded in their EXIF metadata), photo tags, and reactions.
  • Payment data (web only): when you register for a paid trip via the web portal, payment is processed by Stripe. We receive a Stripe customer ID and payment-method reference; we do not store your full card details. The iOS app does not handle payments.

2.2 Information collected automatically

  • Device push token: if you grant notification permission, your Apple Push Notification service token is stored so we can deliver chat and announcement notifications.
  • Service operation logs: standard server-side request logs (timestamps, IP addresses, error traces) retained for up to 30 days for debugging and abuse prevention.

2.3 Information accessed on your device only (never uploaded)

  • HealthKit step count: if you enable step tracking, Camigo reads your daily step count from Apple HealthKit to show your walking progress. This data stays on your device and is never transmitted to our servers or any third party.

3. How we use information

  • To operate the Service: showing your trip, delivering chat and announcements, displaying photos and itineraries.
  • To verify your identity and authenticate you.
  • To provide customer support and respond to your inquiries.
  • To comply with legal obligations and operator contractual obligations (e.g., providing passport details to the tour operator for international travel logistics).
  • To detect and prevent abuse, fraud, and safety incidents.

We do not sell your personal information. We do not use your data for advertising. We do not perform automated profiling or decision-making that has a legal or similarly significant effect on you.

4. How we share information

  • Within your trip group: chat messages, photos, photo tags, your display name, and (where the operator has enabled it) profile information are visible to other members of the same trip and to the trip’s leaders and operator.
  • With your tour operator: the operator running your trip has access to your registration data, payment status, and any logistics fields you provide.
  • Service providers (processors): Supabase (database, authentication, storage, real-time, edge functions, push delivery), Apple Push Notification service and Firebase Cloud Messaging (push delivery), Stripe (payments, web only), Resend (transactional email), Google Cloud Vision (photo classification — only uploaded photos are sent, never HealthKit data), and Mapbox (map tiles). Each is contractually bound to process data only as instructed by us.
  • Legal requirements: if compelled by valid legal process, we may disclose information; we will narrow such disclosure to what is required.

5. International transfers

Our service providers are primarily located in the United States. If you access the Service from outside the United States, you consent to transfer of your information to the U.S. We rely on Standard Contractual Clauses for data transfers from the EEA and U.K.

6. Data retention

  • Account and profile data: retained while your account is active.
  • Chat messages and photos: retained until you or your trip operator deletes them, or until you delete your account.
  • Payment records: retained for 7 years as required by accounting and tax law.
  • Service logs: 30 days.

7. Your rights

You can:

  • Access and export your data by emailing [email protected].
  • Correct your data from your profile screen in the app or by emailing us.
  • Delete your account from within the Camigo iOS app: Profile → Delete Account. Deletion is immediate and permanent. We will also delete your account on request to [email protected].
  • Withdraw consent by deleting your account or disabling specific permissions (notifications, HealthKit) in your device Settings.
  • Object to processing or request restriction by contacting us.
  • If you are in the EEA, U.K., or Switzerland, you have the right to lodge a complaint with your local data protection authority.
  • If you are a California resident, you have the rights described under the California Consumer Privacy Act (CCPA): the right to know, the right to delete, and the right to opt out of sale (we do not sell data).

8. Children

Camigo is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us at [email protected] and we will delete it. Pilgrims aged 13–17 may use Camigo only with parental consent and only as part of a trip group organized by an adult tour operator.

9. Security

We use industry-standard safeguards: encryption in transit (TLS 1.2+), encryption at rest, row-level security in our database, scoped access tokens, and regular security review. No system is perfectly secure; if we become aware of a breach affecting your information, we will notify you as required by law.

10. Changes

We may update this policy from time to time. We will post the updated policy here with a new “Last updated” date and, if changes are material, notify you in the app.

11. Contact

Questions about this policy or your data: [email protected].

Privacy Policy — Camigo | Camigo