Privacy Policy
Privacy Policy
Effective date: June 10, 2026 · Last updated: July 10, 2026
Private by design. Your photos and trips never leave your iPhone: there's no Pastport account, no sign-in, and no Pastport server, and Pastport doesn't upload, track, or collect anything. Trip detection and search run on your device; city and place names and map tiles come from Apple's Maps and geocoding services, just like any map app.
Who we are
Pastport is built and maintained by Venkat Akkinepally, an independent developer based in the United States. Pastport is offered free, with no in-app purchases in version 1.
Contact: support@getpastport.app
The one thing to know
Pastport is built around a single principle: your photos and your trips never leave your iPhone. Pastport does not operate a server, does not run any analytics or telemetry, and does not collect a crash report. Nothing you do in the app is sent to us, and no one at Pastport has ever seen your photos or your trips, because there is nothing to see. The network traffic Pastport creates is limited to Apple's own system services for app features (reverse-geocoding, MapKit, PhotoKit), plus loading these legal pages (and their web fonts) from getpastport.app when you open them. All of it is detailed below.
What we do, and what we don't
We do
- Read photo dates (EXIF
DateTimeOriginal) and locations (EXIF GPS coordinates) directly from photos in your camera roll, on your device, to detect when you were on a trip. - Store your detected trip history in a local database on your device. iOS encrypts this database at rest when your device is locked.
- Reverse-geocode the coordinates we already found in your photos into a city and country using Apple's Core Location services. Apple receives those coordinates for the lookup; Pastport does not run its own server. The same is true if you open a trip whose photos live in iCloud Photos: Apple's PhotoKit may pull originals under your existing iCloud session, but Pastport never touches that traffic.
We do not
- Upload your photos to any server, ever.
- Track your live location. We only read the GPS coordinates that were already embedded in photos you took.
- Run analytics, telemetry, or any usage-signal SDK. Version 1 ships with zero analytics.
- Collect crash reports. Version 1 ships with no third-party crash-reporting SDK.
- Sell your data, or share it with advertisers or data brokers. (Apple's own system services receive only the photo coordinates and map requests described below, to provide place labels and maps, never for advertising.)
- Use your photos or trip data to train AI models.
- Operate a Pastport account system, login, or cloud sync. (Cloud sync may be added in a future version, opt-in.)
- Track you across other apps or websites. There are no third-party trackers embedded in the app.
Permissions we ask for
Photos
Pastport reads photo dates and GPS coordinates from your camera roll to detect trips automatically, using Apple's PhotoKit framework. We never upload photos, and we never write to your photo library unless you explicitly tap to save a shareable trip card. If you grant only limited access ("Select Photos"), Pastport builds trips from just the photos you choose, and you can add more anytime.
Location: not used for tracking
Pastport does not track, sample, or store your live location, and version 1 does not ask for location access to work. Place labels come from the GPS coordinates already saved inside your photos, which Pastport passes to Apple's geocoding (that does not require location permission). Your live whereabouts are never involved.
Analytics: there are none
Pastport version 1 ships with zero analytics. There is no analytics SDK in the app, no usage events are emitted, and no telemetry leaves your device. There is therefore nothing to opt out of; Pastport already collects nothing.
If a future version ever adds optional, anonymous analytics, we will (1) make it opt-in and off by default, (2) clearly describe what is collected, and (3) update this page and the App Store privacy label before that version ships. Crash reporting in version 1 is also none: there is no third-party crash SDK in the v1 binary. Apple's MetricKit is part of iOS itself; Pastport does not consume or forward its data.
The only network calls Pastport makes
For full transparency, here is the complete list of network calls Pastport's own code initiates:
- Apple's reverse-geocoding: Apple receives the EXIF coordinates already embedded in your photos and returns a city + country label.
- Apple's MapKit: to render map tiles for the globe and trip-detail maps.
- Apple's place search (MKLocalSearch): to match your photo coordinates to nearby place and point-of-interest names. Apple receives the coordinates already in your photos; Pastport runs no server for this.
- This page (and our Terms of Use): when you tap "Privacy Policy" or "Terms of Use" in Settings, an in-app web view loads the page from our static hosting at
getpastport.app. The pages contain no analytics, no cookies, and no third-party scripts; the only outbound request is to Google Fonts (fonts.googleapis.com/fonts.gstatic.com) to fetch the page's typefaces. This happens only when you ask for it. - Apple's PhotoKit: if you open a trip whose originals live in iCloud Photos, PhotoKit may pull them from Apple under your existing iCloud session. Pastport never touches that traffic; it is between Apple and your iCloud account.
That is the complete list. No analytics, no telemetry, no crash reporting, no third-party trackers.
This website
The Pastport website (getpastport.app) is a static site. It sets no cookies, runs no analytics, embeds no third-party trackers, and has no forms. Visiting it does not collect any personal information. Fonts are loaded from Google Fonts; your browser contacts Google's font servers to fetch them, subject to Google's own policies.
Children's privacy
Pastport is not directed at children under 13, and we do not knowingly collect data from them. In practice, Pastport version 1 collects nothing off any device: there is no account, no server, and no analytics. All photo and trip data lives only on the user's device and is deleted along with the app on uninstall.
We do not sell or share your personal information
For California residents under the CCPA/CPRA, and for the same posture worldwide: Pastport does not sell, share, or disclose your personal information to third parties for monetary or other valuable consideration, and does not engage in cross-context behavioral advertising. No "Do Not Sell or Share My Personal Information" link is required because we do neither.
Your rights
Because Pastport stores all your photo and trip data on your device only, you control it directly:
- Delete a trip: open the trip, then use its menu to delete it.
- Delete everything: Settings → Reset Pastport wipes the local database.
- Uninstall Pastport: removes the app and its sandboxed data. Your photos in the Photos app are never touched.
If you are in the EU/UK and want a copy of, correction to, or deletion of any data we hold about you, email support@getpastport.app. In practice we hold no personal data about you; version 1 collects nothing off your device.
Data retention
On your device: Pastport keeps your trip data until you delete it or uninstall the app. We do not auto-expire it. Off your device: nothing. Pastport version 1 collects no data off the device, so there is nothing to retain.
Security
Pastport's local data benefits from iOS's standard on-device security, including Data Protection (encryption at rest when the device is locked) and the iOS sandbox. Most of Pastport's features run with no network connection at all.
Changes to this policy
If we change this policy materially, we will update the effective date above and, where relevant, prompt you on the next app launch. Continued use of the app after a change indicates acceptance of the updated policy.
Governing law
This policy is governed by the laws of the State of California, United States, without regard to its conflict-of-laws principles. Nothing in this policy waives any consumer-protection rights you have under your local jurisdiction.