Privacy Policy

This Privacy Policy describes how Z-Nomads (the “App”), operated by Freddy Builds (“we”, “us”), handles your information. We’ve tried to write it in plain English. If anything is unclear, email hello@freddybuilds.io.

Short version: most of what you put into Z-Nomads stays on your device (and your private iCloud). We don’t sell your data. We don’t run ads. The only places information leaves your phone are the third-party services listed below, and only when the app needs them to answer a question you asked.

1. Data we store on your device

Your trips, wishlist destinations, packing lists, profile, base airport, and preferences are stored locally using Apple SwiftData. If you have iCloud enabled on your device, this data also syncs to your private iCloud account via Apple CloudKit so it stays in sync across your devices. This data is not visible to us. We do not have a server you log into, and we do not receive copies of your trips, packing lists, or other content.

2. Third-party services we call on your behalf

When you ask the app to do something that requires the internet (searching flights, asking the AI a question, looking up a place), it sends only what’s needed to answer that request, to one or more of the following providers:

• Anthropic — when you use AI features (border briefings, destination suggestions, packing intelligence), the App sends your prompt to the Claude API. Anthropic processes the request to generate a response. See Anthropic’s privacy policy.
• SerpAPI / Google Flights — when you search flights, we send the origin, destination, and dates to SerpAPI, which queries Google Flights and returns real prices. We do not send your name, email, or identifying information. See SerpAPI’s privacy policy.
• Duffel — used to resolve city names to airport (IATA) codes. We send the search term. See Duffel’s privacy policy.
• Travelpayouts — optional cached flight price source used as a fallback. We send airport codes and dates. See Travelpayouts’ privacy policy.
• RevenueCat — handles subscription management for Z-Nomads Pro. Receives an anonymous device-scoped identifier and the App Store transaction so it can determine whether you have an active subscription. See RevenueCat’s privacy policy.
• TelemetryDeck — anonymous product analytics. We send event signal names (e.g. borderConfidence.viewed, flightSearch.completed) and an anonymous hashed install ID. We do not send your name, IP address (TelemetryDeck strips it), destination names, passport data, prices, or any content you create. No advertising SDK is loaded; no cross-app tracking. You can disable this in Settings → Privacy → Anonymous analytics. See TelemetryDeck’s privacy policy.
• Apple App Store — handles the actual payment when you subscribe. We never see or store your payment information.

3. What we do not do

• We do not sell or rent your data to anyone.
• We do not run ads inside the app.
• We do not use third-party advertising SDKs (no Google Analytics, no Facebook Pixel, no AppsFlyer, no marketing-attribution SDKs). The only analytics is anonymous TelemetryDeck event counting, described above.
• We do not track you across other apps or websites and we do not use Apple’s App Tracking Transparency framework because we have nothing to track.
• We do not have a backend that stores your trips or messages.

4. Children

Z-Nomads is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has used the app and you want their data removed, email hello@freddybuilds.io.

5. Your rights and choices

• Delete everything: uninstalling the App removes everything stored on your device. To also remove your iCloud copy, open iCloud Settings → Manage Storage → Z-Nomads and tap Delete Data.
• Cancel subscription: manage or cancel anytime via App Store → Apple ID → Subscriptions.
• Disable anonymous analytics: turn off TelemetryDeck event signals in Settings → Privacy → Anonymous analytics inside the App.
• Access or export: the App stores your data on your device — you already have it. If you need a copy in a portable format, email us.
• Regional rights (GDPR / CCPA): EU, UK, and California residents have additional rights including access, correction, and erasure. To exercise them, email hello@freddybuilds.io. Because we hold very little of your data, we can usually act on these requests quickly.

6. Security

Data on your device is protected by iOS device encryption. iCloud sync is protected by Apple’s CloudKit encryption. API calls to the third-party services listed above are made over HTTPS. We rely on Apple’s and our providers’ security infrastructure; no system is perfectly secure, but we’ve minimized the surface area by not running our own server.

7. Changes to this policy

We’ll update this page if we change how the app works. Material changes will be highlighted in-app. The “Last updated” date above always reflects the current version.

8. Contact

Questions, requests, or feedback: hello@freddybuilds.io.