Northlander.app
Privacy Policy

What Northlander remembers,
and what it doesn't.

Effective 9 June 2026 · Last reviewed 9 June 2026

Northlander.app is built around the idea that your trip belongs to you. Today, the app runs entirely on your device. In a future paid plan we'll offer optional accounts to sync across devices; this page tells you what changes when we do.

1. What we collect today

Nothing on a server. Every trip, packing list, booking, photo, diary entry, ledger row, user event, and bucket-list item you create lives only inside your browser's local storage (specifically IndexedDB) on the device you used to create it.

The app does not send your trip data, your photos, your text, or your spending to us or to anyone else. There are no analytics scripts, no advertising trackers, no fingerprinting libraries, no third-party "tag manager".

2. Where your data physically sits

  • IndexedDB (named "northlander") : holds your trips and every child row (packing, bookings, diary, budget, photos, user events).
  • sessionStorage : short-lived cache for weather forecasts and geocoded addresses so we don't re-fetch them on every page change.
  • localStorage : one or two flags (whether you've dismissed the onboarding overlay, etc).

You can wipe all of it any time by clearing your browser's site data for northlander.app, or by deleting individual trips through the app's interface.

3. Third-party services the app talks to

The app fetches a handful of read-only services so it can show train schedules, maps, weather, and Guide listings. None of these calls carry your trip data:

  • NorthlanderGuide.com : loads listing, event and packing-suggestion data files via cross-origin script tags. We send no information about you.
  • Open-Meteo (open-meteo.com) : fetches the daily weather forecast for each stop on your route by latitude / longitude only. Open-Meteo is a free, no-key weather API; their privacy policy is at open-meteo.com/en/terms.
  • OpenStreetMap Nominatim (nominatim.openstreetmap.org) : geocodes booking and event addresses into map coordinates. Sees the address text you submit and your IP address (standard for any web request). Their privacy policy is at osmfoundation.org/wiki/Privacy_Policy.
  • Carto basemaps : supplies the map tiles you see on each chapter's map. Sees the map tile coordinates and your IP address.

The QR code on the Share modal is encoded entirely in your browser. Stop hero photos (the share poster's polaroids) come through a same-origin /stop-images/ path that's served by the Guide; no third-party image proxy is involved.

We do not maintain analytics or logs of these calls. The third parties listed above may log standard web-server access information per their own policies.

4. Photos and uploads

Photos you upload (to the trip cover or to the per-stop album) are resized in your browser and stored as Blobs inside IndexedDB on your device. They are not uploaded anywhere. If you use the device "Share" sheet to post a polaroid to Instagram / X / etc., that share happens through your operating system : the photo travels directly from your device to the app you picked.

5. Sharing a trip

The "Share" button can produce either a vintage-poster PNG drawn on your device, or a shareable URL containing a compressed snapshot of your route, packing list, bookings, diary, budget, and user events. The URL is generated entirely client-side; the data lives in the URL's fragment (the bit after #), which browsers do not send to web servers. Photos do NOT travel in the URL.

If you copy and send that URL to a friend, anyone with the link can view + import the trip. Don't share it publicly if it contains private information.

6. What changes with the paid plan

We'll soon add an optional paid tier with email-based accounts so you can sync your trips across devices. When that ships, this section will be updated. Plain-English plan:

  • An account requires an email address and a password (or a passwordless magic link).
  • Payment will go through a regulated processor (Stripe or similar). We do not see your card number.
  • Account holders' trip data will be encrypted in transit and at rest on our servers.
  • You'll be able to delete your account and all server-side data with one click.
  • The free tier will keep working without an account.

7. Children

Northlander.app is intended for general audiences and does not knowingly collect personal information from anyone, including children under 13. When accounts launch, we won't allow account creation by users under 13 without verified parental consent.

8. Your rights

Because all of your data currently sits on your device, you can review, edit and delete it directly inside the app at any time. You can also export a full backup of any trip as a .northlander.json file using the Backup band on the trip page.

If you're in a jurisdiction with specific data rights (GDPR, CCPA, PIPEDA, etc.) and you'd like a copy or deletion of any data we hold once accounts ship, reach us at the address below.

9. Changes to this policy

If we change what we collect or how we use it, we'll update this page and bump the "Last reviewed" date at the top. Material changes will be flagged inside the app the next time you open it.

10. Contact

Questions, requests, or anything else: hello@northlanderguide.com.