Legal

Privacy Policy

Overstay — Visa Days & Travel Tracker

Last updated: 6th April 2026

Overstay is developed by Thomas Wright. This privacy policy explains how the Overstay iOS app ("the app") handles your information.

The short version: your data stays on your device. We have no servers, no accounts, no analytics, and no way to see your information.

What the App Does

Overstay helps you track time spent in foreign countries, monitor visa and immigration allowances, and plan future trips. All calculations, trip records, and personal data are processed and stored locally on your device.

Information We Do Not Collect

We do not collect, transmit, store, or have access to any personal data. There are no user accounts, no registration, no email collection, no analytics, no crash reporting services, and no third-party tracking or advertising SDKs in the app.

We have no server infrastructure. The app is entirely self-contained on your device.

Data Stored on Your Device

The app stores the following data locally on your device using Apple's SwiftData framework:

  • Your nationality and passport selections
  • Your chosen country of residence
  • Trip records (destinations, dates, and notes you enter)
  • Allowance rule configurations
  • Visited countries checklist
  • App preferences and settings

This data exists only on your device and in your personal iCloud account if you choose to enable backup. We cannot access it.

Location Data

The app offers an optional GPS border detection feature (available to premium subscribers) that uses Apple's significant location monitoring to detect when you may have crossed into a new country. If enabled:

  • Location is processed on your device only
  • No coordinates, movement history, or location data are stored by the app
  • Location is used solely to trigger a notification prompting you to log a trip
  • No trip is recorded unless you explicitly confirm it
  • You must manually enable this feature in the app's settings and grant "Always" location permission through the iOS system dialogue

If you do not enable GPS detection, the app never requests or accesses your location. Free-tier users are never prompted for location access. You can revoke location permission at any time in iOS Settings.

Photo Library Access

The app offers an optional photo import feature that reads location coordinates and dates from your photo metadata (EXIF data) to suggest trips you may have taken. If you use this feature:

  • Only the geographic coordinates and creation date embedded in each photo are read
  • No image content, thumbnails, or photo files are accessed, copied, or transmitted
  • Suggested trips are presented for your review — nothing is saved until you explicitly confirm
  • No photo metadata is retained after the import session ends
  • Only the trip records you confirm are stored on your device

Photo library access is requested only when you choose to use the import feature. You can revoke access at any time in iOS Settings.

iCloud Backup

The app offers an optional encrypted iCloud backup feature (available to premium subscribers). If you enable it:

  • All data is encrypted on your device before it leaves the device, using AES-256-GCM encryption
  • The encryption key is generated randomly by the app and stored in your iCloud Keychain, which is itself end-to-end encrypted by Apple
  • The encrypted backup is stored in your personal CloudKit private database, tied to your Apple ID
  • We do not hold, manage, or have access to the encryption key
  • We cannot decrypt, read, or access your backup data under any circumstances
  • Backup occurs automatically after data changes, with a manual option available in the app

If you lose access to your Apple ID and all of your devices, the encryption key stored in your iCloud Keychain will be lost and your backup will be unrecoverable. This is a consequence of the end-to-end encryption design — there is no recovery mechanism that bypasses it.

Purchases and Subscriptions

Premium features are available through Apple's in-app purchase system (StoreKit 2). All purchase transactions are processed entirely by Apple. We do not receive, process, or store any payment information such as credit card numbers, billing addresses, or Apple ID credentials. Your premium entitlement status is verified locally on your device by Apple's StoreKit framework.

For details on how Apple handles purchase data, refer to Apple's Privacy Policy.

Apple Calendar Integration

The app offers an optional Apple Calendar integration (available to premium subscribers). If you enable it:

  • The app reads from and writes to Apple Calendar using Apple's EventKit framework
  • Calendar data is processed locally on your device
  • No calendar data is transmitted to us or any third party
  • Only the trip records you confirm are stored within the app
  • Revoking calendar access in iOS Settings stops all calendar interaction; existing trip records in the app are unaffected

Notifications

All notifications sent by the app are local notifications scheduled on your device. No push notification server is involved. We do not have a mechanism to send you notifications remotely.

Children's Privacy

The app is rated 4+ and does not knowingly collect any information from anyone, including children under 13. Since no data is collected or transmitted, no age-specific data protections are implicated.

Data Retention and Deletion

Since all data is stored locally on your device, you have full control over it at all times. You can delete individual trips or your entire profile within the app. Uninstalling the app removes all locally stored data. If you have enabled iCloud backup, you can delete the backup from your iCloud account via Apple's iCloud storage management in iOS Settings.

Third-Party Services

The app uses the following Apple frameworks and services:

  • SwiftData — local on-device data storage
  • MapKit — map rendering and reverse geocoding (subject to Apple's terms)
  • CloudKit — encrypted iCloud backup storage (subject to Apple's iCloud terms)
  • StoreKit 2 — in-app purchase processing (subject to Apple's terms)
  • Core Location — optional GPS border detection
  • PhotosUI — optional photo metadata reading
  • EventKit — optional Apple Calendar integration

No third-party analytics, advertising, crash reporting, or tracking services are used.

Data Transfers

No personal data is transferred to us or to any third party. The only data that leaves your device is your encrypted iCloud backup (if enabled), which is stored in your personal CloudKit private database under your Apple ID. This data is end-to-end encrypted and inaccessible to us.

Changes to This Policy

If we update this privacy policy, the revised version will be posted at this URL with an updated date. Continued use of the app after changes are posted constitutes acceptance of the revised policy.

Contact

If you have questions about this privacy policy or the app's data practices, contact us at:

[email protected]