BugBitten ("we", "us", or "our") operates the BugBitten platform at bugbitten.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using BugBitten you agree to this policy.
Information we collect
- Account information: name, email address, profile photo, and bio when you create an account.
- Content: trip journals, reviews, check-ins, comments, photos and other content you post.
- Communications: messages you send us via email or support channels.
- Social sign-in: if you sign in with Google we receive your name, email address and profile picture from that provider.
- Location data: GPS coordinates at the time of a check-in. Used solely to verify physical presence at a location — precise coordinates are never stored permanently or displayed publicly.
- Usage data: pages visited, features used, timestamps, referring URLs, and session duration.
- Device data: IP address, browser type, operating system, and device identifiers.
- Cookies and similar technologies: session cookies, preference cookies, and analytics identifiers. See Section 07 for details.
- Authentication providers (Google) may share profile data as described above.
- Analytics and infrastructure providers may share aggregated or anonymised usage reports with us.
How we use your information
We use your information to:
- Create and manage your account and authenticate your identity.
- Verify that reviews and check-ins are GPS-confirmed from the stated location.
- Display your public profile, posts, and travel history as you configure them.
- Send service notifications, security alerts, and account-related emails.
- Personalise your feed and recommend content and fellow travellers.
- Improve, maintain, and protect the safety and security of the Service.
- Comply with legal obligations and enforce our Terms of Service.
- Analyse usage trends to understand how our Service is used.
We do not sell your personal information to third parties. We do not use your data for targeted advertising.
GPS & location data
Location is core to how BugBitten verifies reviews. Here is exactly how we handle it:
- Your device GPS is accessed only when you initiate a check-in. We do not track your location in the background.
- Precise coordinates (latitude/longitude) are used solely to match your position to a known place and to generate your GPS-verified badge. They are then discarded.
- Only the matched place name (e.g. "Chiang Mai, Thailand") is stored and displayed on your profile.
- You can deny location permission in your browser or device settings at any time, though this will prevent GPS verification of reviews.
Data retention
We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required to retain it for legal, regulatory, or fraud-prevention purposes. Anonymised usage statistics may be retained indefinitely.
Your rights
Depending on your jurisdiction you may have the following rights:
- Access: request a copy of the personal data we hold about you.
- Correction: request correction of inaccurate data.
- Deletion: request deletion of your personal data ("right to be forgotten").
- Portability: receive your data in a structured, machine-readable format.
- Objection / Restriction: object to or request restriction of certain processing.
- Withdrawal of consent: where processing is based on consent, withdraw it at any time.
To exercise any of these rights, contact us at privacy@bugbitten.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
Children's privacy
BugBitten is not directed at children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete it immediately. If you believe a child has registered, please contact us at privacy@bugbitten.com.
International data transfers
BugBitten is operated from Australia and our primary database is hosted in Japan. If you access the Service from the European Economic Area, United Kingdom, or other regions with data protection laws, your information may be transferred to countries that may not have the same protections. We take appropriate safeguards including using service providers that offer Standard Contractual Clauses to protect your information during any such transfers.
Security
We implement industry-standard technical and organisational measures to protect your information, including HTTPS encryption in transit, encrypted storage, access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure. If you discover a security vulnerability, please report it responsibly to security@bugbitten.com.
Third-party links
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal information.
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date, and by sending an email notification where appropriate. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.
Contact us
Questions, concerns, or requests regarding this policy? Reach us directly:
Social platform compliance
BugBitten allows sign-in via Google and may in future support additional social login providers. Our handling of data obtained through these integrations complies with each platform's developer policies: