Privacy Policy

2. What does this privacy policy cover?

This privacy policy covers our website at railwise.eu and the Railwise iOS app.

We only describe the data processing activities that are actually relevant to the current product. We do not run ad networks, we do not sell personal data, and we do not use advertising tracking cookies.

3. Website hosting and delivery

Our website is delivered via Vercel. When you access the website, Vercel processes technically necessary connection data, in particular your IP address, date and time, requested URL, browser and device information, and referrer.

This processing is necessary to provide the website securely and reliably.

Legal basis: Art. 6(1)(f) GDPR.

More info: https://vercel.com/legal/privacy-policy

4. Web analytics

We use Vercel Web Analytics to understand which pages are visited and from which referrers visitors reach our website. According to the provider, this service works without tracking cookies.

This may include page views, referrers, browser/device categories, and derived country information. We use this information only in product and traffic reports, not for advertising or profiling.

Legal basis: Art. 6(1)(f) GDPR.

5. Local browser storage

Our website uses small browser-side storage entries (Local Storage) for purely functional settings, for example theme selection, dismissed App Store prompts, or remembered entries in the command palette.

This information stays in your browser and is not intentionally linked by us to your real-world identity on the server side.

Legal basis: Art. 6(1)(f) GDPR.

6. Using the iOS app

The Railwise app can generally be used without a traditional user account. On the device we store, in particular, saved journeys, settings, travel preferences, local app state and, if used, a pseudonymous social ID and display name for social features.

We need this local data so that the app works and your saved content remains available across app launches.

Legal basis: Art. 6(1)(b) GDPR.

7. In-app product analytics

In the iOS app we use TelemetryDeck to understand how the app and individual features are used and to improve product quality. This includes, in particular, a pseudonymous installation/device identifier, app version, operating system, language, screen views, feature usage, and events such as deep-link openings or notification permission changes.

We do not use this information for ad tracking and we do not intentionally combine it with real names or email addresses.

Legal basis: Art. 6(1)(f) GDPR.

More info: https://telemetrydeck.com/privacy/

8. Push notifications

Push notifications are optional. If you enable them in the app, we request the relevant iOS permission and process your device's APNs token so that notifications can be delivered.

For active train notifications we also store the related journey ID, train identifiers, station/EVA data, travel date, scheduled times, and your notification settings (for example pre-departure reminders or delay thresholds). This information is processed through our backend and managed with automatic expiry.

Legal basis: Art. 6(1)(b) GDPR for the feature you request and Art. 6(1)(a) GDPR for the system permission.

9. Calendar export

If you export a journey from the app to your calendar, the app uses the iOS EventKit editing UI. The journey data you selected - for example train name, departure and arrival time, stations, notes and, where available, location information - is prefilled into a calendar event that you can still review, edit and save in Apple's calendar interface.

This processing happens locally on your device. Railwise does not receive additional calendar data merely because you use calendar export.

Legal basis: Art. 6(1)(b) GDPR.

10. Journey sharing, universal links and CloudKit

The app supports shareable Railwise links and optional social features. If you open a Railwise link such as railwise.eu/t/..., the page is first delivered through our website and then - if configured on your device - handed over to the app via universal links. In that case, the standard website access data described in section 3 is processed.

If you use iCloud/CloudKit features to share journeys with friends, the required data is processed through your Apple iCloud infrastructure. This may include a pseudonymous Railwise social ID, your display name, sharing preferences and the journey data you choose to share. Anyone who receives the shared link or shared journey can view the journey data contained in it.

Legal basis: Art. 6(1)(b) GDPR.

11. Recipients and service providers

• Vercel Inc. for website hosting and web analytics
• TelemetryDeck GmbH for pseudonymous in-app analytics
• Apple for APNs, the App Store, EventKit, and optional iCloud/CloudKit features
• Supabase Inc. for database and backend infrastructure used by our notification features

12. Retention

• We keep website access data only as long as necessary for technical operation, security and troubleshooting.
• We use web analytics data in aggregated product and traffic reporting.
• Content stored locally in the app remains on your device until you delete it or remove the app.
• Notification subscriptions for individual journeys expire automatically after the trip or shortly afterwards.
• CloudKit/iCloud content remains stored until you remove the relevant shares, shared journeys, or change your iCloud setup.

13. International transfers

Some of our service providers are companies based outside the EU/EEA or may use subprocessors in third countries. Where personal data is transferred to third countries, this is done on the basis of appropriate safeguards, in particular adequacy decisions, the EU-US Data Privacy Framework and/or Standard Contractual Clauses.

14. Your rights

Subject to the legal requirements, you have the following rights in particular:

• access to your stored personal data
• rectification of inaccurate data
• erasure or restriction of processing
• objection to processing based on legitimate interests
• data portability
• withdrawal of consent with future effect
• the right to lodge a complaint with a supervisory authority

To exercise your rights, simply contact patrick@railwise.eu.

15. Changes

We update this privacy policy when our products, data processing activities or legal requirements change.