Privacy Policy

Your Privacy, Our Promise

Last updated: November 10, 2025

1. Who We Are

This Privacy Policy explains how JNSQ Labs LLC dba WunderGuide ("JNSQ", "we", "our") collects, uses, and protects your information when you use the WunderGuide mobile and web apps (the "Service").

2. Information We Collect

• Account Details. Email address, hashed password, and optionally your name and profile preferences.
• Voice Input. Microphone audio you choose to share. Audio is sent to third-party speech-to-text/LLM providers (e.g., OpenAI, Google) to transcribe and understand your request. We may store the resulting text transcript in your account to provide history and context.
• Location Data. If you grant permission, approximate or precise location to deliver hyper-local recommendations and content. You can disable location anytime in your device settings (see Section 9).
• Purchases & Billing Metadata (IAP). If you buy passes/credits, Apple App Store or Google Play processes payment. To validate entitlements we receive receipt/transaction metadata only (e.g., transaction/token ID, product ID/SKU, price, currency, purchase/renewal/refund status, country/region, timestamp) directly from Apple/Google and/or via our entitlements provider (e.g., RevenueCat). We do not receive or store your full card/bank information.
• Usage, Device & Diagnostics. Events and limited device data (e.g., OS version, app version, language, coarse location, crash logs) via analytics/crash tools (e.g., Firebase). Where possible, we pseudonymize or aggregate.
• Support Communications. Messages and attachments you send us (e.g., receipts) to resolve issues.

3. How We Use Your Information

• Provide core features (voice guidance, recommendations, translations, itinerary help).
• Validate in-app purchases and manage your entitlements/quotas.
• Improve reliability, safety, and performance; prevent abuse and fraud.
• Communicate about updates, changes to terms, and important notices.
• Comply with legal, tax, and accounting obligations.

4. Third-Party Services

We integrate with providers to deliver the Service, including (illustrative): Foursquare/Google (places/maps), NOAA (weather), OpenAI/Google (voice & AI), Apple/Google (app stores), and an entitlements/receipt-validation provider such as RevenueCat. These providers receive only the data necessary to perform their function under confidentiality and data-protection commitments.

5. In-App Purchases & Payments (Apple & Google)

• Processing. Payments are handled by Apple (App Store) or Google (Google Play/Google Pay). Your card/bank data never touches our servers.
• What we receive. Receipt/transaction metadata noted in Section 2 (no full card numbers). Entitlements may be managed through RevenueCat, which processes the minimum data needed to verify your purchase and apply quotas/passes.
• Refunds. Store-level refunds are administered by Apple/Google per their policies. We may receive refund status to adjust your entitlements.
• Retention. We retain purchase and receipt-validation records for up to 7 years (or longer if required by law) for tax/audit, fraud prevention, and support.

6. Data Sharing

We do not sell your personal information. We share data with:

• Service Providers. Cloud hosting, analytics, crash reporting, and entitlements/receipt validation providers (e.g., RevenueCat) acting on our behalf.
• Legal & Safety. If required by law or to protect rights, users, or the Service.
• Aggregates. We may publish aggregated, de-identified stats (e.g., usage trends).

6.1 Subprocessors (Service Providers)

We may engage vetted subprocessors to support the Service (e.g., hosting, analytics, customer support, entitlements infrastructure such as RevenueCat). Each subprocessor is bound by confidentiality and data-protection obligations and only processes data as instructed by us for the purposes described in this Policy.

• Current list. We maintain a living list at /legal/subprocessors (or available on request at info@jnsqlabs.com), including category, purpose, and location.
• Changes. We may update subprocessors over time. For material changes, we will provide notice in-app and/or via email at least 30 days before the change becomes effective where legally required.
• International transfers. Where data is transferred internationally, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) as described in Section 11.
• Role. For privacy laws (e.g., GDPR), JNSQ is the controller of end-user data; our subprocessors act as processors/service providers.

7. Retention

• Account data. Kept until you delete your account or after prolonged inactivity (typically 24 months), unless required longer by law.
• Voice audio. Raw audio is deleted within 30 days after processing; transcripts may persist in your history until deleted by you or your account is removed.
• Purchase records. Up to 7 years (see Section 5).
• Analytics/crash logs. Typical vendor windows are 12–24 months.

8. Security

Transport encryption (TLS), encryption or hashing of sensitive data at rest, least-privilege access, and monitoring. While no system is perfectly secure, we continually improve safeguards.

9. Your Rights & Choices

• Permissions. You can disable Location or Microphone anytime:
  • iOS: Settings > Privacy & Security > Location Services / Microphone > WunderGuide
  • Android: Settings > Location / Privacy > App permissions > WunderGuide
• Access, export, deletion. In-app tools are rolling out. Until then, email info@jnsqlabs.com to request access/export/deletion.
• Analytics opt-out. You can request reduced analytics tracking; we’ll honor platform-level opt-out signals where supported.

10. Children’s Privacy

The Service is not directed to children under 13 (or the age of digital consent in your region). We do not knowingly collect data from such users. If you believe a child has provided information, contact us to delete it.

11. International Users

Data is processed in the United States and may be transferred to providers in other countries. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers.

12. Additional Disclosures for Certain Regions

• GDPR (EEA/UK). Legal bases include: performance of a contract (account & purchases), consent (microphone/location), legitimate interests (security, analytics), and legal obligation (records). Data Processing Addendum (DPA) available upon request.
• CCPA/CPRA (California). We do not “sell” or “share” personal information for cross-context behavioral advertising. Our vendors act as “service providers.” You may request access/deletion and limit sensitive data use via info@jnsqlabs.com.

13. Changes to This Policy

We may update this policy from time to time. Updates take effect when posted in-app or on our site. If changes are material, we will provide a prominent notice.

14. Contact Us

JNSQ Labs LLC
Mānoa Innovation Center
2800 Woodlawn Drive, Suite 101
Honolulu, HI 96822
USA
Email: info@jnsqlabs.com