Privacy Policy
Last updated: March 14, 2026
Who we are
Adventure Buddy Beacon (“ABB”) is a service operated by Chockalife LLC (“we”, “us”, “our”). ABB provides a tool to share adventure details and automated check-ins with a trusted contact.
Data we collect
- Account data: name, email, and login credentials (password is stored as a secure hash).
- Profile data: phone number (E.164 format) and emergency contact details, provided solely for safety notifications.
- Adventure details: activity type, location, times.
- Technical data: IP address, truncated browser and platform identifiers, and basic security logs.
Emergency contacts
Users may choose to provide contact details for one or more emergency contacts. These contacts receive an invitation explaining that they may receive safety notifications if a user becomes overdue. Emergency contacts must accept the invitation before receiving alerts. SMS notifications require phone verification before activation.
Emergency contacts may receive time-sensitive safety alerts by SMS and/or email. These messages are limited to safety-related notifications and are not marketing communications.
Emergency contacts do not need to create an account with Adventure Buddy Beacon. Their contact information is processed solely for emergency safety alerts and is never used for marketing or unrelated purposes.
Emergency contact information is retained only for as long as necessary to support safety alerts and related audit requirements.
Why we process your data
- Service delivery: run alerts, routing, login.
- Security: protect accounts.
- Legal compliance: GDPR.
Automated safety notifications
Adventure Buddy Beacon, a service operated by Chockalife LLC, uses automated systems to send time-sensitive safety notifications by SMS and email when a user does not check in from an adventure as expected.
Legal basis (GDPR)
- Contract: to provide the Adventure Buddy Beacon service to users.
- Legitimate interests: to process emergency contact details for safety notifications when a user may be at risk.
- Consent: where required for specific features or communications.
Sharing your data
We share personal data only in the following limited circumstances:
- Emergency contacts you designate. Adventure details (such as planned return time and route) are shared with the specific contacts you add to your account, solely to enable them to act if your adventure becomes overdue. You control who is added and can remove contacts at any time.
- Named subcontractors operating the service. We share the minimum data necessary with the third-party processors listed in the table below (Supabase, Twilio, Resend, Stripe, PostHog, Sentry), solely to deliver the service. These processors act on our instructions only and are contractually prohibited from using your data for any other purpose.
- Legal requirements. We may disclose data if required by applicable law, regulation, or a valid legal process, and only to the extent required.
We do not sell personal information. No data is shared with third parties for marketing, advertising, or any purpose other than delivering the service to you. Phone numbers collected for SMS notifications are shared only with Twilio, our SMS delivery subcontractor, solely to transmit safety alerts you have configured. Twilio does not use this data for its own marketing or any purpose beyond message delivery.
Third-party service providers
We share personal data only with the providers below, solely to operate the service. All processors are contractually prohibited from using your data for their own purposes.
| Provider | Purpose | Data shared | Location |
|---|---|---|---|
| Supabase | Database, authentication, edge functions | Account data, adventure details, contact details | EU (Sweden) |
| Twilio | SMS delivery | Phone numbers (users and emergency contacts), message content | United States, with international routing as required for message delivery |
| Resend | Email delivery | Email addresses (users and emergency contacts), message content | United States |
| Stripe | Payment processing | Billing information (handled directly by Stripe; ABB does not store card data) | US / EU |
| PostHog | Product analytics | Anonymous usage events (only with your consent — no adventure data) | EU |
| Sentry | Error tracking | JavaScript errors, stack traces, browser version, page URL at time of error. No form data or passwords are captured. Legal basis: legitimate interests. | EU (Germany) |
Data retention
We retain your data only for as long as your account is active and for a short period afterward as required to complete deletion processing. When your account is deleted, we permanently remove your profile, adventures, emergency contacts, routing preferences, and login credentials. Deletion requests are processed nightly; there may be a delay of up to 24 hours.
Certain non-personal operational records (such as anonymised system logs) may be retained for a limited period for security and reliability purposes.
Your rights
- Access and correction
- Right to erasure (deletion) — You may request permanent deletion of your account and all associated personal data at any time through your profile page. Before submitting a request, any active adventures must be ended. Free accounts are queued for deletion immediately. Pro accounts may defer deletion to the end of their current billing period or proceed immediately; in either case, deletion is completed within 24 hours of the scheduled processing time. Once deletion is complete, your data cannot be recovered. To submit a deletion request, visit your profile page in the app. If you require assistance, contact us at support@adventurebuddybeacon.com.
- Portability
- Withdraw consent
- Complain to your authority
For SMS messages, recipients can reply STOP to unsubscribe at any time and HELP for assistance. Message frequency varies. Message and data rates may apply. For email alerts, recipients may use the unsubscribe mechanism included in the email or contact support@adventurebuddybeacon.com to request removal.
Security
We use technical and organizational measures designed to protect personal data against unauthorized access, loss, or misuse. Access to emergency contact details is strictly limited to systems required to deliver safety notifications and is governed by access controls and purpose limitation. For security, fraud prevention, and audit purposes, we log limited request metadata such as timestamps, IP addresses, and truncated browser and platform identifiers. This information is not used for tracking, profiling, or marketing.
International transfers
Handled with appropriate safeguards (e.g., SCCs).
Contact
Email us at support@adventurebuddybeacon.com.