Privacy Policy

Effective June 3, 2026

Campatible is a notification service that watches campsite reservation systems on your behalf and alerts you when a spot opens up. We collect the minimum information needed to do that, we do not sell your data, and we use a small number of trusted vendors to deliver your alerts. This page explains the details.

Information we collect

When you create an account, we collect:

  • Email address — used to sign you in and send email alerts.
  • Password — stored only as a one-way bcrypt hash. We never see or store your actual password.
  • Phone number (E.164 format) — used to verify your account at signup and to send SMS alerts you opt in to. You can remove or change your phone number at any time from your account settings.

When you use the service, we also collect:

  • Watches you create — the facility, date range, and delivery channel for each alert you set up.
  • Search inputs — when you search by location, your query and the map area you are viewing are sent to our server to return results. Search inputs are not tied to your account or retained as a profile.
  • Operational logs — basic server logs (IP address, request path, timestamp) used to debug issues and rate-limit abuse. Logs are retained for up to 30 days.
  • Billing information — if you subscribe to a paid plan, our payments processor (Stripe) collects and stores your payment details. We never receive or store your full card number; we keep only a Stripe customer reference, your plan, and your subscription status so we can give you paid features and manage your subscription.

How we use your information

  • To run your watches and deliver alerts by email and SMS when matching availability appears.
  • To verify your phone number with a one-time code when you sign up or change it.
  • To keep you signed in via a server-side session cookie (see our Cookie Notice).
  • To investigate abuse, debug problems, and improve reliability of the service.
  • To process subscription payments and give you access to paid features, through our payments processor (Stripe), if you subscribe to a paid plan.

We do not sell your information. We do not share it with advertisers. We do not build advertising or marketing profiles.

Service providers we use

We use a small number of vendors (“subprocessors”) to operate the service:

  • Resend — delivers transactional and alert emails. Receives your email address and the alert content.
  • Twilio — delivers verification codes and SMS alerts. Receives your phone number and the alert content.
  • Stripe — processes subscription payments. Receives your payment details and email address and handles your card data on its own PCI-compliant systems. We do not receive or store your full card number.
  • Cloud hosting — runs our application servers and database, encrypted at rest and in transit.

These vendors are contractually limited to processing your data only for the purposes above. We do not authorize them to use your data for their own marketing.

Data retention

We retain your account information for as long as your account is active. We delete accounts (and the watches, alert history, and phone number associated with them) after either (a) you request deletion, or (b) 18 months of inactivity, whichever comes first. Operational logs roll off after 30 days. If you have made a payment, we and Stripe may keep a limited record of the transaction for as long as tax and accounting law requires, even after your account is deleted.

Your rights

You can, at any time:

  • Sign in and update your email, phone number, or password.
  • Pause or delete any watch from your alerts page.
  • Reply STOP to any SMS to unsubscribe from SMS alerts immediately.
  • Delete your account, which removes your data from our active systems within 30 days.

California residents have additional rights under the CCPA, including the right to know what personal information we hold about you, the right to request deletion, and the right to opt out of the “sale” of personal information. Because we do not sell personal information, the opt-out right does not apply in practice, but the access and deletion rights do. To exercise these rights, email privacy@campatible.app from the address on your account, or use the Delete Account button in your account settings.

Children

Campatible is not directed at children under 13, and we do not knowingly collect information from them. If you believe a child has provided us information, email privacy@campatible.app and we will delete it.

Cookies

We use a single first-party session cookie to keep you signed in. We do not use third-party tracking cookies or marketing pixels. See the Cookie Notice for details.

Changes to this policy

If we make a material change to this policy, we will update the effective date at the top of this page and, where appropriate, notify you by email. Continued use of Campatible after a change means you accept the updated policy.

Contact

Questions about this policy or our practices? Email privacy@campatible.app.