Privacy Policy — Jurni

Last Updated: March 27, 2026

The short version: Your trip content is end-to-end encrypted — we cannot read the details of your plans, expenses, or documents. We can see that you have trips and who you share them with (metadata needed for the service to function). Sensitive information like passport numbers never leaves your device.

1. Introduction

Borrowed Fire LLC ("we," "us," or "our") built Jurni ("the App") with privacy as a core principle. This Privacy Policy explains how the App handles your information.

2. How Your Data Is Protected

2.1 End-to-End Encryption

All trip content — activities, expenses, documents, polls, and photos — is end-to-end encrypted (E2EE) on your device before being transmitted to our servers. This means:

Your trip content is encrypted with keys that only you and your trip members hold
We cannot read, access, or decrypt your trip content — even if compelled
Encryption uses industry-standard AES-256-GCM with P-256 ECDH key agreement

2.2 What We Can See (Metadata)

To provide the service, certain metadata is stored unencrypted on our servers:

Your account identifier and display name
Trip identifiers and timestamps (created, modified)
Trip membership (who is in which trip)
Invite status (pending, accepted, expired)

This metadata is necessary for trip sharing, sync, and access control to function.

2.3 What Never Leaves Your Device

The following sensitive information is stored only on your device and is never transmitted to any server:

Passport numbers and country codes
Known Traveler Numbers (KTN)
Global Entry numbers

3. Information We Collect

3.1 Sign in with Apple

Jurni uses Sign in with Apple for authentication. When you sign in, Apple provides:

User identifier: A unique, anonymous ID specific to our app
Display name: Your name, if you choose to share it (you can choose to hide it)
Email address: Your email or an Apple-generated relay address (you choose)

Your display name and email are stored locally on your device and in your encrypted profile on our server. Your authentication credentials are managed by Apple.

3.2 Trip Data

All trip data you create in Jurni is:

Stored locally on your device in plaintext (for offline access, widgets, Siri, and Spotlight)
Encrypted on your device, then synced to our servers for cross-device sync and sharing

Trip data includes: trip details, activities, documents, QR codes, expenses, polls, and location coordinates you enter.

3.3 iCloud Sync

Your trip data also syncs across your devices via Apple's CloudKit service. This sync is governed by Apple's Privacy Policy.

3.4 Shared Trips

When you share a trip with others:

Trip data is end-to-end encrypted — only invited members can decrypt it
You share access by sending an invite link; the encryption key is embedded in the link
Only people you explicitly invite can access the shared trip
You can revoke access at any time

4. Information We Do NOT Collect

We do not collect, store, or transmit:

Device identifiers or advertising IDs
Personal data tied to analytics (see Section 6.4 for anonymous usage signals)
Browsing history
Crash reports (unless you opt in via Apple's built-in crash reporting)
Location data beyond what you explicitly enter into trips

5. Device Permissions

Jurni may request the following device permissions:

Camera: To scan QR codes and documents using your device camera. Images are processed on-device only.
Photo Library: To import trip cover photos and document images you select. We only access photos you explicitly choose.
Notifications: To send local reminders for poll deadlines. All notifications are scheduled locally on your device — no push notification servers are involved.

You can revoke any permission at any time through your device's Settings app. The App will continue to function with reduced functionality.

6. Third-Party Services

6.1 Supabase (Data Sync)

Jurni uses Supabase for authentication, data sync, and trip sharing. Supabase infrastructure is hosted on Amazon Web Services (AWS). All trip content stored on Supabase is end-to-end encrypted — Supabase and AWS can see only encrypted data and metadata. See Supabase's Privacy Policy.

6.2 Apple iCloud / CloudKit

Trip data also syncs through Apple's CloudKit. This is governed by Apple's Privacy Policy.

6.3 Sign in with Apple

Authentication is handled by Apple. See Apple's Sign in with Apple documentation for details on how Apple handles your credentials.

6.4 TelemetryDeck (Anonymous Analytics)

Jurni uses TelemetryDeck to collect anonymous usage signals — such as which features are used, app version, and device type. This data is not linked to your identity, cannot be used to identify you, and contains no personal information. No advertising IDs, no IP addresses, and no cross-app tracking. See TelemetryDeck's Privacy Policy.

7. Data Security

Your data is protected by multiple layers:

End-to-end encryption: Trip content is encrypted with AES-256-GCM before leaving your device
Key management: Your encryption private key is stored in Apple's Keychain, synced via iCloud Keychain, and never sent to our servers
Transport security: All network communication uses TLS 1.2+
On-device storage: Local data is protected by your device's passcode and hardware encryption
Row-level security: Server-side access control ensures you can only access trips you are a member of

8. Data Retention and Deletion

8.1 Account Deletion

You can delete your account at any time from Settings within the App. This permanently removes:

Your profile and all authentication data from our servers
All trips you own and their associated data from our servers
Your membership in shared trips
Your encryption keys from your device's Keychain
All local data from your device

8.2 Trip Data

Deleting the App removes all local trip data. To remove synced data, use the in-app account deletion feature. To remove iCloud data, disable Jurni in Settings > [Your Name] > iCloud.

9. Children's Privacy

Jurni is not directed at children under 13. We do not knowingly collect information from children. Since the App requires Sign in with Apple, Apple's own age restrictions apply.

10. International Users

Your encrypted data is stored on servers in the United States (AWS). Because trip content is end-to-end encrypted, the data stored on our servers is not readable by us or our infrastructure providers. Metadata (account information, trip membership) is subject to US data protection laws.

11. Your Rights

Regardless of where you live, you have the right to:

Access: All your data is visible within the App
Delete: Use the in-app account deletion feature
Portability: Your data is stored locally on your device and in your iCloud account
Revoke sharing: Remove participants from shared trips at any time

Because your trip content is end-to-end encrypted, we cannot access it to provide copies or make corrections — you control your data directly through the App.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last Updated" date above. Continued use of the App after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Borrowed Fire LLC

Email: admin@borrowedfire.com

Website: https://ourjurni.com

By using Jurni, you acknowledge that you have read and understood this Privacy Policy.