Last updated: 14 July 2026
Motocamp EU is a trip-planning and mapping app for motorcyclists, vans and overlanders in Europe and the UK. This policy explains what personal data we process, why, on what lawful basis, how long we keep it, who else it reaches, and the rights you have over it.
It is written to meet the EU General Data Protection Regulation (GDPR) and the UK GDPR. Where those laws use the word controller — the party that decides why and how your data is processed — that party is us.
Motocamp EU, operator of motocamp.eu. For any privacy question, or to exercise any of the rights below, contact privacy@motocamp.eu. We answer data-subject requests within one month, as the GDPR requires. Our full legal and postal details are available on request from the same address.
The app is account-gated and paid, so — unlike a purely local map — we do process personal data. Specifically:
| Data | Why | Lawful basis |
|---|---|---|
| Account — username, hashed password, account status, recovery code hash, sign-in timestamps | To create your account, sign you in, gate the app, and let you recover access. Sign-in uses a username, not an email address. | Contract (Art. 6(1)(b)) — we cannot give you the service you signed up for without it. |
| Subscription — subscription state, plan, trial and renewal dates, and the customer/subscription identifiers Stripe gives us | To take payment and to know whether your access is active. | Contract (Art. 6(1)(b)); and legal obligation (Art. 6(1)(c)) for tax and accounting records. |
| Payment card details | Handled entirely by Stripe on Stripe's own pages. We never see, receive or store your card number. | Contract (Art. 6(1)(b)), processed by Stripe as its own controller for payment and fraud purposes. |
| Saved routes — the start, end and waypoints of routes you choose to save to your account | So your routes follow you between devices. | Contract (Art. 6(1)(b)). Routes you don't save never leave your device. |
| Server and security logs — IP address, timestamp, request path, user agent, held by our hosting provider | To keep the service up, to block abuse, and to investigate incidents. | Legitimate interests (Art. 6(1)(f)) — securing and operating the service. You may object; see your rights below. |
We do not run analytics, advertising, or tracking of any kind. There is no Google Analytics, no Meta pixel, no ad network, and no profiling. We do not sell or share your data with anyone for marketing.
The app requests your device's GPS location to centre the map, show speed, heading, altitude and lean angle on the ride dashboard, measure distance to campsites and services, and run compass navigation. It may also read motion sensors (accelerometer, gyroscope, compass) for the dashboard.
Your location and sensor data are processed on your device and are never sent to our servers or stored by us. The app works without them: you can deny the permission and use the map by hand.
One consequence worth stating plainly: when a map tile, a weather forecast, a search result or a route is fetched, the request necessarily tells that third-party service roughly where on the map you are looking. That is inherent to an online map. Download an offline area in advance and the map works with no requests at all.
The app stores the following locally, using browser storage (localStorage, IndexedDB, Cache API):
You can erase all of it at any time by clearing this site's data in your browser or device settings.
These are the services the app and its backend actually use. Each of them may see your IP address, and — for the mapping services — the coordinates or search terms you request.
| Service | What it does | What it sees |
|---|---|---|
| Supabase — privacy | Account authentication and database (our processor) | Your username, hashed password, subscription state, saved routes |
| Stripe — privacy | Subscription payments and billing portal | Your card and billing details, which it holds as its own controller. We receive only the identifiers and subscription status. |
| Cloudflare — privacy | Hosting, CDN and backend functions (our processor) | IP address and request logs |
| Stadia Maps — privacy | Map tiles | IP address, the tiles you request |
| OpenStreetMap / Overpass API — privacy | The underlying map data, and the live POI layers (fuel, water, huts, and the rest) | IP address, the map area you are querying |
| Open-Meteo — terms | Weather forecasts and elevation | IP address, the coordinates you ask about |
| RainViewer — privacy | Live rain-radar tiles | IP address, the tiles you request |
| Photon / Nominatim — privacy | Place search (geocoding) | IP address, what you type into the search box |
| BRouter / OSRM | Route calculation | IP address, the start, end and waypoints of a route you plan |
We have no control over how these providers handle data. Where one acts as our processor (Supabase, Cloudflare) it is bound by a data-processing agreement and may only act on our instructions. Where a provider stores data outside the EEA or the UK, that transfer is made under an approved transfer mechanism such as the Standard Contractual Clauses or the UK Addendum.
Under the GDPR and UK GDPR you have the right to:
To exercise any of these, email privacy@motocamp.eu from the account you want to act on, or include enough detail for us to identify it. We will respond within one month and will not charge you for it.
You also have the right to complain to a supervisory authority — in the EU, the data-protection authority of the country you live or work in; in the UK, the Information Commissioner's Office. We would rather you came to us first, but that right is yours regardless.
Traffic to the app is encrypted in transit (HTTPS). Passwords are stored only as hashes — we cannot read yours. Access to the production database is restricted to the operator. If a breach ever puts your rights at risk, we will notify the supervisory authority within 72 hours and tell you directly where the law requires it.
We use no cookies for analytics, advertising or tracking. The only data kept in your browser is what the app needs to work — the items listed under "Data Stored on Your Device" — which is why the app does not ask for cookie consent.
We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.
The app is not directed at children and we do not knowingly process data from anyone under 16.
We may update this policy. The "last updated" date at the top will change, and we will tell you in the app if the change is material.
Questions, requests or complaints: privacy@motocamp.eu