Privacy Policy — Train Badger

Effective date: 30 May 2026

1. Who we are

Train Badger is a UK train departure app. The data controller is Swipe Stack Ltd (registered in England & Wales, company no. 07954706), with its registered office at The Knoll Business Centre, Unit W8A, 325-327 Old Shoreham Road, Hove, BN3 7GS, United Kingdom. You can contact us about your data at [email protected].

2. Data we collect

Data	Purpose	Storage
Email address	Account authentication	Server database
Password	Account authentication	Stored as bcrypt hash only — plaintext never retained
Auth tokens	Session management	Stored as SHA-256 hash — plaintext held only on your device
APNs device token	Push notifications for train status changes	Server database, linked to your account
Pinned service IDs, origin/destination station codes	Service monitoring and push notifications	Server database
Journey history (route, scheduled/actual times, operator, delay minutes, cancellation reason)	Calculating Delay Repay eligibility and surfacing eligible claims	Server database — automatically deleted after 28 days
Season ticket details (route, price, duration type, expiry date)	Estimating Delay Repay compensation amounts and sending renewal reminders	Server database — retained while your account is active
Saved fare prices (route, peak and off-peak ticket price)	Estimating Delay Repay compensation amounts for single and return fares	Server database — retained while your account is active
Saved train preferences (route, scheduled time, operator, days of week)	Automatically monitoring your regular trains and sending delay notifications	Server database — retained while your account is active
Saved/favourite routes (origin and destination stations, optional operator filter)	Showing and ordering the routes you check regularly	Server database — retained while your account is active
Approximate location (on-device only)	Detecting when you are near your station to auto-track commute trains (Pro, opt-in)	On-device only — never sent to server
Motion activity data (on-device only)	Detecting when you board a train to improve automatic commute tracking accuracy (Pro, opt-in)	On-device only — never sent to server
Contributed detection data (station code, day of week, time slot, motion state, on-device prediction scores, and the outcome of each detection — no GPS coordinates)	Improving the accuracy of the shared auto-detection model. Strictly opt-in via the “Help Improve Detection” setting, which is off by default.	Server database — only if you opt in. Deleted immediately when you turn the setting off, or when you delete your account.
Support messages (your name, email address and the message you send)	Responding to enquiries you submit through the support/contact form	Server database — automatically deleted after 90 days
Beta waitlist email (and optional name)	Sending you a TestFlight beta invitation and related beta updates. Submitted via the website with your explicit consent and confirmed by a double opt-in email.	Server database — kept until the beta ends or you unsubscribe; unconfirmed signups are deleted after 7 days. Unsubscribe via the link in any email.

We do not collect analytics, advertising identifiers, or cookies. Location and motion are processed on-device, and raw GPS coordinates are never sent to our server. If you choose to turn on “Help Improve Detection” (off by default), anonymised detection events — station codes, times, motion states, prediction scores and outcomes, but never coordinates — are sent to help improve the model. You can withdraw at any time by turning the setting off, which deletes the contributed data from our server.

3. How we use your data

Authentication and session management
Delivering push notifications about train status changes you've opted into (pinned services)
Querying National Rail departure data on your behalf
Calculating Delay Repay eligibility for journeys you have tracked
Estimating Delay Repay compensation based on your season ticket details
Sending season ticket renewal reminders (if enabled)
Automatically monitoring your saved trains and sending delay or cancellation notifications
Detecting when you are near your regular station (on-device) to automatically track your commute train for delay notifications
Detecting when you board a train (on-device) using motion data to improve automatic commute tracking accuracy
If you opt in to “Help Improve Detection”: improving the shared auto-detection model using anonymised detection events (no GPS coordinates). This is off by default and can be withdrawn at any time, which deletes the contributed data from our server.

Lawful basis (UK GDPR Article 6)

Contract — processing necessary to provide the service you asked for: account creation and authentication, querying departures, monitoring your pinned and saved trains, and Delay Repay calculations.
Consent — push notifications, location- and motion-based commute auto-tracking, the opt-in “Help Improve Detection” contribution, and the beta waitlist. You can withdraw any of these at any time (in the app, or via the unsubscribe link for the beta waitlist); withdrawing detection contribution or the waitlist deletes the corresponding data from our server.
Legitimate interests — protecting the service from abuse (e.g. Cloudflare Turnstile bot-protection on the support form), balanced against your rights and freedoms.

4. Third parties

Third Party	Data Shared	Purpose
National Rail Darwin	Station codes, service IDs (no user-identifying data)	Train departure and service data
Apple Push Notification service (APNs)	Device token, notification content	Delivering push notifications to your device
Resend	Email address	Sending account emails: password resets, email verification, one-time sign-in codes, and beta confirmations
Cloudflare Turnstile	IP address, browser challenge token	Bot protection on the support contact form

No data is sold, shared for advertising, or transferred to any other third parties.

International transfers. Apple (APNs), Cloudflare and Resend may process limited data — such as a device push token, an IP address or your email address — on servers outside the UK. Where this happens, the transfer is protected by UK adequacy regulations or standard contractual clauses (the UK International Data Transfer Agreement). National Rail Darwin processing takes place within the UK.

5. Data retention

Account data retained while your account is active
Pinned services automatically deleted after 8 hours
Journey history automatically deleted after 28 days (aligned with the standard Delay Repay claim window)
Support messages automatically deleted after 90 days
Auth tokens expire after 30 days
You can delete your account at any time (see section 7), which immediately and permanently removes all your data

6. Data security

All connections encrypted via TLS (HTTPS)
Passwords hashed with bcrypt
Auth tokens hashed with SHA-256
Database stored on a secured server with firewall restrictions

7. Your rights (UK GDPR)

Under UK GDPR, you have the right to:

Access — request a copy of your personal data
Rectification — correct inaccurate data
Erasure — delete your account and all associated data (available in-app under Settings, or by contacting us)
Data portability — receive your data in a structured format
Objection — object to processing of your data
Complaint — lodge a complaint with the ICO (ico.org.uk)

To exercise any of these rights, contact [email protected].

8. Children

Train Badger is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact [email protected] and we will delete it.

9. Changes to this policy

We may update this policy. The effective date at the top will be updated accordingly.