Privacy Policy
Effective date: May 1, 2026 · Last updated: May 26, 2026
BusUndo ("we", "us", or "our") operates the website busundo.in and related services. This Privacy Policy explains how we collect, use, and protect your information when you use our service.
1. Information We Collect
Information you provide
- Bus route data you voluntarily submit (bus name, registration number, stops, timings, fare charts).
- Your Google account name and email address when you sign in to contribute.
- Photos you upload (bus front images, fare chart images) for AI-powered data extraction.
Information collected automatically
- IP address — for rate limiting and abuse prevention only.
- Basic analytics (page views) — no personal identifiers are tracked.
Information we do NOT collect
- No location tracking or GPS data.
- No cookies for advertising or behavioral tracking.
- No financial or payment information.
- No data sold to third parties.
2. How We Use Your Information
- To build and maintain a public bus route database for Kerala.
- To display contributed route data publicly on the website and map.
- To process uploaded photos using AI for data extraction (photos are not stored permanently).
- To authenticate contributors via Google OAuth.
- To prevent abuse and enforce rate limits.
3. Third-Party Services
We use the following third-party services:
Google OAuth 2.0 — for secure sign-in. We receive your name and email only.
Google Gemini — for extracting bus data from uploaded photos. Images are processed and not retained by Google beyond the API call.
OpenStreetMap — for map tiles. No personal data is sent to OSM.
Cloudflare — for CDN, DDoS protection, and bot mitigation.
4. Data Retention & Deletion
Bus route contributions are retained indefinitely as part of the public database. You may request deletion of your account and associated personal data (name, email) at any time by contacting us. Contributed route data may remain in the public database in anonymized form after account deletion.
5. Data Security
We implement industry-standard security measures to protect your data, including HTTPS encryption, secure authentication tokens, and access controls. However, no method of transmission over the Internet is 100% secure.
6. Children's Privacy
Our service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us.
7. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of any material changes by updating the "Last updated" date at the top of this page.
8. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: