Privacy Policy

1. Data controller

The data controller is Lorenzo Saraniti, a natural person and owner of the Trouvenir service. For any privacy matter and to exercise your rights, you can write to privacy@trouvenir.it.

No Data Protection Officer (DPO) has been appointed, as there is no obligation to do so under Art. 37 of the GDPR.

2. What data we process

Depending on how you use Trouvenir (iOS/Android app and website), we process the following categories of data:

• Account data: email and name (if you sign up with email, Apple ID or Google); in anonymous mode, a guest session identifier.
• AI scanner images: the photos you upload for analysis. They are forwarded to the AI provider solely to produce the analysis and are not stored on our servers.
• Usage and product data: usage events, screens visited and — only with your consent — session recordings (session replay) with text inputs masked.
• Your journey data: favourites, saved souvenirs, explored cities, paths read, personality quiz results, progress in itineraries and in the Cultural Diary (completed missions, souvenirs and cultural tags discovered).
• Technical and connection data: IP address and device identifiers, processed in particular for security, abuse prevention and rate limiting (for example on the web scanner).
• Diagnostic data: crash reports and technical information about the device (only with your consent).
• Purchase data: Premium subscription status (payments are handled by Apple/Google; we do not process card data).
• Push notifications: device token, if you enable notifications.

We do not collect the device's GPS location: the store finder uses city-centre coordinates, not your exact position. The app does not request geolocation permissions.

3. Purposes and legal bases

We process data for the following purposes and on the related legal bases (Art. 6 GDPR):

• Providing the service and managing your account — performance of a contract (Art. 6.1.b) or legitimate interest for the anonymous session (Art. 6.1.f).
• AI scanner feature — explicit consent (Art. 6.1.a), collected through a dedicated modal before first use.
• Product analytics and session replay — consent (Art. 6.1.a).
• Content personalisation based on your traveller profile — consent (Art. 6.1.a).
• Crash diagnostics — consent (Art. 6.1.a).
• Marketing and campaign measurement (website only) — consent (Art. 6.1.a).
• Security, fraud prevention and legal compliance — legitimate interest and legal obligations (Art. 6.1.f and 6.1.c).

We do not carry out automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you (Art. 22 GDPR). Content personalisation, based on your traveller profile and enabled only with consent, is solely intended to suggest more relevant souvenirs, cities and paths.

4. AI scanner and images

When you use the Scan feature, the image is sent to a third-party artificial intelligence model (Microsoft Azure OpenAI) through our backend services, solely to produce the cultural analysis. Images are not stored on our servers nor used to train models. Results are AI-generated, purely informational and may contain errors.

Please do not photograph people, minors, documents, licence plates or other personal data: frame only the object to be analysed.

5. Providers and data processors

We use third-party providers that process data on our behalf as data processors (Art. 28 GDPR), or as independent controllers for the platforms' payment/identity services. The main ones are:

• Supabase — database hosting, authentication, storage and Edge Functions. Data: accounts, content, scan history.
• Microsoft Azure OpenAI — analysis of scanner images and AI generation of editorial text/images. Data: uploaded images (transient, not retained) and text.
• Google (Gemini, Google Search and Google Maps) — store discovery and automated authenticity assessment. Data: mainly publicly available business information.
• PostHog (EU cloud) — product analytics and session replay, with text inputs masked. Data: usage events, email and name as user properties.
• Google Firebase (Crashlytics and Cloud Messaging) — crash diagnostics and push notification delivery on Android. Data: crash logs, device token.
• Apple (Sign in with Apple, APNs, App Store/StoreKit) — authentication, notifications and payments on iOS.
• Google (Google sign-in, Google Play Billing) — authentication and payments on Android.
• Google Analytics 4 and Meta Pixel — website-only statistics and marketing measurement, enabled solely with consent.
• Google AdSense — the site is linked to AdSense (site ownership verification), but advertising is not yet active. If and when it is activated, ads will be served only with consent, managed through Google Consent Mode v2; for users in the European Economic Area we will adopt a Google-certified consent management platform (CMP) before serving any ad.
• Vercel — website hosting and delivery.
• Cloudflare (Turnstile) — anti-bot protection of the web scan feature.
• Resend — sending email communications and the contact pipeline to artisan shops (B2B).

A data processing agreement (DPA) is in place (or being signed) with each processor. An up-to-date list of providers is available on request at privacy@trouvenir.it.

6. Transfers outside the EU

Some providers (for example Microsoft, Google, Vercel, Cloudflare, Resend) may process data outside the European Economic Area. In such cases, transfers take place on the basis of adequacy decisions, the EU-US Data Privacy Framework where applicable, or Standard Contractual Clauses (SCCs) approved by the European Commission, with supplementary measures where necessary.

7. Retention periods

We retain data only for as long as strictly necessary for the purposes described:

• Account and journey data: until the account is deleted.
• Scanner images: not retained (processed and discarded); only the textual outcome of the analysis is saved, deletable with the account.
• Analytics and diagnostic data: for the retention period configured at the respective providers.
• Data required for tax, accounting, security or anti-fraud obligations: for the periods set by law.

8. Your rights

As a data subject, you can exercise at any time the rights provided by Arts. 15-22 of the GDPR:

• Access to your data and its rectification.
• Erasure (right to be forgotten, Art. 17): available directly from Settings › Privacy in the app or from the account deletion page.
• Portability (Art. 20): you can export your data in JSON format from Settings › Privacy.
• Restriction of and objection to processing (Arts. 18 and 21).
• Withdrawal of consent at any time (Settings › Privacy), without affecting processing already carried out.

We respond to requests without undue delay and in any case within one month of receipt (Art. 12 GDPR), extendable up to two months for complex requests. You also have the right to lodge a complaint with the supervisory authority: in Italy, the Garante per la protezione dei dati personali (garanteprivacy.it).

9. Minors

The minimum age to create an account is 14. For users between 14 and 18, the consent of the holder of parental responsibility is required. We do not knowingly collect data from children under 14; if you believe this has happened, contact us and we will delete it.

10. Cookies and similar technologies

The website uses cookies and similar technologies described in detail in the Cookie Policy. Non-essential cookies (analytics and marketing) are enabled only with consent, which can be managed at any time from the banner and the "Cookie preferences" button in the footer.

11. Security

We adopt appropriate technical and organisational measures to protect data, including encryption in transit (TLS), Row Level Security on the database, and masking of text inputs in session recordings. However, no system is entirely secure: in the event of a data breach, we will act in accordance with Arts. 33-34 of the GDPR.

12. Changes to this policy

We may update this policy for technical, regulatory or service-evolution reasons. Changes take effect upon publication on this page; for material changes we will provide notice through the app or by email to registered users.

13. Business owners, artisans and shops (B2B contacts)

As part of our business development activity, we may identify and contact artisans, shops and producers to propose Trouvenir's services (showcase, promotion, merchant subscription). For this purpose we process contact data and business information (for example business and contact-person name, address, email, social/WhatsApp handles, authenticity rating) collected from publicly accessible sources, including via search tools such as Google and AI models (Gemini).

The legal basis is the legitimate interest in promoting the service to operators in the sector (Art. 6.1.f GDPR). If you are a contacted business, you can object at any time and request the update or deletion of your data by writing to privacy@trouvenir.it; contact messages always include a way to stop receiving further communications.

14. Contact

To exercise your rights or for any question about data processing, write to privacy@trouvenir.it. For general service requests: support@trouvenir.it.

15. Prevailing language

This English text is a translation provided for your convenience. In the event of any discrepancy or interpretation doubt, the Italian version of this Privacy Policy prevails.