PRIVACY POLICY

Last Updated: 15 October, 2025

This Privacy Policy describes how Zelleva (“we”, “us”, or “our”) collects, uses, and protects your personal information when you use our travel community application (the “App”). We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal information is:

2. Information We Collect

2.1 Information You Provide

When you register and use our App, we collect:

• Account Information: Name, email address, username, password, profile picture, date of birth
• Profile Information: Bio, travel preferences, interests, languages spoken
• Trip Planning Data: Destinations, travel dates, itineraries, accommodation preferences, budget information
• Communications: Messages, posts, comments, photos, and other content you share within the community
• Payment Information: Payment card details (processed securely through third-party payment processors)

2.2 Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: Pages viewed, features used, time spent on the App, interaction with other users
• Location Data: GPS coordinates, IP address-based location (with your consent)
• Cookies and Tracking: Cookies, web beacons, and similar technologies to enhance your experience

3. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications, location tracking)
• Contract Performance: Processing is necessary to fulfill our contract with you (providing the App services)
• Legal Obligations: Processing is necessary to comply with legal requirements
• Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your rights do not override these interests

4. How We Use Your Information

We use your personal information to:

• Provide, maintain, and improve our App services
• Facilitate travel planning and community connections between users
• Process transactions and send related information
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Personalize your experience and provide tailored content and recommendations
• Monitor and analyze trends, usage, and activities in connection with our App
• Detect, prevent, and address technical issues, fraud, and illegal activities
• Send marketing communications (with your consent, which can be withdrawn at any time)

5. Data Sharing and Disclosure

We may share your personal information with:

5.1 Other Users

Your profile information and content you share within the community are visible to other users according to your privacy settings.

5.2 Service Providers

We work with third-party service providers who perform services on our behalf, such as hosting, analytics, payment processing, customer support, and marketing. These providers have access to your information only to perform these tasks and are obligated to protect your data.

5.3 Legal Requirements

We may disclose your information if required by law or if we believe that disclosure is necessary to comply with legal obligations, protect our rights, protect your safety or the safety of others, investigate fraud, or respond to government requests.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

6. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Data Protection Impact Assessments where appropriate

7. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

To exercise any of these rights, please contact us at [privacy@zelleva.com]. We will respond to your request within one month.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your personal data, we will securely delete or anonymize it.

Specific retention periods:

• Account Information: Retained while your account is active, plus 30 days after account deletion
• Transaction Records: Retained for 7 years to comply with legal obligations
• Marketing Data: Retained until you unsubscribe or withdraw consent

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information. You can control cookies through your browser settings and other tools. However, disabling cookies may affect your ability to use certain features of our App.

Types of cookies we use:

• Essential Cookies: Required for the App to function properly
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our App
• Marketing Cookies: Used to deliver relevant advertisements

11. Third-Party Services

Our App may contain links to third-party websites or integrate with third-party services (e.g., social media platforms, payment processors, mapping services). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. Children’s Privacy

Our App is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

13. Automated Decision-Making and Profiling

We may use automated decision-making and profiling to personalize your experience, such as recommending travel destinations or connecting you with similar travelers. You have the right to object to automated decision-making and request human intervention.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with your local supervisory authority if you believe we have not handled your personal data properly.

16. Supervisory Authority

If you are located in the European Economic Area (EEA), you have the right to lodge a complaint with your national data protection authority. A list of supervisory authorities can be found at: https://edpb.europa.eu/about-edpb/board/members_en