Privacy Policy
Effective date: March 15, 2026 Last updated: July 12, 2026 — added Yachtie Pro purchases, AI-assisted features (Google Gemini / Groq as processors), contacts-based friend discovery, profile view records, referral attribution, group chats, and public business pages; clarified that uploaded content remains the property of the users who uploaded it
1. Who We Are
Yachtie is a professional networking platform for the yachting industry. The data controller responsible for your personal data is Sonce Studio d.o.o., registration number (matična številka): 9724575000, tax number (davčna številka): 97200034, registered in Slovenia, with its registered address at Ljubljanska cesta 11, 4220 Škofja Loka, Slovenia, operating the Yachtie product on behalf of its founder and product owner, Jure Kovač. References to "we", "us", and "our" in this policy refer to Sonce Studio d.o.o. in its capacity as data controller for the Yachtie service.
In the event that a dedicated Yachtie entity is established, the data controller role will transfer to that entity and this policy will be updated accordingly.
Contact details:
- General inquiries: hello@yachtie.co
- Privacy and data protection: privacy@yachtie.co
- Website: https://yachtie.co
This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the Yachtie iOS application and the yachtie.co website (collectively, the "Service"). We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
2. What This Policy Covers
This Privacy Policy applies to:
- The Yachtie iOS app — our mobile application for professional networking in the yachting industry.
- The yachtie.co website — our marketing website, including early access sign-up forms and the public crew-voted places directory.
- Any related services operated by Yachtie.
3. Data We Collect
3.1 Data You Provide Directly
Account information: When you create an account, we collect your email address and name. If you sign in with Apple, we receive your name and email as authorised by you through Apple's sign-in flow.
Profile information: You may provide additional profile details including your username, biography, profile photo, date of birth (used to confirm that you are at least 18), gender (optional), home country, department (e.g., deck, engineering, interior), and role within the yachting industry.
Professional information: You may add certifications (stored as boolean flags indicating you hold a certification — we do not store the certificate documents themselves), vessel assignments (including vessel name, role, and dates), and upload your CV (PDF). Your CV is compressed and stored securely.
Communications: Messages you send to other users through the Yachtie messaging feature — direct messages, group chats, and event/Hangout conversations — including any media shared within conversations. Content shared in a group chat is visible to all members of that group.
Photos and other uploaded content: Photos and other content you upload — profile photos, vessel photos, venue/place photos, images shared in chats, and (for business accounts) logos, cover images, and event or promotion images — remain your property. We store and display them only to provide the Service; see the "Your Content" section of our Terms of Service.
Contacts (optional, for friend discovery): If you choose to use contacts-based friend discovery, the app sends the phone numbers from your address book (numbers only — never your contacts' names) to our server over an encrypted connection, solely to check whether they belong to existing Yachtie users. Numbers are converted to keyed cryptographic hashes for matching, our systems never log the raw numbers, and numbers belonging to people who are not Yachtie users are discarded immediately after the check — they are never stored. Your own number(s) are stored only in hashed form so friends can find you. You can turn off contact discovery at any time in the app, which removes your stored hashes.
Reference contacts: When adding references to vessel assignments, you may provide a reference's name, email address, and phone number. This is third-party personal data, and you must confirm that you have the reference's permission before providing it.
Social links: You may optionally add links to your Instagram, X (formerly Twitter), TikTok, and personal website profiles.
Employer verification data: If you are a captain, head of department, or other employer-side user undergoing verification, we collect your name, role, WhatsApp contact, CV, and a government-issued photo ID (passport, national ID, or driving licence).
Event data: If you create or attend a Hangout (social event), we collect event details and attendance information.
Phone number (optional): If you add a contact phone number in the Work/dockwalking section, we store it securely. When you have dockwalking enabled, your phone number may be visible to employer-side users (captains, heads of department) who view your profile. Your phone number is deleted when you delete your account, and you can remove or update it at any time in the app's Work section.
Interests: You may select interests and activities that help others discover and connect with you.
Business account information: If you operate a business account, we collect your business's name, address, contact phone number and email, description, logo and cover images, and the events and promotions you publish. Business pages — including business contact details — are displayed publicly in the app and on the yachtie.co website, including to visitors without an account.
Early access sign-up (website): If you sign up for early access via our website, we collect your email address, role/department, device preference, and any optional free-text responses you provide through the Tally sign-up form.
Places directory contributions (website and app): If you add a place, vote, comment, review, or submit a photo on the public crew-voted places directory — on yachtie.co or in the app — we collect your email address (used to create your Yachtie account), your first name, and the content you submit. Place listings, notes, votes, comments, and photos are displayed publicly on the website; comments are attributed by first name only, and your email address is never displayed. This content is user-generated and Yachtie does not verify it — to report a problem with an entry, or to have your contribution removed, contact hello@yachtie.co.
3.2 Data Collected Automatically
Location data (with your permission): If you enable location sharing, we collect your device's GPS location. Your location is only shared with other users after being approximated (spoofed to roughly a 1 km radius) — we never display your precise location to other users. Location data is only collected when the app is in use ("When In Use" permission), not in the background. Only your most recent location is stored; we do not maintain a location history.
Device and usage data: We collect usage analytics through PostHog, including feature interactions and app events. When you are signed in, analytics events are linked to your user ID (pseudonymised data under GDPR Art. 4(5)); when you are not signed in, events are not linked to your identity. PostHog is configured to run through our own domain (e.yachtie.co) and we do not use analytics data for advertising, profiling, or cross-app tracking. Analytics are enabled by default under legitimate interest, but you can opt out at any time in Settings.
Push notification tokens: If you enable push notifications, we receive a device token from Apple's Push Notification Service to deliver notifications to your device. Your device token is deleted when you delete your account.
Authentication metadata: We automatically collect technical data necessary for your account to function, including your user ID, account creation date, and last sign-in timestamp.
Purchase and subscription data (Yachtie Pro): If you purchase Yachtie Pro, payment is processed entirely by Apple through the App Store — we never receive or store your payment card details. We receive and store transaction identifiers and your subscription/entitlement status (plan and expiry) so we can unlock Pro features on your account.
Profile view records: When you view another user's profile, we record that view. Users may see who recently viewed their profile (currently a Yachtie Pro feature). Views involving blocked users are not shown.
Referral attribution: If you join Yachtie after opening someone's invite link, we attribute your sign-up to the inviter using the invite code. To make this work, the invite web page stores a salted cryptographic hash of your IP address (we do not store the raw IP for this purpose), and on first launch the app may read an invite code carried over via your device clipboard. This data is used solely to credit referral rewards and to prevent referral fraud.
Sign-up country and connection metadata (derived from IP, raw IP not stored): When you sign up or first sign in to the iOS app, we briefly process the IP address that your request originates from in order to derive: (i) the country and region your sign-up came from, (ii) the name of your internet service provider or hosting org (text label only — no other network details), (iii) whether the IP belongs to a datacenter / hosting provider rather than a residential or mobile network, and (iv) whether you connected through Apple's iCloud Private Relay. We do not store the raw IP address itself — only these derived fields are persisted. We use this signal exclusively for internal spam and abuse detection (administrators may view your country and a per-account "trust score" while triaging suspicious accounts) — we never use it to advertise to you, profile you commercially, or share it externally. The signal is computed once at sign-up and is updated on first sign-in for users whose accounts pre-date this feature.
3.3 Data From Third Parties
Apple Sign-In: If you sign in with Apple, we receive your name and email address as authorised by you. Apple may provide a private relay email address if you choose to hide your email.
Tally (early access forms): If you sign up for early access via our website, your form responses (email, role, device preference, and any free-text answers) are collected through Tally, a third-party form provider based in the EU. Tally transmits this data to us for the purpose of managing our early access programme.
Vessel data (not about you): We display vessel information (names, types, positions) sourced from third-party maritime vessel-data providers, derived from public AIS broadcasts. This is data about vessels, not about you; it is combined with vessel assignments you add yourself, which are covered above.
3.4 AI-Assisted Features
Some features use large language models to generate drafts or suggestions — for example, drafting a Hangout invitation, suggesting activities, processing your uploaded CV, and drafting replies from our support team to your support messages. When you use one of these features, the relevant content (for example, your Hangout text, your CV, or your support conversation) is sent to our AI infrastructure providers — currently Google (Gemini) and Groq — which process it on our behalf to generate the output. We do not use your content to train AI models. We log usage metadata (feature used, provider, token counts, latency) linked to your user ID to operate and secure these features. AI features run only when you actively use them.
4. How We Use Your Data
We process your personal data for the following purposes and on the following legal bases:
| Purpose | Data used | Legal basis (GDPR) |
|---|---|---|
| Account creation and authentication | Email, name | Contract (Art. 6(1)(b)) — necessary to provide the Service |
| Displaying your profile to other users | Profile information, certifications, social links | Contract (Art. 6(1)(b)) — core app functionality |
| Messaging between users | Messages, media | Contract (Art. 6(1)(b)) — core app functionality |
| CV storage and sharing with employers | CV file, professional history | Contract (Art. 6(1)(b)) — user-requested feature |
| CV access by captains/heads of department | CV file | Consent (Art. 6(1)(a)) — explicit sharing action required |
| Location sharing with friends | GPS location (approximated) | Consent (Art. 6(1)(a)) — optional, explicit opt-in; only visible to friends |
| Dockwalking / daywork availability | Approximate distance, availability status | Consent (Art. 6(1)(a)) — optional, explicit opt-in; visible only to employers |
| Contact phone number (dockwalking) | Phone number | Consent (Art. 6(1)(a)) — optional; shared with employer-side users when dockwalking is enabled |
| Push notifications | Device token | Consent (Art. 6(1)(a)) — iOS requires explicit permission |
| Reference contact storage | Reference name, email, phone | Consent (Art. 6(1)(a)) — you must confirm you have the reference's permission |
| Employer identity verification | Name, role, WhatsApp, CV, ID document | Consent (Art. 6(1)(a)) — explicit consent at submission |
| Hangouts and events | Event details, attendance | Contract (Art. 6(1)(b)) — app functionality |
| Usage analytics (pseudonymised when signed in) | Feature usage, app events (via PostHog) | Legitimate Interest (Art. 6(1)(f)) — service improvement, balanced against your privacy (see Section 4.1) |
| Fraud prevention and platform safety | Account activity, usage patterns | Legitimate Interest (Art. 6(1)(f)) — protecting users and the platform |
| Spam and fake-account detection (admin triage) | Derived sign-up country / region, ISP/org label, datacenter-vs-residential flag, Apple Private Relay flag, profile completeness, friend and message activity, vessel claim, position title — combined into an internal "trust score" visible only to administrators | Legitimate Interest (Art. 6(1)(f)) — protecting the integrity of a small, professional community against bots, scrapers, and impersonation. Country is shown as context only and is never used as an automated rejection criterion. Raw IP is discarded after derivation. |
| Contacts-based friend discovery | Hashed phone numbers from your address book | Consent (Art. 6(1)(a)) — optional, revocable in-app |
| AI-assisted drafting and suggestions | Content you submit to the feature (Hangout text, CV, support conversation) | Contract (Art. 6(1)(b)) — processed only when you use the feature |
| Yachtie Pro subscription management | Transaction identifiers, entitlement status | Contract (Art. 6(1)(b)) — providing the paid features you purchased |
| Profile view history | Records of profiles you viewed / who viewed yours | Contract (Art. 6(1)(b)) — app functionality |
| Referral attribution and reward fraud prevention | Invite code, salted IP hash, clipboard-carried invite code | Legitimate Interest (Art. 6(1)(f)) — crediting rewards correctly and preventing abuse |
| Automated in-app service messages (tips, reminders, re-engagement) | Account activity signals | Legitimate Interest (Art. 6(1)(f)) — rate-limited by design to stay infrequent |
| Early access sign-up | Email, role, preferences | Consent (Art. 6(1)(a)) — voluntary form submission |
| Marketing emails | Consent (Art. 6(1)(a)) — explicit opt-in only |
4.1 Legitimate Interest Assessment (Analytics)
We use PostHog for usage analytics to understand how the app is used and to improve the Service. When you are signed in, analytics events are linked to your user ID (pseudonymised); when you are not signed in, events are not linked to your identity. We have assessed that this processing is in our legitimate interest because:
- It is necessary to identify bugs, measure feature adoption, and improve the product.
- The impact on your privacy is low — analytics are pseudonymised (linked to a user ID when signed in, but not used for advertising, profiling, or targeting).
- PostHog is proxied through our own domain (e.yachtie.co) to minimise third-party exposure.
- You can opt out of analytics at any time in the app's Settings, making consent withdrawal as easy as granting it.
5. Who We Share Your Data With
5.1 Other Yachtie Users
Your data is shared with other users based on your privacy settings:
- Profile information (name, username, bio, photo, certifications, interests, social links): Visible to other users as part of the networking functionality.
- Location: Only visible to confirmed friends if you have set location sharing to "Friends only." Never shared if set to "Off." Your displayed location is always approximated — we never reveal your precise coordinates.
- Current vessel: Visible based on your vessel visibility setting: everyone, friends only, or hidden.
- CV: Accessible only to authorised employer-side users (captains/heads of department) based on your CV sharing settings. Every access is logged, and you can review who has viewed your CV in the CV Access Log.
- Dockwalking/daywork status: If enabled, your approximate distance and availability are visible to potential employers only — not to other crew members. If you have provided a contact phone number, it may also be visible to employer-side users viewing your profile while dockwalking is enabled.
- Messages: Visible only to the participants in a conversation. In group chats, that means all members of the group.
- Profile views: When you view another user's profile, that user may see that you viewed it (currently a Yachtie Pro feature).
- Business pages: If you operate a business account, your business page (including business contact details, events, and promotions) is public — in the app and on yachtie.co.
5.2 Service Providers (Data Processors)
We use the following third-party service providers to operate the Service. Each acts as a data processor on our behalf under appropriate data processing agreements:
| Service provider | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase | Database, authentication, file storage, real-time features | All app data (profiles, messages, files, auth) | AWS (EU region) |
| Apple | Push notifications, Apple Sign-In, App Store payments for Yachtie Pro (Apple acts as merchant) | Device tokens, authentication credentials, purchase transactions | Global |
| PostHog | Pseudonymised usage analytics (app and website) | Feature usage events, user identification when signed in (opt-out available) | EU / proxied via e.yachtie.co |
| Google (Gemini API) | AI-assisted features (drafts, suggestions, CV processing, support-reply drafting) | Content you submit to an AI feature | Global (SCCs) |
| Groq | AI-assisted features (fallback provider) | Content you submit to an AI feature | US (SCCs) |
| Vercel | Website hosting and aggregate website performance analytics | Website access logs, IP addresses | Global edge network |
| Tally | Early access sign-up forms | Email, role, device preference, free-text responses | EU |
In addition, when you search for a venue name while adding a place to the places directory on our website, your typed search query is sent to an OpenStreetMap-based geocoding service (Photon, operated by Komoot) to provide suggestions. No account data accompanies the query.
We maintain an up-to-date list of our sub-processors at yachtie.co/subprocessors. If this page is not yet available, you may request a current list by emailing privacy@yachtie.co.
5.3 Legal Requirements
We may disclose your personal data if required to do so by law, regulation, legal process, or enforceable governmental request, or where we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a lawful request from a public authority.
5.4 Business Transfers
In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your data.
6. International Data Transfers
Our primary data infrastructure (Supabase) is hosted in the EU. Some of our service providers operate globally. Where your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): We rely on EU-approved Standard Contractual Clauses with service providers that process data outside the EEA.
- Adequacy decisions: Where the European Commission has determined that a country provides an adequate level of data protection, transfers are made on that basis.
You can request more information about the specific safeguards we apply by contacting us at privacy@yachtie.co.
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
| Data category | Retention period | What happens after |
|---|---|---|
| Active account data (profile, certifications, social links, interests) | Duration of your account | Deleted or anonymised on account deletion |
| Messages | Duration of your account | Anonymised on account deletion (sender name replaced with "Deleted User"; message content retained for conversation continuity) |
| CV and media files (avatars, hangout images) | Duration of your account | Permanently deleted on account deletion |
| Location data | Most recent location only (overwritten on each update) | Deleted on account deletion or when location sharing is disabled |
| Employer verification ID documents | Maximum 30 days after verification or rejection | Automatically deleted; only a "verified" flag is retained |
| CV access logs | 2 years | Purged after retention period |
| Authentication logs | 90 days | Purged after retention period |
| Purchase / entitlement records (Yachtie Pro) | Duration of your account, plus any period required by tax and accounting law | Deleted or retained only as legally required |
| Hashed contact phone numbers (your own) | Until you turn off contact discovery or delete your account | Deleted |
| Derived sign-up country / connection metadata | Duration of your account | Deleted on account deletion. Raw IP is never stored — only the derived country, region, ISP/org label, and the datacenter / Apple-Relay flags. |
| Early access sign-up data | Until product launch + 6 months | Manually purged |
| Support correspondence | 3 years | Manually purged |
| Aggregated analytics | Indefinitely | Not personal data — contains no identifying information |
| Database backups | 30 days (rolling) | Automatically overwritten |
What we retain after account deletion
After you delete your account, we retain only:
- Anonymised messages — your messages are attributed to "Deleted User" to preserve conversation flow for other participants. No identifying information is linked to these messages.
- Aggregated analytics data — which contains no personally identifiable information.
- Legal hold data — only if required by applicable law or legal proceedings.
We also retain a minimal audit record of the deletion event itself (user ID and deletion timestamp) for security and legal compliance purposes; this record does not include any profile or content data.
We permanently delete your profile information, location data, CVs, media files, phone number, push notification tokens, in-app notification history, social links, certifications, vessel assignments, friendships, and consent records.
8. Your Rights
Under the GDPR and applicable data protection laws, you have the following rights regarding your personal data:
Right of access (Art. 15). You have the right to request a copy of the personal data we hold about you. You can request a data export through the app's Settings or by contacting privacy@yachtie.co.
Right to rectification (Art. 16). You can correct inaccurate personal data directly in the app by editing your profile, or by contacting us for data that cannot be self-corrected.
Right to erasure / "right to be forgotten" (Art. 17). You can delete your account at any time through the app's Settings. Deletion is processed immediately and will delete or anonymise your personal data as described in Section 7. You may also request deletion by contacting privacy@yachtie.co.
Right to data portability (Art. 20). You have the right to receive your personal data in a structured, commonly used, machine-readable format (JSON). This includes data you provided to us under consent or contract: profile data, messages you sent, events you created, your CV, certifications, friendships, vessel assignments, social links, interests, consent records, notifications, CV access logs, and verification records. You can request a data export through the app or by emailing privacy@yachtie.co.
Right to restrict processing (Art. 18). You can request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of your data following a dispute.
Right to object (Art. 21). You have the right to object to processing based on legitimate interest (such as analytics). You can opt out of analytics at any time in the app's Settings. For other objections, contact privacy@yachtie.co.
Right to withdraw consent (Art. 7(3)). Where we rely on your consent as the legal basis for processing, you can withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. You can withdraw consent for:
- Location sharing — via Settings in the app (toggle off).
- Push notifications — via Settings in the app or iOS Settings.
- Analytics — via Settings in the app (toggle off).
- Marketing emails — via the unsubscribe link in any marketing email, or in Settings.
- Dockwalking/daywork visibility — via Settings in the app (toggle off).
- Contact phone number (dockwalking) — remove or update in the app's Work section, or contact us.
- Contacts-based friend discovery — turn off in the app, which removes your stored phone hashes.
Withdrawing consent is always as easy as giving it — the same screen, the same controls.
How to Exercise Your Rights
You can exercise most of these rights directly within the Yachtie app:
- Download your data: Settings > Privacy > Download My Data (the download link expires after 24 hours for security; you may request one export per 24-hour period)
- Delete your account: Settings > Privacy > Delete My Account
- Manage consent: Settings (analytics, location, notifications, marketing toggles)
- Edit your profile: Your profile screen
For any request you cannot complete in-app, or for complex requests, email us at privacy@yachtie.co. We will verify your identity before processing any request — if you submit a request via email, we may ask you to confirm from the email address associated with your Yachtie account, which typically takes no more than 10 days. Once your identity is verified, we will respond within 30 days. If your request is complex, we may extend this by an additional 60 days, in which case we will notify you of the extension and the reasons for it.
9. Cookies and Tracking
9.1 Yachtie iOS App
The Yachtie app does not use cookies. We use PostHog for usage analytics, which is proxied through our domain (e.yachtie.co). PostHog identifies you for analytics purposes using your user ID when you are signed in. You can disable analytics entirely in the app's Settings. PostHog analytics in the app do not track you across other apps or websites.
9.2 yachtie.co Website
Our website uses PostHog for analytics to understand how visitors interact with our site, including page views, referral sources, and device types. PostHog is configured to respect user privacy and is proxied through e.yachtie.co. We also use Vercel Analytics and Speed Insights for aggregate traffic and performance measurement.
If you sign in on the places directory, your session token and first name are stored in your browser's local storage (not cookies) so you stay signed in. If you open an invite link (yachtie.co/i/...), a salted hash of your IP address is recorded for referral attribution as described in Section 3.2.
We use only essential cookies that are strictly necessary for the website to function. We do not use advertising cookies or cross-site tracking.
If we change our cookie practices in the future, we will update this section and implement an appropriate consent mechanism.
10. Children's Privacy
Yachtie is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children under 18. The yachting industry is a professional environment, and positions aboard vessels require individuals to be at least 18 years of age.
If we become aware that we have collected personal data from a person under 18, we will take steps to delete that data as quickly as possible. If you believe that a user under 18 has created an account, please contact us at privacy@yachtie.co.
11. Automated Decision-Making
Yachtie does not use automated decision-making or profiling that produces legal effects or similarly significant effects on you. We do not use AI or algorithms to make decisions about your access to features, employment opportunities, or standing on the platform.
Some features use AI to generate drafts and suggestions at your request (see Section 3.4), and we use automated systems to help detect spam and content that may violate our guidelines — but any decision that significantly affects you, such as content removal or account suspension, involves human review.
12. Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it:
Technical measures:
- Encryption in transit (HTTPS/TLS) for all data transmitted between your device, our servers, and our service providers.
- Encryption at rest for all data stored in our database and file storage.
- Row-Level Security (RLS) policies at the database level, ensuring users can only access data they are authorised to see.
- Parameterised queries to prevent SQL injection attacks.
- Signed, time-limited URLs (15-minute expiry) for accessing stored files such as CVs.
- Location spoofing and approximation to prevent precise location exposure.
Organisational measures:
- Strict access controls limiting who can access the database and stored files.
- ID documents for employer verification are only accessible to a small, trained internal team and are automatically deleted within 30 days.
- CV access logging to maintain an audit trail of who accessed your professional documents.
While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents.
Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk to you, we will also notify you directly without undue delay, providing information about the nature of the breach and the steps we are taking.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. When we make material changes, we will:
- Update the "Last updated" date at the top of this page.
- For significant changes, notify you via email or through an in-app notification.
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.
14. How to Contact Us and File a Complaint
Contact us:
For any questions or concerns about this Privacy Policy or our data practices, or to exercise any of your rights:
- Email: privacy@yachtie.co
- General inquiries: hello@yachtie.co
- Data controller: Sonce Studio d.o.o., Ljubljanska cesta 11, 4220 Škofja Loka, Slovenia (matična številka: 9724575000)
Supervisory authority:
If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with a data protection supervisory authority in the EU/EEA member state where you reside, work, or where you believe an infringement has occurred.
For users in Slovenia, the relevant authority is:
Informacijski pooblaščenec (Information Commissioner) Dunajska cesta 22, 1000 Ljubljana, Slovenia Website: https://www.ip-rs.si Email: gp.ip@ip-rs.si Phone: +386 1 230 97 30
A full list of EU/EEA data protection authorities can be found on the European Data Protection Board website at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
You also have the right to seek a judicial remedy if you believe your rights under the GDPR have been infringed.
This Privacy Policy was last updated on July 12, 2026.