Privacy Policy

The data controller is Globe Inc., reachable at the email address feedback@globeinc.dev.

Goldfish collects the following personal data:

• Registration data: email address, display name, profile photo (optional)
• Travel data: itineraries, timelines, destinations, bookings, notes
• Financial data: expenses, amounts, currencies, cost splitting among group members
• Documents: uploaded files (passports, tickets, bookings) — metadata and content
• Checklists: list items, assignments, completion status
• Technical data: push notification tokens, app version, device platform
• Usage data: anonymized and pseudonymized analytics events via PostHog (e.g. screens viewed, in-app actions, application lifecycle). No personal data is included in events — identification occurs only after login, with a pseudonymized UUID.
• Location: only if explicitly authorized by the user, for map features and real-time location sharing with travel group members
• Bluetooth data: the offline chat feature uses Bluetooth Low Energy (BLE) to exchange messages between nearby devices. Messages travel exclusively between local group devices — no data is sent to external servers. Messages are stored locally on the device.

• Performance of a contract (Art. 6(1)(b) GDPR): provision of the Goldfish service — account management, data synchronization, push notifications
• Consent (Art. 6(1)(a) GDPR): collection of location data, sending promotional communications
• Legitimate interest (Art. 6(1)(f) GDPR): anonymized analytics for service improvement, security, and abuse prevention

Data is stored on Supabase (servers in the European Union — Frankfurt, Germany). All communications are encrypted in transit (TLS 1.2+). Data is retained for the duration of the user's account and deleted upon request via the "Delete account" function in the app.

Personal data is not sold to third parties. Data is shared exclusively with:

• Supabase Inc. — hosting and database (sub-processor, DPA in place)
• Apple Inc. — authentication (Sign in with Apple), subscription management (StoreKit)
• PostHog Inc. — pseudonymized analytics and session replay (EU servers, text and image masking enabled). Analytics traffic is routed through a managed reverse proxy powered by Cloudflare, Inc. for reliability and privacy. PostHog privacy policy · Cloudflare privacy policy
• Other travel group members — data shared in group trips (including chat messages, real-time location, and expenses) is visible to participants

As a data subject, you have the right to:

• Access (Art. 15) — request a copy of your data
• Rectification (Art. 16) — correct inaccurate data
• Erasure (Art. 17) — delete your account and all associated data via the dedicated function in the app
• Portability (Art. 20) — export your data in JSON format via the "Export your data" function in Settings
• Objection (Art. 21) — object to processing based on legitimate interest
• Restriction (Art. 18) — request restriction of processing
• Withdrawal of consent — at any time, without prejudice to prior processing

To exercise your rights, contact us at feedback@globeinc.dev. We will respond within 30 days of the request.

We adopt technical and organizational measures to protect personal data, including: encryption in transit (TLS), secure authentication (JWT), Row Level Security (RLS) on all database tables, and data access strictly limited to authorized personnel.

The website goldfish.globeinc.dev does not use profiling cookies. The Goldfish app uses PostHog for pseudonymized product analytics (screens viewed, in-app actions, application lifecycle). Data is sent to servers in the European Union via a managed reverse proxy operated by Cloudflare (first-party domain). Session replays automatically mask all text fields and images. Users can completely disable analytics from the app Settings ("Disable analytics" toggle). No user profile is created until explicit login ("identified only" mode).

Goldfish is not intended for minors under 16 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided personal data, please contact us for removal.

We reserve the right to update this policy. In the event of substantial changes, users will be notified through the app. The last update date is indicated at the top.

For any questions about privacy, write to us at feedback@globeinc.dev.

You have the right to file a complaint with the competent supervisory authority (in Italy: Garante per la protezione dei dati personali).