Privacy Policy

From operators: name, email, business name, payment method (held by Stripe — we see metadata only), workspace usage data, audit logs of in-app actions.

From guests of operators: we are a processor for whatever the operator collects (name, email, dietary, passport, etc.). The operator decides what's collected; we provide the tools to handle it safely.

From visitors: server-side analytics of page views and referrers. No tracking cookies until consented.

To run the service: authenticate you, bill you, render the right data to the right people, send transactional email, prevent abuse, comply with legal obligations.

EU residency by default. Postgres, file storage, email, observability — all in EU regions. Stripe is the only inevitable cross-region dependency, covered by Stripe's DPA.

Sub-processors only — Stripe (payments), Resend (email), Cloudflare (CDN/storage), Sentry (error tracking), Axiom (logs). Each is GDPR-compliant. Full list available on request.

You can ask us to access, export, correct, or delete your personal data. Operators can fulfil the same rights for their guests via the in-app data tools. Email [email protected].

Active tenants: data retained while the subscription is active. Cancelled tenants: 30-day soft-delete, then hard-purge.

Sensitive guest fields (passport, medical) auto-purge a configurable number of days after the related Trip completes (V1).

Marketing pages are cookie-less by default. The app uses an HttpOnly session cookie scoped to app.exply.app, strictly necessary for log-in. Optional analytics cookies are consent-gated. Details in our Cookies notice.