Privacy Policy

Last updated: 1 February 2025

Sussed ("we", "our", or "us") operates the Sussed mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR). Sussed is the data controller. You can contact us at privacy@sussed.app.

1. Information We Collect

We collect the following personal data:

• Account information: Your name and email address when you create an account.
• Trip data: Trips you create or join, including names, dates, destinations, and members.
• Reservation data: Travel reservations you add manually or by forwarding confirmation emails, such as flights, hotels, and restaurant bookings.
• Expense data: Receipts and expenses you add to trips for splitting with other members.
• Forwarded emails: When you forward booking confirmation emails to Sussed, we process the content to extract reservation details. The raw email content is not retained after processing.

2. Legal Basis for Processing

We process your personal data on the following legal bases:

• Performance of a contract: Processing your account, trip, reservation, and expense data is necessary to provide the App's core features.
• Consent: We process forwarded emails and send push notifications based on your consent. You can withdraw consent at any time by stopping email forwarding or disabling notifications in your device settings.
• Legitimate interest: We process data to maintain security and improve our services, where this does not override your rights.

3. Data Sharing

We use trusted service providers for cloud hosting and push notification delivery, who process data only on our behalf. Your data is stored within the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

4. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all your personal data is permanently deleted.

5. Your Rights

Under the GDPR, you have the right to access, rectify, erase, restrict, or port your personal data, as well as to object to processing or withdraw consent. Exercising certain rights (such as erasure or restriction) may mean we can no longer provide the App to you as it's required for the app functionality.

To exercise any of these rights, contact us at privacy@sussed.app. We will respond within 30 days. You also have the right to lodge a complaint with a data protection supervisory authority.

6. Children's Privacy

The App is not intended for children under 16. We do not knowingly collect personal data from children under 16.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the App or on our website.