Privacy Policy

1. Scope

This policy applies to personal information processed in connection with the WhyTrip app and our online properties that link to this policy. If you do not agree with this policy, please do not use the Services.

2. Information we may collect

Depending on how you use the Services, we may collect the following categories of information:

• Account and profile data: name, email address, phone number, country or region, language preferences, and similar identifiers you provide when registering or communicating with us.
• Trip and health-related inquiries:information you voluntarily submit to request consultations, itineraries, or medically-supported travel coordination (for example, travel dates, destinations, mobility or dietary needs, and general health or wellness goals). Do not send us highly sensitive clinical records unless we explicitly request them through a secure channel.
• Device and technical data: device type, operating system version, app version, coarse IP-based location or region (where permitted), crash logs, and diagnostic data to maintain security and improve reliability.
• Usage data: features used, session duration, and in-app events when we use analytics tools that comply with platform rules.
• Communications: content of messages you send to us (including email or in-app support), and metadata such as timestamps.
• Payment-related data: if you purchase services through approved processors, we may receive limited transaction references (not full payment card numbers, which are handled by our payment partners).

3. How we use your information

• To provide, personalize, and improve the Services.
• To respond to inquiries, coordinate travel and wellness programs, and deliver customer support.
• To operate, secure, and debug the app; detect fraud and abuse.
• To send service-related notices (for example, account, safety, or legal updates). Where required by law, we will obtain consent before marketing communications.
• To comply with legal obligations and enforce our terms.
• For analytics and product improvement in aggregated or de-identified form where appropriate.

4. Legal bases (EEA, UK, CH)

Where applicable, we rely on: performance of a contract; legitimate interests (for example, securing our Services and understanding aggregate usage), balanced against your rights; consent where required; and legal obligations.

5. Sharing of information

We may share information with:

• Service providers who assist with hosting, analytics, customer support, email delivery, payments, and cybersecurity, bound by confidentiality and processing agreements.
• Professional partners involved in delivering your requested travel or wellness services (for example, clinics, hotels, or transport partners), only as needed to fulfill your request and subject to their own privacy commitments.
• Authorities when required by law, legal process, or to protect rights, safety, and security.
• Corporate transactions such as a merger or acquisition, with notice where required.

We do not sell your personal information as that term is commonly defined in U.S. state privacy laws.

6. Apple and other platform services

If you sign in with Apple or use other platform features, information is processed according to Apple's terms and privacy policy in addition to ours. Our use of data collected through Apple technologies follows the App Store Review Guidelines and applicable Apple developer documentation.

7. International transfers

We may process information in countries other than where you live. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

8. Retention

We retain personal information only as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law (for example, tax, accounting, or dispute resolution).

9. Security

We implement administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is completely secure; we encourage you to use strong passwords and protect your device.

10. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal information, and to data portability or withdrawal of consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority.

To exercise rights, contact us using the details below. We may need to verify your identity before responding.

11. Children

The Services are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.

12. Third-party links

The Services may contain links to third-party sites or integrations. Their privacy practices are governed by their own policies, not this one.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. Where changes are material and required by law, we will provide additional notice.