Privacy Policy of Travee GmbH
(As of: 30.10.2025)
1. Controller
Travee GmbH
Kolonnenstraße 8, 10827 Berlin, Germany
Email (privacy & general): contact@travee.eu
Managing Director authorized to represent: Conrad Mildenstrey
2. Purposes, Data Categories, Legal Bases
We process personal data only to the extent necessary. Unless stated otherwise below, we base processing on:
- Art. 6(1)(b) GDPR (contract/contract initiation),
- Art. 6(1)(f) GDPR (legitimate interests – each with a balancing test),
- Art. 6(1)(c) GDPR (legal obligations, e.g., commercial/tax retention),
- for consents: Art. 6(1)(a) in conjunction with Art. 7 GDPR.
For access to end devices (cookies/local storage/SDK identifiers), § 25 TDDDG (formerly § 25 TTDSG) applies.
2.1 Use of the Travee App (Core Function)
Data: Account/profile data (name, email, password hash), app/language settings, travel and content preferences, in-app interactions.
Purpose: Provision and personalization of content (audio guides, routes, recommendations).
Legal basis: Art. 6(1)(b) GDPR.
Retention: until account deletion; backups 90 days (see section 10 for details).
2.2 Location Data (if enabled)
Data: GPS/Wi-Fi/cell-based location (precise/approximate).
Purpose: location-based recommendations, navigation, “nearby”.
Legal basis: Art. 6(1)(b) GDPR insofar as required for core functions; otherwise consent (Art. 6(1)(a) GDPR).
Retention: context-dependent; no permanent history unless required for the core function.
Note: Permissions can be revoked at any time in the operating system.
2.3 Microphone/Voice Functions (if enabled)
Data: Voice commands/short audio inputs (on-device or server-side), transcripts.
Purpose: voice mode and natural interaction.
Legal basis: Art. 6(1)(b) GDPR; where applicable consent (Art. 6(1)(a) GDPR).
Important: No creation of voice profiles/voiceprints and no biometric identification; no profiling from voice characteristics.
Transcription: Audio inputs are – insofar as required for the voice mode – transcribed automatically; the transcripts may be evaluated according to § 2.15 for functional operation, quality/product improvement, and security.
Retention: Raw audio is generally not stored permanently; where required for troubleshooting, only short-term (see section 10 for details).
2.4 Personalization & Profiling (without legal effect)
Data: Preferences, usage patterns, context (location/time).
Purpose: more relevant content, timing of notices.
Legal basis: Art. 6(1)(f) GDPR (user-friendly UX) and/or Art. 6(1)(b) GDPR.
Note: No automated decisions with legal effect within the meaning of Art. 22 GDPR.
2.5 Audio Generation via Third Parties (e.g., ElevenLabs)
Data: Text content (guide scripts, personalized salutation), technical metadata.
Purpose: text-to-speech output of audio guides.
Legal basis: Art. 6(1)(b) GDPR; processing under Art. 28 GDPR.
Retention: see section 10.
2.6 Map Services & Places (e.g., Google Maps/Places)
Data: IP address, where applicable location (if granted), device info, search queries.
Purpose: map display, POI data, route planning.
Legal basis: Art. 6(1)(b) and/or Art. 6(1)(a) GDPR (depending on implementation).
Retention: per provider specifications; we store only what is necessary for the purpose.
2.7 Affiliate Links & Booking Redirects (e.g., GetYourGuide/Viator/Booking)
Data: referrer/partner ID, calling URL, where applicable cookie/SDK IDs for commission attribution.
Purpose: commission accounting, abuse/fraud prevention.
Legal basis: End-device access: § 25 TDDDG (consent unless technically required). Subsequent processing: Art. 6(1)(a) and/or (f) GDPR.
Retention: minimized and purpose-bound per partner requirements.
Note: Contract/checkout with the third party (independent controller).
2.8 App Stores/In-App Purchases
Data: transaction IDs, product information, pseudonymous device IDs.
Purpose: processing purchases/subscriptions, license verification.
Legal basis: Art. 6(1)(b) GDPR.
Note: Apple/Google act as independent controllers for payment processing.
2.9 Support/Communication
Data: email address, content of the inquiry, technical logs.
Purpose: responding to inquiries, troubleshooting.
Legal basis: Art. 6(1)(b) and (f) GDPR.
Retention: 12 months after completion (see section 10 for details).
2.10 Usage Analytics & Crash Reports (e.g., Firebase Analytics/Crashlytics, Sentry, Matomo)
Data: app events, crash data, device information, where applicable advertising IDs (IDFA/AAID).
Purpose: stability, performance, product improvement.
Legal basis: § 25 TDDDG (end-device access) + Art. 6(1)(a) GDPR (consent); exceptionally Art. 6(1)(f) GDPR for strictly technically required measurement without marketing reference.
Retention: 14 months (see section 10 for details).
2.11 Newsletter/Product Updates
Data: email, opt-in, timestamp (double opt-in).
Purpose: information about Travee.
Legal basis: Art. 6(1)(a) GDPR; proof of consent (Art. 7 GDPR).
Withdrawal: at any time; link in every email.
2.12 Website Visit & Server Logs
Data: IP, date/time, pages accessed, user agent, referrer.
Purpose: delivery, security (e.g., DDoS protection), error diagnostics.
Legal basis: Art. 6(1)(f) GDPR.
Retention: 7 days (see section 10 for details).
2.13 Push Notifications (if enabled)
Data: device token (APNS/FCM), app/device metadata.
Purpose: service notices (e.g., tour status) and optionally information/tips.
Legal basis: Art. 6(1)(b) GDPR for service-critical notices; otherwise consent or Art. 6(1)(f) GDPR (with opt-out).
Retention: tied to runtime; opt-out at any time in OS/app settings.
2.14 Data Sources
Data originates from self-disclosure, app/website usage, and – depending on the feature – from third-party APIs (e.g., maps/POI, payment or affiliate partners).
2.15 Chat & Voice Guide Histories (Content & Usage Analysis)
Data: contents of your chat messages and voice guide interactions (transcripts), associated metadata (timestamps, language, approximate location/context information, app/device information, pseudonymous user/device IDs) as well as derived data (e.g., topics/categories, intents, embeddings, quality/usage metrics).
Purposes:
a) Functional operation (conversation/answers, history),
b) evaluation of voice guide transcripts together with chat histories to understand use cases and improve product/quality (e.g., topics, intents, handover points),
c) Security/abuse prevention (e.g., spam/abuse detection, rate limiting),
d) Aggregated analyses (feature usage, topic popularity – without personal reference; see section 9).
Legal basis:
– a) Art. 6(1)(b) GDPR (contract),
– b/c) Art. 6(1)(f) GDPR (legitimate interests in a stable, secure, and improved app; objection possible at any time, see section 12) and – where required – consent (Art. 6(1)(a) GDPR) via the consent center,
– d) Art. 6(1)(f) GDPR (based only on aggregated/anonymous data).
Safeguards: strict access controls, pseudonymization, shortest possible raw storage, sample-based human review only for the stated purposes, no use of content for own purposes by processors, no training of external foundation models.
Retention:
– Histories/transcripts: 12 months (shorter if you delete),
– raw audio (if stored): only short-term for troubleshooting/improvement; then deletion,
– derived metrics/embeddings: 14 months (pseudonymized),
– aggregated/anonymous analyses: without personal reference, can be used longer.
3. Cookies & SDKs / Consent Management
We use cookies, local storage, and mobile SDKs. We use non-essential technologies only with consent (§ 25 TDDDG). Technically necessary technologies serve, for example, login/session, licensing, and security.
Categories (website):
- Essential (e.g., session, security, consent storage),
- Analytics/Performance (e.g., usage metrics, load times),
- Functional (convenience features),
- Marketing/Ads (only if used; e.g., remarketing tags).
We use non-essential categories only with consent via the CMP.
Consent Management:
- Website: Usercentrics CMP (Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich). Storage of consent settings (purposes/categories, timestamp, pseudonymous ID, CMP version) in the browser for 12 months; withdrawal at any time via “Cookie settings” in the footer.
- App: Travee Consent Center (in-house solution). Consents for analytics, personalization, where applicable marketing and – where required – content/history analysis are stored in the app (and for account usage pseudonymized server-side) for 12 months; withdrawal/opt-out at any time under Settings → Privacy → Manage consents.
4. Recipients & Processing on Behalf
We transmit data only where necessary and enter into Art. 28 GDPR agreements with processors. Key categories:
- Hosting/Cloud: AWS (primarily region EU-Central-1/Frankfurt) – compute, database (PostgreSQL), storage (S3), CDN (CloudFront).
- Audio Generation: e.g., ElevenLabs (TTS).
- Speech/NLP Processing (transcription/NLU) for voice/chat: contractually bound processors.
- Maps/POI: Google Maps/Places (possibly independent controller).
- Analytics/Crash Reports: Firebase Analytics/Crashlytics, Sentry, where applicable Matomo (self-hosted).
- Support/Email: e.g., Microsoft 365 or Google Workspace (email transport/helpdesk).
- App Stores/Billing: Apple App Store, Google Play (independent controllers).
An up-to-date list of the service providers/categories we use is provided at https://travee.eu/privacy/vendors.
5. Third-Country Transfers (EU/EEA → Third Countries)
Where service providers process data outside the EU/EEA (e.g., USA), we take measures pursuant to Art. 44 et seq. GDPR:
- primarily use of the EU adequacy decision (e.g., EU-US Data Privacy Framework, if the recipient is certified), and
- otherwise Standard Contractual Clauses (SCC) together with additional safeguards.
Details on specific recipients are available upon request at contact@travee.eu.
6. Disclosure in the Event of Corporate Changes
In the event of corporate restructuring (e.g., merger, acquisition, sale of business units), personal data may pass to the acquiring party. In such cases, we ensure that the data is further processed only for the previous purposes and under appropriate protection, and we inform about material changes.
7. External Offers (Links to Third-Party Providers)
Our platform contains links to third-party offers (e.g., booking/payment or maps providers). These providers are solely responsible for processing personal data; their own privacy notices apply.
8. Do Not Track (website only)
Some browsers send Do Not Track (DNT) signals. We currently do not respond uniformly to DNT because no binding standards exist. You can adjust tracking preferences at any time via our consent center.
9. Aggregated/Anonymized Analyses
We may publish or share with partners aggregated or anonymized statistics about usage of our content (e.g., spots accessed, completion rates, topic popularity). No conclusions about individuals can be drawn.
10. Retention Periods
We store personal data only as long as necessary for purposes or legal obligations:
- Account/profile data: until account deletion; backups: 90 days.
- Contract/transaction/invoice data: 6 or 10 years (HGB/AO).
- Support tickets: 12 months after completion.
- Server logs: 7 days (security/error diagnostics).
- Analytics/crash data: 14 months (pseudonymized where possible).
- Chat/voice histories (transcripts): 12 months (shorter if you delete).
- Raw audio (if stored): short-term until transcription/troubleshooting, then deletion.
- Consent logs: 3 years (burden of proof).
11. Mandatory Information / Necessity
Certain information/permissions are required for core functions (e.g., email/password; where applicable location). Without these, the service cannot be provided or only with restrictions.
12. Your Rights
You have the rights to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21 GDPR).
- You may object at any time to processing based on legitimate interests (in particular history/content analysis for improvement/security); you can object to direct marketing without giving reasons.
- You can withdraw consent at any time with effect for the future.
To exercise your rights, an email to contact@travee.eu is sufficient, or use the in-app features (Settings → Privacy → Manage consents / Delete histories).
Supervisory Authority:
Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59–61, 10555 Berlin, Germany – mailbox@datenschutz-berlin.de
13. Security
We implement technical and organizational measures pursuant to Art. 32 GDPR: TLS/at-rest encryption, role-based access (least privilege), logging, physical/logical access controls, regular backups, security scans, and patch processes.
14. Children
Our offering is not directed at persons under 16 years. Registrations of minors may require parental consent (Art. 8 GDPR). We do not conduct targeted marketing towards minors and do not create marketing profiles.
15. Data Export & Account Deletion (App)
In the app under Settings → Privacy you can export data (portable format) and delete your account. Remaining backups are automatically overwritten after 90 days.
16. Changes to this Policy
We update this privacy policy when functions, legal situation, or technical standards change. The current version is published at https://travee.eu/privacy.
17. Services Matrix (Quick Overview)
| Service/Tool | Role | Purpose | Data | Legal basis | Third-country transfer |
| AWS (ECS/EC2, RDS, S3, CloudFront) | Processor | Hosting/DB/Storage/CDN | IP, usage & content data | Art. 6(1)(b)/(f); DPA Art. 28 | where applicable EU-US DPF or SCC |
| ElevenLabs (TTS) | Processor | Audio output | Text content, metadata | Art. 6(1)(b); DPA | where applicable DPF/SCC |
| Speech/NLP providers (ASR/NLU) | Processor | Transcription & chat/voice processing | Audio/transcript, metadata | Art. 6(1)(b)/(f); § 25 TDDDG + Art. 6(1)(a) (if needed) | where applicable DPF/SCC |
| Google Maps/Places | Independent controller | Maps/POI | IP, location, device info | Art. 6(1)(b)/(a) | USA (DPF/SCC) |
| Firebase Analytics/Crashlytics | Processor | Analytics/crash | Events, crash data, IDs | § 25 TDDDG + Art. 6(1)(a)/(f) | USA (DPF/SCC) |
| Sentry | Processor | Error tracking | Crash/logs | Art. 6(1)(f); DPA | EU/USA (DPF/SCC) |
| Apple App Store / Google Play | Independent controller | Purchases/subscriptions | Payment/account data | Art. 6(1)(b) | partly outside EU (DPF/SCC) |
| Email provider (e.g., M365/Workspace) | Processor | Support/transactions | Email content, metadata | Art. 6(1)(b)/(f); DPA | where applicable DPF/SCC |
| CMP/Consent (Usercentrics / Travee Consent Center) | Processor | Consent management | Consent logs | Art. 6(1)(c)/(f) | where applicable DPF/SCC |