Privacy Policy

We collect personal information to provide and improve our Services. This includes:

• Account Credentials: Username, email address, and encrypted passwords used for authentication.
• Profile Information: Optional information you provide, such as your biography, location, and profile photograph.
• User Content: Landmark reviews, itinerary itineraries, photographs, messages shared with friends, and trivia responses.
• Device & Usage Information: IP addresses, browser types, operating systems, and platform interaction histories.
• Location Data: With your permission, we collect precise or approximate geographic coordinates to power mapping features. You can disable this in your device settings.

We process your personal data for the following operational and legal purposes:

• To provide, personalize, and improve our core Services.
• To run interactive maps, trivia challenges, and custom itinerary suggestions.
• To manage your account, authenticate sessions, and protect against security breaches.
• To facilitate communications between you and other community members.
• To communicate updates, security alerts, and support messages.
• To comply with regulatory guidelines and legal demands.

We do not sell, rent, or trade your personal data. We only share information with:

• Infrastructure Providers: Supabase processes database storage, assets, and authentication (see Supabase Privacy Policy). Netlify processes web hosting and serverless routines (see Netlify Privacy Policy).
• Map APIs: OpenStreetMap and MapLibre provide map tiling services. No personal details are transferred.
• Wiki Partners: Wikipedia/Wikimedia are referenced for historical context. No personal details are transferred.
• Legal Compulsion: If required to respond to subpoenas, court orders, or active law enforcement investigations.

Vestigia uses strictly necessary cookies and local storage tokens. These are mandatory for the application to function correctly.

We retain your personal data for as long as your account remains active or as required to fulfill the purposes highlighted in this policy.

You can delete your account at any time. When deleted, all profile details, saved trips, and location data are permanently purged from active databases, subject to standard backup recovery retention periods.

Depending on your location (such as the European Union under GDPR or California under CCPA/CPRA), you possess specific statutory rights regarding your personal information:

To exercise any of these rights, please contact us at vestigia@yahoo.com.

Vestigia is not intended for children under 13 years of age. We do not knowingly collect personal data from anyone under 13.

If we become aware that we have collected information from a child under 13 without verified parental consent, we will take immediate steps to delete those records.

We use robust technical and administrative security measures (including HTTPS transit encryption, database-level encryption at rest, and secure role-level authentication policies) to protect your personal details.

While we take all reasonable precautions, no internet-based service can guarantee complete protection against all unauthorized breaches.

We may update this Privacy Policy periodically to reflect shifts in technology, regulation, or services.

We will revise the "Effective Date" at the top and distribute notifications if modifications are significant.

If you have questions, complaints, or request queries concerning your privacy on Vestigia, please contact our team:

Email: vestigia@yahoo.com