1. Who We Are
GetRhodes is a travel planning application for the island of Rhodes, Greece. The service is operated by Incomatic.gr ("we", "us", "our"). You can reach us through our Instagram account @rhodes.rodos or via the contact details at the bottom of this page.
2. What Data We Collect
When you use GetRhodes, we may collect the following categories of information:
- Account information — If you sign in via Google, we receive your name, email address, and profile picture from your Google account.
- Trip preferences — Dates, interests, group type, and other inputs you provide to generate your itinerary.
- Usage data — Pages visited, features used, device type, operating system, and approximate location (country/region level) derived from your IP address.
- Email address — If you subscribe to our early-access or newsletter list.
We do not collect payment information, precise GPS location, contacts, or any data from your device beyond what is described above.
3. How We Use Your Data
We use the information we collect to:
- Provide, maintain, and improve the GetRhodes service.
- Generate personalised itineraries based on your preferences.
- Send you updates about GetRhodes, if you have opted in.
- Analyse aggregated usage patterns to improve our product.
- Comply with legal obligations.
4. Third-Party Services
GetRhodes relies on the following third-party services that may process your data:
- Supabase — Authentication, database hosting, and file storage.
- Google OAuth — Sign-in via your Google account.
- Google / OpenAI / Anthropic — AI-powered itinerary generation (only your trip preferences are sent; no personal identifiers).
- App Stores — Mobile app distribution (Apple App Store, Google Play).
Each of these providers operates under their own privacy policies. We encourage you to review them.
5. Data Storage & Security
Your data is stored securely on Supabase infrastructure within the European Union. We implement industry-standard security measures including encrypted connections (TLS), row-level security policies, and restricted access controls. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or compliance reasons. Aggregated, anonymised analytics data may be retained indefinitely.
7. Your Rights (GDPR)
If you are located in the European Economic Area, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your personal data ("right to be forgotten").
- Restrict or object to processing of your data.
- Data portability — receive your data in a structured, machine-readable format.
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us using the details below.
8. Cookies & Local Storage
GetRhodes uses essential cookies and local storage strictly for authentication and session management. We do not use advertising cookies or third-party tracking cookies.
9. Children's Privacy
GetRhodes is not directed at children under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of GetRhodes after changes constitutes acceptance of the updated policy.