In this Privacy Policy, we, UAB "Vexoro Group", explain how we handle your personal data when you use the Vexoro mobile application (including the Delay Shield service), visit our website, and interact with our digital marketing campaigns on platforms such as Google or Facebook. We are committed to protecting your privacy and ensuring transparency in how your data is collected, processed, and used.

We may ask you to consent to our use of cookies when you first visit our website. Our website and app include privacy controls that allow you to manage how your personal data is used. You can specify whether you want to receive marketing communications and limit the amount of information collected through cookies.

If you have any questions or would like to exercise your rights, you can contact us using the details in the Contacts section.

1. How We Use Your Personal Data

This section explains what data we collect, how we use it, and the legal basis for doing so.

1.1. We process data about your use of our website and app ("usage data"), including your IP address, browser type, device information, operating system, referral source, session duration, and navigation paths. This data is collected via cookies or analytics tools. The purpose of this processing is to improve our services and user experience. The legal basis is our legitimate interest in monitoring and enhancing our platforms.

1.2. We may collect personal data through lead advertisements or online campaigns on platforms such as Google and Facebook. This data may include your name, email address, and phone number. It is processed for the purpose of contacting you about our services and marketing communications, based on your consent.

1.3. When you register an account, we collect account data including your name, email, date of birth, and optionally a profile photo. We process this data to operate our app, manage your account, and communicate with you. The legal basis is the performance of a contract.

1.4. When you use the Delay Shield feature, we process service data such as flight details, payment information, and claim documentation. This data is required to process compensation claims and execute partial payouts. The legal basis is contract performance and our legitimate interest in proper business administration.

1.5. We may process correspondence data such as messages or inquiries you send via email, app forms, or chat. This data is used for communication and dispute resolution. The legal basis is our legitimate interest in ensuring quality support and record-keeping.

1.6. We may process your data where necessary to comply with legal obligations or protect your vital interests or those of others.

2. When We Provide Your Data to Others

2.1. We may disclose personal data to our group companies and trusted partners as necessary to deliver our services.

2.2. We share data with payment processors (such as Stripe) to facilitate payouts and manage financial transactions.

2.3. We may share data with flight data providers (such as FlightAware or Amadeus) to enable flight tracking and eligibility validation.

2.4. We may share limited data with legal service providers to manage airline compensation claims on your behalf.

2.5. Data may also be shared with IT and analytics providers, hosting partners, or marketing platforms. All partners are bound by data protection agreements ensuring GDPR compliance.

2.6. Some partners may be located outside the EEA. In such cases, we ensure adequate protection using EU Standard Contractual Clauses.

3. How Long We Store Your Data

3.1. Personal data is stored only as long as necessary for the purpose for which it was collected.

3.2. Account data: up to 10 years after last activity. Service data (claims, payouts): up to 10 years after completion. Communication data: up to 2 years. Analytics data: up to 3 years.

3.3. Data may be retained longer where required by law or to defend legal claims.

4. Marketing Messages

4.1. If you consent, we may send marketing messages via email, SMS, or push notifications to inform you about new services or offers.

4.2. You may withdraw consent or opt out at any time by clicking the unsubscribe link or contacting us directly.

4.3. Unsubscribing from marketing will not affect messages directly related to your account or claims.

5. Your Rights

Under GDPR, you have the following rights: access, rectification, erasure, restriction, objection, portability, complaint, and consent withdrawal.

You may contact us to exercise your rights at any time. We will respond within one month.

You may file a complaint with the State Data Protection Inspectorate (A. Juozapavičiaus g. 6, LT-09310, Vilnius, www.ada.lt).

6. Cookies

We use cookies to improve your experience, analyze usage, and deliver personalized content. You can disable cookies in your browser settings. Blocking cookies may affect website functionality.

7. Third-Party Services and Cookies

Our service may use cookies or tracking pixels from providers such as Google Analytics, Facebook, LinkedIn, and others to monitor performance, marketing, and user behavior. Each provider maintains its own privacy policy, which you should review separately.

8. Children's Data

Our services are intended for users over 18 years of age. If we discover that data from a minor has been collected without consent from a parent or guardian, it will be deleted immediately.

9. Updating Your Data

You can update your data within your account settings or by contacting us directly at info@vexoroapp.com.

10. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on vexoroapp.com/privacy. Material changes may be notified via email or in-app notification.

11. Contact

UAB "Vexoro Group"

Company code: 307496559

Address: Ulonų g. 3, Vilnius, Lithuania

Phone: +370 618 10333

Email: info@vexoroapp.com