This Privacy Policy explains how Wanderer (operated by [Your Company Name], an Italian SRL Innovativa) collects, uses, and protects your personal data when you use our platform at www.wanderer.live. By using the platform, you agree to the practices described here. If you do not agree, please do not use our Services.

Questions or concerns? Contact us at support@wanderer.live

Summary of Key Points

The following is a plain-language summary. For complete details, refer to the relevant section below.

Topic

Short Answer

What we collect

Name, email, profile data, device info, location (approximate), booking and event data.

Sensitive data

We do not collect sensitive personal data (health, religion, ethnicity, etc.).

Third-party sources

We do not buy or collect data from third-party brokers. We may receive basic profile info from Google Sign-In.

How we use it

To operate the platform, process bookings, communicate with you, and improve our services.

Who we share with

Service providers (Supabase, Stripe, email tools). Never sold to advertisers.

Your rights

Access, correct, delete your data. Withdraw consent at any time. EEA/UK users have full GDPR rights.

Data safety

We implement appropriate technical and organizational security measures.

1. What Information Do We Collect?

1.1 Standard Personal Data

When you register, create an event, make a booking, or contact us, we may collect:

Full name

Email address

Phone number (optional)

Profile photo (optional) — standard personal data under Art. 4 GDPR. Displayed on your public profile and, for Hosts, on your event listings. Not used for facial recognition, biometric identification, or any automated processing.

Country of residence and city

Languages spoken

Event descriptions, photos, and listing content (Hosts only)

Payment information — processed directly by Stripe; we do not store card details

Instagram handle (optional, publicly visible on profile)

Website URL (optional, publicly visible on profile)

WhatsApp number (optional, visible to other users for contact purposes)

About You — free-text field describing your spiritual journey (optional)

Communications via email or in-app messaging

Reviews and feedback submitted after events

1.2 Special Category Data — Spiritual Interests (Article 9 GDPR)

IMPORTANT: The following data falls under Article 9 GDPR as special categories of personal data because it may reveal religious beliefs, philosophical convictions, or ethnic/national origin. We collect this data only with your explicit, freely given consent, which you may withdraw at any time.

Wanderer collects the following special category data to provide personalised event discovery:

Data Type

Why We Collect It

GDPR Art. 9 Category

Spiritual interests & practices

To show relevant events (e.g. cacao ceremonies, breathwork, Kundalini) and personalise your discovery feed

Religious / philosophical beliefs — Art. 9(1)

Event attendance history

May implicitly reveal spiritual or religious affiliation based on ceremony types attended

Religious / philosophical beliefs — Art. 9(1)

Legal basis: Your explicit consent under Art. 9(2)(a) GDPR, provided during onboarding via a dedicated consent screen. You may withdraw this consent at any time from your profile settings or by emailing support@wanderer.live. Withdrawal does not affect the lawfulness of prior processing.

Special category data is never sold, shared with third parties for commercial purposes, or used for advertising profiling. It is processed exclusively to operate the core discovery and matching features of the platform.

1.2b Free-Text Profile Field — About You

The 'About You' field is a voluntary free-text field. We strongly advise users not to include sensitive personal data such as health conditions, mental health history, trauma, sexual orientation, or addiction history in this field. Any such data entered voluntarily by the user is processed under Art. 9(2)(a) GDPR on the basis of explicit consent given by the act of submission. Wanderer does not use this field for profiling or automated decision-making.

The content of the 'About You' field may be visible to other users on your public profile. Do not include information you would not wish to share publicly.

1.2c Social Contacts and Profile Visibility

All social contact fields are entirely optional. Any field you provide can be removed at any time from your account settings under Edit Profile. The visibility of each field differs based on your role on the platform:

Instagram handle (Hosts only): displayed on event listings to provide credibility and context to prospective attendees. As a Host, you may also view the Instagram handles of users who have registered for your events. Attendees cannot view other attendees' profiles or Instagram handles. Wanderer does not access your Instagram account, messages, followers, or any data beyond the handle you provide.

Website URL: displayed as a clickable link on your profile. Wanderer does not access or process any data from your external website.

WhatsApp number (Hosts only): not displayed publicly. Visible exclusively to the Host of an event to which you have registered, for the purpose of sharing event logistics (e.g. exact meeting point). It is not visible to other attendees, to non-registered users, or on public profiles. Wanderer does not send messages to your WhatsApp.

All optional fields — including Instagram, WhatsApp, and Website — can be deleted at any time from Edit Profile in your account settings. Deletion removes the data from public display immediately. Residual copies in backup systems are purged within 30 days.

1.3 Information Collected Automatically

When you use the platform, we automatically collect:

IP address and approximate location (city/country level)

Device type, browser, and operating system

Pages visited, searches performed, events viewed, and time spent

Category filters selected and search terms used

Referring URLs and session data

Log files and crash reports

1.4 Event Data (Hosts)

When you create an event as a Host, you provide additional data that is published publicly on the platform:

Event title, description, category, tags, requirements, and preparation instructions

Event date, time, and duration

Event location — The city is the only required location field and is displayed publicly on the map and event listing. Hosts may choose freely whether to publish the full venue address in the event listing, or to share it privately with confirmed Attendees only. Wanderer does not require or mandate a specific address disclosure model beyond the city level.

Pricing model (fixed price, free, or donation-based) and ticket price

Maximum number of attendees

Event language(s) — the language(s) in which the event is conducted. This is event metadata, not personal data about the Host.

Payments: Hosts may choose to collect payment via the Wanderer platform (Stripe, coming soon) or directly in cash or off-platform. When payments are managed outside Wanderer, we have no visibility into those transactions and cannot offer payment protection, dispute resolution, or refund management. The pricing model selected (fixed price, free, donation-based) and the chosen currency are stored on our platform as event metadata.

1.5 Location Data

Wanderer uses location data to show you events near you. We collect approximate location based on your IP address. If you grant permission on your device, we may access more precise GPS location. You can disable location access at any time in your device settings, though this may limit discovery features.

1.6 Language Data

We collect the languages you speak to match you with events hosted in your language and to personalise communications. This is standard personal data under Art. 4 GDPR, processed on the basis of contract performance.

1.7 Google Sign-In

If you register or log in using Google Sign-In, we receive basic profile information from Google: your name, email address, and profile photo. We use this information solely to create and manage your account. See Section 7 for more detail.

2. How Do We Process Your Information?

We process your personal data for the following purposes:

Account creation, authentication, and management

Displaying events and enabling discovery on the map

Processing bookings and payments (via Stripe)

Enabling communication between Hosts and Attendees

Sending transactional emails (booking confirmations, event updates)

Sending platform updates and, with your consent, promotional communications

Improving the platform through usage analytics

Preventing fraud, abuse, and security threats

Complying with legal obligations

We do not use your data to sell advertising. We monetize transactions, tools, and visibility — never your attention or personal data.

3. Legal Bases for Processing

As Wanderer operates internationally and serves users in the European Economic Area (EEA), we rely on the following legal bases under the General Data Protection Regulation (GDPR) and applicable Italian privacy law (D.Lgs. 196/2003, as amended):

Legal Basis

When We Apply It

Contract

Processing necessary to provide the platform services you have signed up for (account management, bookings, event listing).

Consent

Marketing emails, cookies beyond strictly necessary, precise GPS location. You may withdraw consent at any time.

Legitimate Interests

Platform security, fraud prevention, improving our services, analytics on aggregate usage.

Legal Obligation

Compliance with applicable Italian, EU, and international law, including tax obligations and law enforcement requests.

Explicit Consent (Art. 9)

Processing of special category data: spiritual interests and implicitly revealed religious/philosophical beliefs. Collected via a dedicated consent screen at onboarding. Revocable at any time.

Special category data (Art. 9 GDPR) requires a higher standard of protection. Wanderer obtains explicit, specific, and informed consent for this data separately from general platform consent. This consent is logged, timestamped, and stored in our database.

4. When and With Whom Do We Share Your Information?

We do not sell your personal data. We share information only in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who process data on our behalf under strict contractual obligations:

Supabase — database hosting and backend infrastructure (EU/US servers)

Stripe — payment processing (PCI-DSS compliant; Stripe's privacy policy applies to payment data)

Resend / email providers — transactional and notification emails

Analytics tools — aggregate, anonymised usage analytics

Other Users

When you create a Host profile or list an event, your name, profile photo, event descriptions, and public listing content are visible to all platform users. Booking details are shared with the relevant Host.

Business Transfers

In the event of a merger, acquisition, or sale of company assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.

Legal Requirements

We may disclose your data where required by law, court order, or competent authority, including Italian and EU regulatory bodies.

5. Third-Party Websites

Our platform may contain links to third-party websites or services (e.g., Host external websites, social media profiles). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before sharing any personal data with them.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve our platform. These include:

Type

Purpose

Can You Opt Out?

Strictly Necessary

Authentication, session management, security

No — required for the platform to function

Analytics

Understanding how users interact with the platform (aggregate, anonymised)

Yes — via cookie preferences

Preferences

Remembering your language, location, and settings

Yes — via browser settings

You can control cookies through your browser settings. Note that disabling cookies may affect platform functionality.

7. Google Sign-In and Social Logins

Wanderer uses Google Sign-In as an authentication option. When you use Google Sign-In, Google shares your name, email address, and profile photo with us. We use this information only to create and manage your Wanderer account.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We do not access your Google contacts, calendar, Drive, or any other Google service data.

8. International Data Transfers

Wanderer is operated from Italy (EU). Our primary data infrastructure is hosted by Supabase, which may store data in the EU and/or the United States. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) as approved by the European Commission.

By using our platform, you acknowledge that your data may be processed in countries outside your own, subject to the protections described in this policy.

9. How Long Do We Keep Your Information?

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law (including Italian tax and accounting obligations).

Active account data: retained for the duration of your account

Booking and transaction records: retained for 10 years (Italian fiscal law requirement)

Marketing preferences and consent logs: retained until you withdraw consent

Support communications: retained for 2 years

When data is no longer required, we securely delete or anonymise it.

10. How Do We Keep Your Information Safe?

We implement appropriate technical and organisational security measures to protect your personal data, including:

Encrypted data transmission (HTTPS/TLS)

Supabase Row Level Security (RLS) to isolate user data at the database level

Secure authentication via Google Sign-In (OAuth 2.0)

Payment data handled exclusively by Stripe (PCI-DSS Level 1 compliant)

Access controls limiting internal access to personal data on a need-to-know basis

No method of electronic transmission or storage is 100% secure. While we take data protection seriously, we cannot guarantee absolute security. We will notify you and relevant authorities of any data breach as required by applicable law.

11. Minors

Wanderer is intended for users aged 18 and over. We do not knowingly collect personal data from individuals under 18. If we become aware that we have collected data from a minor, we will promptly delete it. If you believe a minor has registered on our platform, please contact us at support@wanderer.live.

12. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

Right

What It Means

Access

Request a copy of the personal data we hold about you.

Rectification

Request correction of inaccurate or incomplete data.

Erasure

Request deletion of your personal data (subject to legal retention obligations).

Restriction

Request that we limit how we process your data in certain circumstances.

Data Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing based on legitimate interests, including direct marketing.

Withdraw Consent

Withdraw consent at any time where processing is based on consent, without affecting prior processing.

To exercise any of these rights, contact us at: support@wanderer.live

EEA and UK residents may also lodge a complaint with their national data protection authority. Italian users may contact the Garante per la Protezione dei Dati Personali at www.garanteprivacy.it.

13. Do-Not-Track Features

Some browsers offer a Do-Not-Track (DNT) signal. As no universal standard for DNT has been established, we do not currently respond to DNT signals. If a recognized standard is adopted, we will update this policy accordingly.

14. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. Material changes will be communicated via email or a prominent notice on the platform. The 'Last Updated' date at the top of this document reflects the most recent revision.

Your continued use of Wanderer after the effective date of any update constitutes acceptance of the revised policy.

15. How to Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data:

Contact

Details

Email

support@wanderer.live

Website

www.wanderer.live

Company

[Your Company Name] SRL Innovativa — Italy

Registered address

[Insert registered address]

We will respond to all legitimate requests within 30 days as required by GDPR.

By using Wanderer, you confirm that you have read and understood this Privacy Policy.

www.wanderer.live | support@wanderer.live | March 2026