Privacy Policy
Last updated: 22 June 2026 · Template — review with a lawyer before public launch.
What we collect
Account email; profile details you provide (name, contact email/phone, organisation info); items you post (title, description, category, photo, the location and date you set); claims and messages; and payment records (handled by Stripe — we never store card details).
Why & legal basis
To operate the Service (contract): show items on the map, run search, enable claims and contact reveal, send transactional emails, and prevent abuse (legitimate interest). Photos are stripped of EXIF/GPS metadata on upload.
Sharing & processors
A finder’s contact details are shared with a claimant only after the finder approves the claim or the claimant pays to unlock. We use these processors: Supabase (database/auth, EU), Stripe (payments), OpenStreetMap, Esri & OpenTopoMap (map tiles), Komoot Photon (place search), Resend (email), Vercel (hosting). We do not sell your data.
Retention
Active items expire after a retention period. We keep records as needed for the Service and legal obligations. When you delete your account we anonymise your personal data (removing name, contact, photos and precise details) while retaining minimal non-identifying records for integrity.
Your rights (GDPR)
You can access and correct your data in your account, and delete your account (which anonymises your personal data) from the account page. For other requests (e.g. data export) contact r.koemar@gmail.com. You may also lodge a complaint with the Dutch DPA (Autoriteit Persoonsgegevens).
See also our Terms of Service.