Last updated: March 2026
NomadSE ('we', 'us', 'our') operates the nomados-web.vercel.app platform and the @Bot_NomadBot Telegram bot. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable privacy laws. For privacy inquiries, contact: privacy@nomadse.com
We collect: (a) Account data: first name, last name, nickname, email address, nationality, phone number (optional), birth year; (b) Usage data: quiz answers, city preferences, departure dates, task completions; (c) Payment data: processed securely by Stripe — we do not store card details; (d) Telegram data: chat ID for bot integration (only if you connect your account); (e) Technical data: IP address, browser type, and usage analytics for service improvement.
We use your data to: provide and personalize the NomadSE service; generate AI-powered city recommendations and travel plans; send Telegram notifications and reminders you have opted into; process payments and manage subscriptions; improve our AI models and service quality; comply with legal obligations. We do not sell your personal data to third parties.
We process your data on the following legal bases: (a) Contract performance: to provide the service you signed up for; (b) Legitimate interests: to improve the service and prevent fraud; (c) Consent: for optional communications and Telegram notifications; (d) Legal obligation: where required by applicable law.
We share your data only with: (a) Stripe — for payment processing; (b) Supabase — for secure database hosting (EU region); (c) Anthropic — AI processing for chat and plan generation (no personal data is stored by Anthropic beyond the conversation context); (d) Telegram — for bot notifications (only your chat ID); (e) Vercel — for hosting. All processors are bound by data processing agreements.
We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days. Anonymized analytics data may be retained for up to 2 years for service improvement purposes.
Under GDPR, you have the right to: access your personal data; correct inaccurate data; request deletion ('right to be forgotten'); restrict or object to processing; data portability; withdraw consent at any time. To exercise these rights, contact privacy@nomadse.com. You also have the right to lodge a complaint with your national data protection authority.
NomadSE uses essential cookies for authentication and session management. We do not use advertising or tracking cookies. By using the Service, you consent to the use of essential cookies.
We implement industry-standard security measures including TLS encryption, secure authentication via Supabase, and regular security reviews. However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.
Your data may be processed in countries outside the EU/EEA. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.
NomadSE is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will delete it immediately.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email. Continued use of the Service after changes constitutes acceptance of the updated Policy.
For privacy-related inquiries: privacy@nomadse.com For general support: support@nomadse.com