Privacy Policy

Last updated: February 4, 2026

1. Data Controller, Scope, and Contact

This policy explains how personal data is processed when you use the iteroo website (www.iteroo.app) and/or the iteroo web app (planner.iteroo.app). The data controller is Alessandro Marcosano. Contact: contact@iteroo.app.

2. Categories of Data

We process personal and technical data as needed to provide the service, keep it secure, and manage our relationship with you:

  • Technical and security data: access logs and anti-abuse measures (which may include IP address and user agent), device/browser information, and data needed to prevent abuse and handle incidents.
  • Account data and content (app): email, name and profile image (if provided by Google), technical identifiers for authentication/session, and content you create in the app (e.g., itineraries, custom stops, names/descriptions you write). Note: if you include personal data in descriptions, that data may be stored as part of your content.
  • Email for service communications: by signing up for the app your email may be added to a list managed via a third-party email delivery provider for service communications and product updates (not marketing). The email provider may process technical metadata and standard email analytics (e.g., delivery, opens/clicks). You can unsubscribe via the link at the bottom of emails; in that case you may miss non-essential communications.

3. Purposes, Legal Bases, Retention, and Recipients

We process data to: (a) create/manage your account, provide app features, and store your content (performance of the service); (b) ensure security, prevent abuse, handle incidents, and defend against claims (legitimate interests); (c) send service communications and product updates (service necessity and/or legitimate interests, depending on content). Retention: account data and content are kept while your account is active or until you request deletion; technical logs are kept for limited periods as needed for security and diagnostics. Recipients/providers (processors):

  • Hosting and CDN: the website and app are delivered through hosting and content delivery (CDN) providers.
  • Authentication and database: we use an authentication provider and a backend/database service to manage login, sessions, and app data (including itineraries/stops).
  • Email and external links: we use a third-party email delivery provider; the app may include links to third-party services (e.g., affiliate partners) with their own policies. Some providers may process data outside the EEA/UK; where required, transfers rely on appropriate safeguards (e.g., Standard Contractual Clauses).

4. Cookie Policy

We do not use marketing cookies or advertising tracking on the website. The app uses only technical mechanisms required to operate (e.g., authentication and security).

  • No profiling: We do not profile users on the website.
  • No ad pixels: We do not use tools like Meta Pixel, Hotjar, or similar.
  • Technical use: the app may use browser storage and/or technical cookies to maintain sessions and protect access. During Google sign-in, cookies may be set on Google domains (e.g., accounts.google.com / .google.com), subject to Google's policies.

Note: By clicking on external links (e.g., to social networks or affiliate partners), you may be redirected to sites that use their own cookies, over which we have no control.

5. Your Rights

You have the right to access your data, request rectification/deletion, object to or restrict processing, and request information. You may also lodge a complaint with your data protection authority. You can also:

  • Unsubscribe from emails: Using the unsubscribe link at the bottom of each email.
  • Request information: Contact us to learn what data we have and how it is processed.

6. Contact

For any privacy request related to iteroo, contact (the updated list of processors/providers is available upon request):

contact@iteroo.app