Privacy Policy
Last updated: January 13, 2026
Introduction & Data Controller
Welcome to WannWo ("we," "our," or "us"). We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our route optimization platform.
This Privacy Policy applies to all information collected through our website and services (collectively, the "Service") and complies with the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (DSG).
Data Controller
[Company Name]
[Registered Address]
[City, Postal Code, Country]
Email: [contact@email.com]
Phone: [Phone Number]
Data We Collect
We collect the following categories of personal data:
Account Information
- Email address (required for registration)
- Display name (optional)
- Profile photo (if you sign in with Google)
- Account creation and last login timestamps
Route Data
- Addresses and location coordinates of your route stops
- Time windows and service durations for each stop
- Route optimization preferences (optimization mode, transport mode)
- Optimized route results and metrics
- Route creation and modification timestamps
User Preferences
- Home location (if saved)
- Default optimization settings
- Unit preferences (metric/imperial)
- Notification preferences
Technical Data
- Browser type and version
- Device type and operating system
- IP address (processed by Firebase, not stored by us)
- Authentication tokens and session data
Usage Data
- Routes created and optimized
- Service usage patterns
- Error logs and diagnostic information
How We Use Your Data
We use your personal data for the following purposes:
To Provide Our Service
- Creating and managing your account
- Processing route optimization requests
- Saving your routes and preferences
- Providing route navigation and export features
To Improve Our Service
- Analyzing usage patterns to enhance user experience
- Identifying and fixing technical issues
- Developing new features and improvements
To Communicate With You
- Sending service-related notifications
- Responding to your inquiries and support requests
- Notifying you of updates to our terms or policies
For Security and Legal Compliance
- Protecting against fraud and abuse
- Enforcing our Terms of Service
- Complying with legal obligations
Legal Basis for Processing
Under GDPR and Swiss DSG, we process your personal data based on the following legal grounds:
Consent (Article 6(1)(a) GDPR)
When you accept cookies, subscribe to marketing communications, or provide optional information, you give us your explicit consent to process that data.
Contract Performance (Article 6(1)(b) GDPR)
Processing your account and route data is necessary to provide the route optimization service you requested.
Legitimate Interests (Article 6(1)(f) GDPR)
We process certain data based on our legitimate interests in:
- Improving and developing our services
- Ensuring security and preventing fraud
- Analyzing usage to enhance user experience
Legal Obligation (Article 6(1)(c) GDPR)
In certain cases, we may need to process your data to comply with legal requirements.
Third-Party Services
We use the following third-party services that process your data on our behalf:
Google Firebase (EU Data Center)
Purpose: Authentication, database storage, and hosting
Data Processed: Account data, routes, preferences
Location: EU (europe-west6 - Zurich, Switzerland)
Privacy Policy: Firebase Privacy & Security
Google Maps Platform
Purpose: Geocoding, route calculation, and map display
Data Processed: Addresses, coordinates, route queries
Privacy Policy: Google Privacy Policy
Google Gemini AI
Purpose: AI-powered route parsing and itinerary generation
Data Processed: Text descriptions you provide for route planning
Location: EU region when available
Privacy Policy: Gemini API Terms
All third-party processors are contractually obligated to protect your data and use it only for the purposes we specify.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:
| Data Type | Retention Period |
|---|---|
| Account Information | Until account deletion |
| Route Data | Until manually deleted by user or 2 years of inactivity |
| User Preferences | Until account deletion |
| Authentication Logs | 90 days |
| Error Logs | 30 days |
When you delete your account, we will permanently delete all your personal data within 30 days, except where we are required to retain it for legal compliance.
Your Rights
Under GDPR and Swiss DSG, you have the following rights regarding your personal data:
Right to Access (Article 15 GDPR)
You can request a copy of all personal data we hold about you. Use the "Export My Data" feature in your profile settings.
Right to Rectification (Article 16 GDPR)
You can update incorrect or incomplete personal data at any time through your account settings.
Right to Erasure (Article 17 GDPR)
You can request deletion of your personal data by using the "Delete Account" feature in your profile settings.
Right to Data Portability (Article 20 GDPR)
You can export your data in a machine-readable format (JSON) using the data export feature.
Right to Object (Article 21 GDPR)
You can object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
You can withdraw your consent for cookie usage at any time through the cookie preferences manager.
Right to Lodge a Complaint
You have the right to lodge a complaint with your local data protection authority:
- Switzerland: Federal Data Protection and Information Commissioner (FDPIC) - www.edoeb.admin.ch
- EU: Your local supervisory authority
To exercise any of these rights, please contact us at [privacy@wannwo.com]. We will respond to your request within 30 days.
Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- End-to-end encryption for data transmission (HTTPS/TLS)
- Encrypted data storage in Firebase Firestore
- Regular security audits and vulnerability assessments
- Access controls and authentication requirements
- Secure server infrastructure in EU data centers
- Regular backups and disaster recovery procedures
While we strive to protect your personal data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but continually work to improve our security measures.
International Data Transfers
Your personal data is processed and stored exclusively within the European Economic Area (EEA) and Switzerland:
- Firebase hosting: europe-west6 (Zurich, Switzerland)
- Cloud Run backend: europe-west6 (Zurich, Switzerland)
- Firestore database: EU multi-region
We do not transfer your personal data outside the EEA/Switzerland. If this changes in the future, we will ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) and notify you accordingly.
Children's Privacy
Our Service is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us, and we will delete such information.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last updated" date at the top
- Sending you an email notification (for significant changes)
- Requesting renewed consent if required by law
Your continued use of the Service after any changes constitutes your acceptance of the new Privacy Policy.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: [privacy@wannwo.com]
Mail:
[Company Name]
[Street Address]
[City, Postal Code]
[Country]
We will respond to all requests within 30 days in accordance with GDPR and Swiss DSG requirements.