Privacy Policy

Effective date: 15/05/2025

This Privacy Policy describes how Astrosphere Lda ('SuperGuide', 'we', 'us', or 'our') collects, uses, and shares your personal information when you use our website (beasuperguide.com) and the SuperGuide mobile applications (the 'Guide App' and the 'Guest app').

We process personal data in accordance with applicable laws, including the General Data Protection Regulation (“GDPR”).

1. Data Controller

The data controller responsible for your personal data is:

Astrosphere Lda

Av. Duque de Loulé 12, 1050-093 Lisboa, Portugal

Company number: 518171817

Contact: info@beasuperguide.com

2. Scope of This Privacy Policy

This Privacy Policy applies to:

Guests using the SuperGuide app
Guides using the SuperGuide app
Visitors browsing the website
Users interacting with our services

Important: Suppliers (experience providers) act as independent data controllers for any personal data processed in connection with the experience you book.

3. Categories of Personal Data We Collect

We collect the following categories of personal data:

3.1 Data You Provide

Name
Email address
Phone number
Payment details (processed via third-party providers)
Tax id number (guides only)
Iban (guides only)
Booking details (dates, participants, preferences)

3.2 Automatically Collected Data

When you use our platform, we may collect:

IP address
Device and browser information
Pages visited and interactions
Date and time of access

3.3 Data from Third Parties

We may receive data from:

Payment service providers
Authentication services (e.g. Google, Apple login)
Marketing and analytics partners

4. Purposes of Processing

4.1 Contract Performance

To facilitate bookings
To process payments
To provide customer support

4.2 Legitimate Interests

To improve our platform and services
To prevent fraud and abuse
To analyze user behavior and optimize recommendations
To enforce our Terms and protect our business

4.3 Legal Obligations

Compliance with tax, accounting, and regulatory requirements
Fraud prevention and anti-money laundering obligations

4.4 Consent

Marketing communications
Cookies and tracking technologies (where required)

5. Google User Data

5.1 Google sing-in
If you choose to sign in using Google, we collect your name, email address, and profile information from your Google account. This data is used solely to authenticate your account and provide our services.
We comply with the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising purposes and do not sell it to third parties.

5.2 Purpose of access
We will use this data exclusively to

Provide and improve the user-facing features of SuperGuide (e.g., allowing you to sign in seamlessly)
Authenticate your identity and secure your subscription access

5.3 Limited Use & Restrictions

To ensure your privacy, we strictly adhere to the following:

No Advertising: We do not use your Google user data to serve you advertisements.
No Selling: We do not sell your Google user data to third parties.
No Human Review: Our staff does not read your Google user data unless you provide explicit consent for troubleshooting or it is required for security/legal compliance.
No AI Training: We do not use your Google user data to train generalized AI or machine learning models.

6. Sharing of Personal Data

We may share your personal data with:

6.1 Experience providers (Suppliers)

To enable delivery of the experiences you chose to book
Suppliers act as independent data controllers

6.2 Service Providers

Payment processors
Hosting and cloud providers
Analytics providers
Customer support tools

6.3 Corporate Group

We may share data with Astrosphere Lda subsidiaries within the EU for operational purposes.

6.4 Authorities

Where required by law, we may disclose data to:

Courts
Regulatory authorities
Law enforcement

7. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure:

Adequacy decisions, or
Standard Contractual Clauses (SCCs), or
Other GDPR-compliant safeguards

8. Data Retention

We retain personal data only as long as necessary:

For contract performance
For legal obligations
For legitimate business purposes

Typically:

Booking data: up to 7 years (legal/tax compliance)
Account data: until account deletion
Marketing data: until consent is withdrawn

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

Operate the platform
Analyze usage
Personalize content
Deliver targeted advertising

You can manage your preferences via our cookie settings.

10. Your Rights Under GDPR

You have the following rights:

Access your personal data
Rectification of inaccurate data
Erasure (“right to be forgotten”)
Restriction of processing
Data portability
Objection to processing

You also have the right to lodge a complaint with a supervisory authority.

11. Marketing Communications

You may receive marketing communications if:

You have given consent, or
It is permitted under applicable law

You can opt out at any time.

12. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

Encryption
Access controls
Secure infrastructure

However, no system is completely secure.

13. Automated Decision-Making

We may use automated processes (e.g. recommendation algorithms), but no legally binding decisions are made solely by automated means

14. Third-Party Links and Services

Our platform may contain links to third-party services.

We are not responsible for their privacy practices.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

We will notify you where required by law.

16. Contact

If you have any questions, or want to exercise your right contact us at info@beasuperguide.com