YouMap | Privacy policy

Privacy Policy

Last updated: March 13, 2026

Information on the Processing of Personal Data of Users from the European Union and the European Economic Area (EU/EEA)

This section applies exclusively to users who access the services offered by YouMap Inc. from within the territory of the European Union or the European Economic Area (EU/EEA).
To the extent that the processing of such users' personal data is subject to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR"), the provisions of this section shall prevail over the general content of the Privacy Policy. Any matters not regulated herein shall be governed by the general provisions.

1. Data Controller
The Data Controller of personal data is YouMap Inc., having its registered office in the United States at: 16192 Coastal Highway, Lewes, DE 19958, United States.
The Controller can be contacted via email at: contact@youmap.com.

2. Data Transfers Outside the EU/EEA
Personal data may be transferred to third countries, in particular to the United States of America, where the Data Controller is established and where technical infrastructure supporting the services is located.
Personal data may also be disclosed to third parties providing services to the Controller, such as IT, cloud, analytics, hosting, and communication service providers, including entities established outside the European Economic Area.
In each case, the transfer of personal data shall take place in compliance with the provisions of the GDPR, in particular based on Standard Contractual Clauses approved by the European Commission or other lawful instruments ensuring an adequate level of data protection.

3. Purposes and Legal Bases for Processing
Personal data of users may be processed for the following purposes and on the following legal grounds:
- to create and maintain a user account, enable the use of platform functionalities and provide digital services – based on Article 6(1)(b) GDPR (performance of a contract);
- to comply with legal obligations incumbent upon the Controller, in particular arising from tax, accounting, or consumer protection laws – based on Article 6(1)(c) GDPR (legal obligation);
- to communicate with the user, including handling inquiries submitted via the contact form or through other channels – based on Article 6(1)(f) GDPR (legitimate interests of the Controller);
- to ensure the security of services, prevent fraud and abuse, and detect technical irregularities – based on Article 6(1)(f) GDPR (legitimate interests of the Controller);
- for analytical and statistical purposes, aimed at improving the operation of the service and tailoring content and functionalities to users' preferences – based on Article 6(1)(f) GDPR (legitimate interests of the Controller);
- for marketing purposes, including the sending of commercial information by electronic means – based on Article 6(1)(a) GDPR (consent);
- to use users' location data within the available geolocation functions (e.g., adding points to the map, location recommendations, sharing location) – based on Article 6(1)(b) GDPR (performance of a contract), and where required, based on Article 6(1)(a) GDPR (consent);
- to verify that the user meets the minimum age requirement to use the service – based on Article 6(1)(f) GDPR (legitimate interests of the Controller);
- to conduct profiling activities, i.e. automated analysis of users' activity, preferences, or interests, for the purpose of providing personalized content, recommendations, and services – based on Article 6(1)(b) GDPR (processing necessary for the performance of a contract, insofar as it concerns optional service functionalities). Profiling constitutes an optional functionality which users may voluntarily enable or disable. Non-activation of this functionality does not affect access to or the performance of the core services.

4. Categories of Personal Data Processed
In connection with the above purposes, the Controller may process the following categories of personal data:
- identification data: first name, last name, username, date of birth or age, gender (optional);
- contact data: email address, phone number;
- location data: device geolocation, user-saved locations;
- data related to the use of the application: user activity, profile image, social interactions, content added, maps and places and any other materials voluntarily uploaded within the service;
- technical data: IP address, device data, operating system, browser type;
- data provided in correspondence or contact forms (e.g., message content, attachments);
- data obtained through cookies and similar technologies.

5. Data Recipients
Personal data may be disclosed to:
- authorized employees of the Controller,
- service providers acting on behalf of the Controller (e.g., hosting providers, cloud service providers, analytics tools, marketing service providers, CRM systems),
- public authorities or entities authorized by law – where legally justified.
In the case of data transfers outside the EEA, the Controller ensures an adequate level of protection based on mechanisms provided for under the GDPR.

Your Rights and Additional Information

6. Data Retention Period
Personal data will be processed:
- for the duration of the contract and until the expiration of any related claims,
- where processed based on consent – until the consent is withdrawn,
- where processed based on the Controller's legitimate interest – until a valid objection is lodged,
- where processing is required by law – for the period prescribed by applicable legislation,
- in the case of data related to cookies – for the period indicated in the cookie settings or until deleted.

7. Users' Rights
Users have the following rights in relation to their personal data:
- the right to access their personal data,
- the right to rectify inaccurate or incomplete data,
- the right to erase personal data ("right to be forgotten"),
- the right to restrict the processing of personal data,
- the right to data portability,
- the right to object to the processing of personal data based on the Controller's legitimate interest,
- the right to withdraw consent at any time – without affecting the lawfulness of processing carried out prior to withdrawal,
- the right to lodge a complaint with a supervisory authority (in Poland: the President of the Personal Data Protection Office – PUODO).

8. Profiling
Users' personal data may be used for profiling, i.e. automated analysis of their activity, preferences, or interests, for the purpose of providing personalized content, recommendations, and services – as part of the functionalities available within the service.
Activation of profiling is voluntary and may be managed by the user through their account settings. Non-activation of this functionality does not affect access to or the performance of the core services.
Profiling does not result in any decisions that produce legal effects concerning the user or similarly significantly affect them. Users may disable profiling at any time via their account settings or by contacting the Data Controller.

9. Disclosure of data within publicly available functionalities of the platform
Within the functionalities of the platform, users may voluntarily publish or share content such as information, descriptions, photos, comments, or other materials. Depending on the selected visibility settings, such content – and the personal data it may contain – may be visible to other users of the service.
The provision of such data is entirely voluntary and is not required to use the platform. However, choosing not to provide or publish certain data may limit the availability or functionality of specific features.
The Data Controller does not require users to disclose personal data in publicly accessible areas and does not control the scope of data voluntarily shared by users. Users are advised to carefully consider the information they choose to make publicly available and to manage their privacy settings accordingly.

10. EU Representative
In accordance with Article 27 of the GDPR, as the Controller is established outside the European Union, a representative in the European Union has been designated. The representative's contact details are as follows:

Youmap Polska Spółka z ograniczoną odpowiedzialnością
ul. Dajwór 8/11
31-052 Kraków
Poland
Tax Identification Number: 6762682774
contact@youmap.com