City Tour AI legal

Privacy policy

1. Controller The controller responsible for data processing is: Micha Helbig, sole proprietor Zuckerbergweg 50 38124 Braunschweig Germany

Email: [email protected]

Privacy requests, access, correction, deletion and objection: [email protected]

2. Data processed by City Tour AI City Tour AI processes data required to provide the app, sign-in, tour generation, purchases, credits, downloads, reviews, support, reports and public tours.

This may include in particular: - account and authentication data such as Firebase UID, anonymous user ID, linked sign-in providers, email address for email sign-in, ID tokens, FCM/push tokens and technical device or installation identifiers - profile data such as display name, username and bio - location data if you allow it, plus city, start point, route and search data used for search, nearby features, maps, routing or tour generation - tour data, selected interests, duration, language, tour type, tour content, private and public tours, downloads, reviews, reports, feedback and voluntary free text - purchase, credit, wallet, ledger, entitlement, RevenueCat and store billing data, including purchase history and refund or error status - app interactions and other actions such as tour generation, tour start, tour purchase, credit usage, download, publication, account deletion and diagnostic settings - technical logs, job status, error reports, Crashlytics crash reports, Firebase Analytics events and diagnostic data if these functions are enabled

3. Purposes and legal bases We process data to provide the app, manage user accounts, create and restore tours, handle credits and purchases, store content, provide support, review unlawful content, prevent misuse, secure the app and fix errors.

Where a function is required for contractual use of the app, processing is carried out to perform the contract. Optional functions such as location access, analytics and crash reports are based on your choice or consent in the app. Security, abuse prevention, legal and operational data may be based on legitimate interests or legal obligations.

4. External services and recipients City Tour AI uses external services where required for the app. These include in particular: - Firebase for authentication, anonymous accounts, Cloud Messaging, optional Analytics and optional Crashlytics reports - RevenueCat as well as Google Play Billing and App Store Billing for in-app purchases, entitlements, purchase status and webhooks - Hetzner for backend hosting and PostgreSQL database operation - Mapbox and other map or routing functions for map display, routes and navigation - Nominatim, OpenStreetMap-related services, Wikimedia, Wikidata and Wikimedia Commons for geocoding, POI, source and media data - Google Cloud Vertex AI, Gemini and Google Cloud Text-to-Speech for AI-assisted tour generation, text and optional premium audio features - technical infrastructure for operation, monitoring, security and error analysis

Data is not sold for advertising. Data is shared only where required for the functions above, legal obligations, security, support or billing.

5. Analytics, Crashlytics and diagnostics Firebase Analytics and Crashlytics are disabled by default in the app and can be enabled or disabled separately in the profile. If you enable them, redacted usage events, crash logs, diagnostic data, app performance data, device and installation identifiers may be sent to Firebase/Google.

According to the current technical setup, we do not intentionally send raw Firebase UIDs, ID tokens, FCM tokens, email addresses, precise coordinates, complete backend responses or complete free-text content to Analytics or Crashlytics.

Separately, the website citytourai.app uses privacy-friendly, cookie-free reach measurement. No personal data is stored permanently: for each page view we only derive an anonymous token that rotates every day (a hash of a daily secret, the IP address and the browser identifier) in order to count page views and approximate visitor numbers per language. The IP address and the browser identifier themselves are not stored, and these tokens cannot be linked across days or traced back to an individual. The legal basis is our legitimate interest in data-minimising reach measurement (Art. 6(1)(f) GDPR).

6. Location data Location data is used only if you use location features or grant permission. You can revoke location permission in the operating system. The app can also be used with manual city selection. Location, city and route data may be sent to the backend and external map, geocoding or routing services for nearby features, maps, routing, active tours, geocoding and tour generation.

7. Public tours and user-generated content If you publish tours, submit reviews, set profile data or report content, this content may be processed, moderated and shown to other users inside the app. Public tours may appear in the catalog and be unlocked by other users.

8. Purchases, credits and billing Credit packages and digital unlocks are processed through the respective app stores and RevenueCat. City Tour AI stores purchase status, entitlements, credit bookings, tour unlocks, refunds and technical billing events so that balances, purchased tours and restoration work correctly.

9. Security Data is encrypted in transit using HTTPS/TLS. Access to production systems is restricted. Tokens, passwords, payment data and sensitive technical data should not be written to production app logs. Full payment details such as credit card information are processed by the app stores and are not stored by City Tour AI.

10. Retention and deletion Account, profile, tour, wallet, credit and purchase data is generally stored as long as your account exists or as long as it is required for app functionality, billing, restoration, security, support or legal obligations. Private tours, personal profile data and app-specific account data are deleted or anonymized when the account is deleted unless legal retention reasons apply.

Billing, tax, fraud prevention, legal, support, consent and security data may be retained for longer where required to comply with legal obligations, enforce claims, prevent fraud or document events. Public tours already purchased by other users may remain available to those buyers; the creator reference is removed or anonymized.

11. Account and data deletion You can delete your account in the app: open Profile, open account settings, choose Delete account and confirm. If you cannot access the app, you can request deletion by email to [email protected]. The public deletion page is available at https://citytourai.app/delete-account.

12. Your rights You may request access, correction, deletion, restriction, objection and data portability where the legal requirements are met. You can disable consent for optional diagnostic data in the app. For privacy requests, contact [email protected].