This Privacy Policy explains how Clear Ascend OÜ ('Journi', 'we', 'us' or 'our') collects, processes, uses, shares and protects your personal data when you access our website, use our mobile applications or interact with our platform ('Services').
This policy is designed to fully comply with Regulation (EU) 2016/679 (General Data Protection Regulation), the ePrivacy Directive and other applicable European and national data protection laws.
The Data Controller responsible for the processing of your personal data is Clear Ascend OÜ registered in Estonia. To exercise your privacy rights or contact our Data Protection Officer (DPO) regarding any questions about how we handle your data, please use the contact form available in the Help & Support section of our platform.
We collect various types of personal data depending on how you interact with our platform:
First name, surname, email address, password and profile picture.
Information required to fulfil a booking, including billing and payment details.
Ratings and reviews.
Government-issued ID, business registration documents and tax identification numbers necessary for compliance with European tax directives (e.g., DAC7) and Anti-Money Laundering (AML) laws.
IP address, device type, operating system, browser type and language settings.
Pages visited, search queries, interaction with listings, booking history and timestamps.
Approximate location (based on IP) or precise GPS location (only if you have granted explicit consent through your device settings).
Data collected via cookies, pixels and similar technologies.
We process your personal data only when we have a valid legal basis:
To create and manage your account, process bookings, facilitate payments, transmit necessary details to the Host to execute the activity and provide customer support.
To comply with statutory accounting and tax regulations, respond to binding requests from law enforcement or tax authorities (including DAC7 reporting) and enforce fraud prevention/AML protocols.
To analyse platform usage and improve our Services, ensure network and information security, prevent fraudulent activities and conduct direct marketing for similar services (provided you have not opted out).
To send promotional newsletters, use non-essential tracking cookies for targeted advertising or process precise geolocation data. You may withdraw your consent at any time.
We do not sell your personal data. We only share it strictly on a need-to-know basis with:
We share your name and booking details (but not your payment information) with the specific Host providing your booked activity so they can deliver the service.
Trusted third parties that process data on our behalf under strict Data Processing Agreements (DPAs). This includes cloud hosting providers, payment gateways, customer support software and email delivery services.
Courts, law enforcement or tax authorities when legally compelled to do so.
While Journi is based in the EU, some of our service providers may be located outside the European Economic Area (EEA). Whenever we transfer your personal data outside the EEA, we ensure it receives an adequate level of protection by utilising mechanisms approved by the European Commission, such as Adequacy Decisions or Standard Contractual Clauses (SCCs), supplemented by additional security measures where necessary.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected.
We use strictly necessary cookies to operate the platform securely. With your consent, we also use analytical and marketing cookies to understand user behaviour and provide personalised advertisements.
We use basic profiling to personalise your search results and recommend activities based on your past bookings and interactions. We also use automated algorithms to detect anomalous behaviour and prevent fraudulent transactions. These automated processes do not produce legal or similarly significant effects on you without human intervention.
Under the GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, please submit a request via our contact form. We will respond to your request within 30 days.
If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority. You may contact the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or the data protection authority in your country of habitual residence within the EU.
We may update this Privacy Policy from time to time to reflect legal or operational changes. We will notify you of any material changes by posting the updated policy on our platform and, where appropriate, sending an email notification or platform alert.
