Privacy Policy

1. Introduction & Data Controller

Placewave ("we", "our", "us") is an AI-powered travel assistant operated by Boris Tomilin, an individual entrepreneur based in Georgia. This Privacy Policy explains how we collect, use, store and protect your personal data when you use:

• Our Telegram bot @WorldAudioGuideBot
• Our website and web application at placewave.pro
• Any white-label bots powered by Placewave

This policy complies with the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). If you reside in the EU/EEA or California, additional rights apply — see Sections 9 and 10.

Data Controller: Boris Tomilin · placewave.info@gmail.com · @placewave_support_bot

2. Data We Collect

We collect only the data necessary to provide the service. The table below specifies each category, source, storage location and retention period:

Data Category	Source	Storage	Retention
Telegram user ID	Telegram API (automatic)	PostgreSQL	While account is active
First name	Telegram API (automatic)	PostgreSQL	While account is active
Telegram username	Telegram API (if public)	PostgreSQL	While account is active
Language preference	Telegram API / user choice	PostgreSQL	While account is active
Last known location	User voluntarily shares GPS	PostgreSQL (PostGIS)	While account is active
Chat messages & queries	User input in bot	Redis (in-memory)	1 hour (session TTL)
Consent timestamp	User accepts Terms	PostgreSQL	While account is active
Usage events (analytics)	Automated (button taps, category views)	PostgreSQL	30 days, then anonymised
Monthly aggregates	Automated from usage events	PostgreSQL	Indefinitely (fully anonymised)

We do not collect payment card numbers, government IDs, biometric data or sensitive personal information as defined under GDPR Art. 9.

3. Legal Basis for Processing (GDPR)

For users in the EU/EEA, we process personal data under the following legal bases pursuant to GDPR Article 6:

• Consent (Art. 6(1)(a)) — Location data (you voluntarily share GPS); acceptance of Terms. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Legitimate Interest (Art. 6(1)(f)) — Delivering bot responses, security, fraud prevention, service improvement via anonymised analytics. We have balanced our interests against your rights and concluded they do not override your fundamental freedoms.
• Performance of a contract / pre-contractual steps (Art. 6(1)(b)) — Storing your Telegram ID and language preference to operate the service you requested.

4. How We Use Your Data

• To deliver personalised restaurant, attraction and route recommendations based on your location and preferences.
• To process your queries through our AI engine (Groq LLaMA 3.3 70B) and return responses in your preferred language.
• To remember your language and city preference within a session and across sessions.
• To send service-related messages within Telegram (no marketing without explicit opt-in).
• To detect and prevent abuse, spam and security threats (rate limiting).
• To provide B2B partner dashboards with aggregated, anonymised analytics only — partners never receive individual user data.
• To comply with legal obligations.

4a. AI Processing & Automated Decision-Making

Placewave uses large language models (LLMs) and other AI systems to generate personalised travel recommendations and to answer your free-form questions. The following providers act as our processors for AI inference:

• Groq, Inc. (United States) — LLaMA 3.3 70B for primary chat responses.
• OpenAI, L.L.C. (United States) — GPT-class models used as a fallback or for specific agent tasks where the primary model is unavailable.
• Google LLC (Gemini 2.0 Flash) — used as a secondary fallback when other providers are rate-limited.

The data sent to these providers is limited to the text of your query and minimal context (your selected language and city). We do not transmit your Telegram ID, name, contact details, payment data or persistent identifiers to the AI providers as part of the inference request.

Scope of automated processing. Our AI generates recommendations, narrative descriptions and chat responses. These outputs may be personalised based on your stated preferences and shared location, which can be considered profiling within the meaning of GDPR Art. 4(4). However:

• The AI's outputs are informational only (restaurant suggestions, points of interest, audio guide narration).
• We do not make decisions producing legal effects or similarly significant effects concerning you (no credit scoring, no employment decisions, no access denials, no automated pricing for individual users) within the meaning of GDPR Art. 22(1).
• You have the right under GDPR Art. 21 to object at any time to processing based on legitimate interests, including profiling. To exercise this right, contact us using the channels in Section 14. We will stop the profiling activity unless we demonstrate compelling legitimate grounds that override your interests.
• You may always disable location sharing in Telegram, switch the bot's language, or stop using AI features by simply not engaging with chat — the bot will still serve static recommendations.

AI accuracy. LLM outputs may occasionally contain factual errors or outdated information. Always verify operating hours, prices and safety information from official sources before acting on a recommendation.

5. Data Sharing & Third-Party Processors

We do not sell, rent or trade your personal data. We share data only with the processors listed below, each bound by appropriate data processing agreements:

Processor	Purpose	Data Shared	Privacy Policy
Telegram Messenger Inc.	Message delivery platform	Messages, user profile	telegram.org/privacy
Groq, Inc. (USA)	AI inference — LLaMA 3.3 70B	Text of user queries (no PII beyond query content)	groq.com/privacy-policy
Google LLC	Places data (restaurants, attractions)	Location coordinates for place search	policies.google.com/privacy
Amazon Web Services (AWS)	Audio guide storage (S3, eu-central-1)	No personal data — audio files only	aws.amazon.com/privacy
Google Analytics 4 (Google LLC)	Website analytics (loaded only after cookie consent)	Anonymised usage data (pages viewed, click events)	policies.google.com/privacy
GetYourGuide	Affiliate tour booking links	No data — links only (click tracked by GYG)	getyourguide.com/privacy
Tripster	Affiliate tour links (ru users)	No data — links only	tripster.ru/privacy

B2B tenants (hotels, tour companies using our white-label solution) receive only aggregated, anonymised analytics about their users. They do not receive individual user profiles, Telegram IDs or messages.

6. Data Retention

• User profile data (Telegram ID, name, language, last location) — retained while your account is active. Deleted within 30 days of a verified erasure request.
• Chat history — stored in Redis with a 1-hour TTL. Automatically deleted after session ends.
• Usage events — retained for 30 days, then permanently deleted. Monthly aggregates (fully anonymised) are retained indefinitely for business reporting.
• Consent records (terms_accepted_at) — retained as long as the account exists, as required by GDPR accountability obligations.

7. International Data Transfers

Placewave is operated from Georgia (not an EU member state). Some of our processors are located outside the EU/EEA. The table below summarises the destination, the legal mechanism we rely on, and (where applicable) the supplementary measures we apply following the Court of Justice of the EU's judgment in Schrems II (C-311/18):

Processor	Destination	Transfer Mechanism (GDPR Art. 46)
Groq, Inc.	United States	Standard Contractual Clauses (SCCs, Art. 46(2)(c)) referenced in Groq's Data Processing Addendum. EU–US Data Privacy Framework where Groq is self-certified.
OpenAI, L.L.C.	United States	SCCs (Art. 46(2)(c)) and EU–US Data Privacy Framework (OpenAI is self-certified).
Google LLC (Gemini, GA4, Maps)	United States / EU (Maps via local APIs)	SCCs and EU–US Data Privacy Framework (Google LLC is self-certified).
Telegram	Globally distributed	Governed by Telegram's own privacy policy and DPA. Limited to the data the platform itself controls.
AWS S3 (eu-central-1)	EU (Frankfurt)	No transfer outside the EEA for the data we store with this service.

7.1 Transfer Impact Assessment & Supplementary Measures (Schrems II)

For transfers to the United States, we have conducted a Transfer Impact Assessment in line with the European Data Protection Board's Recommendations 01/2020 on supplementary measures. We concluded that, given (a) the limited and non-identifying nature of the data we transmit to AI providers, and (b) the contractual and technical safeguards listed below, the SCCs combined with these supplementary measures provide an essentially equivalent level of protection to that guaranteed within the EU.

Technical measures:

• All data in transit to U.S. processors is encrypted via TLS 1.2 or higher.
• We apply data minimisation at the application layer: AI inference requests carry only the text of your query, your selected interface language and your selected city. We do not send your Telegram user ID, name, username, contact details or persistent unique identifiers.
• We do not request that AI providers retain prompts or outputs for training (where the provider exposes such a setting).
• Audio and other media generated on your behalf are stored on AWS S3 in eu-central-1 (Frankfurt), not transferred to U.S. storage.

Contractual measures:

• Standard Contractual Clauses incorporated by reference in each provider's Data Processing Addendum.
• Where the provider is certified under the EU–US Data Privacy Framework, we additionally rely on Commission Implementing Decision (EU) 2023/1795 as an adequacy basis.
• Sub-processor change notifications with the right to object, as set out in our DPA with B2B partners.

Organisational measures:

• Access to production credentials is restricted to the data controller; secrets are stored outside the source repository and masked in logs.
• We document the categories of data sent to each provider and review the mapping when a new processor is introduced.
• We will challenge any binding government access request through available legal remedies, and notify affected users where lawfully permitted.

You may request a copy of the SCCs, the applicable Data Processing Addendum or our Transfer Impact Assessment summary by contacting us using the details in Section 14.

By using Placewave you acknowledge these transfers. If you do not wish your data to be processed under these conditions, you may stop using the service and request erasure under GDPR Art. 17.

8. Data Security

• All data in transit is encrypted via HTTPS/TLS 1.2+.
• Database access is restricted to internal network; credentials are never logged.
• Sensitive configuration values (API keys, passwords) are masked in all application logs.
• Rate limiting is applied to prevent abuse and protect user accounts.
• Redis session data is stored in-memory only with short TTLs — not persisted to disk.

No method of electronic transmission is 100% secure. We cannot guarantee absolute security but implement industry-standard measures proportionate to the risk.

9. Your Rights — EU/EEA Residents (GDPR)

If you are located in the EU or EEA, you have the following rights under the GDPR:

To exercise any of these rights, contact us at placewave.info@gmail.com. We will respond within 30 days. We may need to verify your identity before processing your request.

10. Your Rights — California Residents (CCPA / CPRA)

This Section applies if you are a California resident. It supplements the rest of this Privacy Policy and explains how the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (collectively, the "CCPA"), affects our processing of your personal information.

10.1 Categories of Personal Information We Collect

In the preceding 12 months, we have collected the following categories of personal information from California consumers:

CCPA Category (Cal. Civ. Code § 1798.140(v))	Examples in our service	Collected?
A. Identifiers	Telegram user ID, Telegram username, first name	Yes
B. Personal info under Cal. Civ. Code § 1798.80(e)	Name (overlap with category A)	Yes — name only
C. Protected classification characteristics	Race, religion, gender, age, etc.	No
D. Commercial information	B2B partner subscription tier and billing status (partners only, not end users)	Yes — partners only
E. Biometric information	Fingerprints, voiceprints, etc.	No
F. Internet or other electronic network activity	Button taps, category views, queries you type into the bot	Yes
G. Geolocation data	Last shared GPS coordinates (only when you voluntarily share location)	Yes — with consent
H. Sensory information (audio, video, etc.)	Voice or video recordings	No
I. Professional or employment-related information	Job title, employer	No
J. Education information	Records covered by FERPA	No
K. Inferences drawn from the above	Inferred travel preferences (e.g., interest in food vs. museums) used to personalise recommendations	Yes
L. Sensitive personal information (Cal. Civ. Code § 1798.140(ae))	Precise geolocation is the only sensitive category we touch; we do not collect SSN, government ID, financial account credentials, racial/ethnic origin, religion, union membership, mail/email/text contents, genetic, biometric or health data.	Geolocation only, with consent

10.2 Sources of Personal Information

• Directly from you — messages and locations you send in the Telegram bot, settings you choose.
• From Telegram automatically — your Telegram ID, first name, username and interface language as part of every message.
• From your device automatically — usage events (button taps, page views) when you interact with the bot or website.

10.3 Business or Commercial Purposes

• Providing, maintaining and improving the Placewave service.
• Personalising recommendations and AI responses.
• Detecting security incidents, preventing fraud and abuse.
• Producing aggregated, anonymised analytics for B2B partners.
• Complying with legal obligations.

10.4 Categories of Third Parties We Disclose To

We disclose personal information to the categories of recipients listed in Section 5 (Telegram, Groq, OpenAI, Google, AWS, affiliate booking partners) strictly for the purposes described in that Section. We do not authorise these recipients to use the information for their own marketing purposes.

10.5 No "Sale" and No "Sharing" of Personal Information

We do not sell your personal information for money or other valuable consideration. We also do not "share" personal information for cross-context behavioral advertising as those terms are defined in the CCPA. We have not done so in the preceding 12 months and have no plans to do so. Because we neither sell nor share, no "Do Not Sell or Share My Personal Information" opt-out is required; you exercise that protection by default.

We also do not use or disclose sensitive personal information (precise geolocation) for any purpose other than those permitted by Cal. Civ. Code § 1798.121(a) and explained in this policy. You therefore do not need a separate "Limit the Use of My Sensitive Personal Information" request, but you may still ask us to stop using your geolocation by withdrawing consent in the bot or by contacting us.

10.6 Your CCPA Rights

10.7 How to Exercise Your CCPA Rights

Submit a request at placewave.info@gmail.com or via @placewave_support_bot. To protect your privacy we will need to verify your identity, typically by confirming the Telegram ID from which you contacted the bot and one additional data point that only the account holder would know. We will respond within 45 days; we may extend this period by an additional 45 days where reasonably necessary and will notify you of any extension.

Authorised agents. You may designate an authorised agent to submit a request on your behalf. The agent must provide written, signed permission from you, and we may still require you to verify your own identity directly or to confirm that you provided the agent with authority.

Minors. We do not knowingly sell or share the personal information of consumers under 16 years of age and require opt-in consent that is not relevant to our service because we do not engage in those activities.

If you believe we have not adequately responded to your request, you may contact the California Attorney General.

11. Session Storage & Cookies

The Placewave Telegram bot does not use browser cookies. Session state is stored server-side in Redis with a 1-hour TTL and is automatically purged.

Our website (placewave.pro) uses only technically necessary cookies required to serve the web application (e.g., authentication session tokens for the partner dashboard). We do not use advertising or tracking cookies. If you use the partner dashboard, a session cookie is set for the duration of your login session and deleted on logout.

12. Children's Privacy

Placewave is not directed at children under the age of 13 (or 16 in certain EU member states). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. Where required by law, we will also notify users directly via the Telegram bot. Continued use of the service after the effective date constitutes acceptance of the updated policy.

14. Contact & Data Controller

For any privacy-related questions, requests or complaints:

• Email: placewave.info@gmail.com
• Telegram: @placewave_support_bot
• Data Controller: Boris Tomilin, Georgia

EU/EEA residents who are not satisfied with our response have the right to lodge a complaint with their national data protection authority.