Skip to main content
SafeTripVax

This site is currently implementing core features and is not ready for patient use yet.

Your privacy

How We Protect Your Data

Last updated: 2/7/2026

Privacy is built into our design — from what we collect, to how we limit access and explain our decisions.

Read the privacy policyHave questions? Contact us

Our privacy principles

We want you to understand what data is needed — and why.

Data minimization

We only collect what is needed to operate features, compare information, and handle inquiries.

Secure processing

We apply standard security measures and best practices to limit the risk of unauthorized access.

Access control

Data access is restricted by roles and the principle of least privilege.

Transparency and choice

We explain what we do with data — and how you can manage your settings.

Your rights

Under the GDPR (Articles 15–22), you have a number of rights regarding your personal data.

Right of access

You can obtain confirmation of whether we process your data and receive a copy.

Right to rectification

You can request correction of inaccurate or completion of incomplete data.

Right to erasure

You can request deletion of data when it is no longer necessary for processing purposes.

Right to restriction of processing

You can request restriction of processing in certain situations.

Right to data portability

You can receive your data in a structured format and transfer it to another controller.

Right to object

You can object to processing based on legitimate interest.

Right regarding automated decisions

You have the right not to be subject to decisions based solely on automated processing.

Learn more about exercising your rights

Special category data

Information about vaccinations and traveler health status constitutes health data under Article 9 GDPR.

Health data

We process health data solely on the basis of your explicit consent (Art. 9(2)(a) GDPR) or when necessary for reasons of public interest in the area of public health. We apply additional technical and organizational safeguards.

Details about automated processing

Automated processing

We use algorithms to assess travel health risks and generate vaccination recommendations. We do not make decisions producing legal effects based solely on automated processing. You can always request human review.

More about automated processing

Data processors

We work with trusted service providers who process data on our behalf under data processing agreements (Art. 28 GDPR).

Supabase Inc.

Database and authentication

Stripe Inc.

Payment processing

Google LLC

Maps and geolocation

Anthropic PBC

Automated translations

Vercel Inc.

Hosting and content delivery

Full list of recipients and retention periods

Data Protection Officer (DPO)

For matters related to personal data protection, you can contact our Data Protection Officer:

Email the DPO: dpo@safetripvax.com

EPKO SP. Z O.O., ul. Podleśna 2, 05-270 Marki, Poland

Supervisory authority (PUODO)

If you believe that the processing of your data violates the GDPR, you have the right to lodge a complaint with the supervisory authority (Art. 77 GDPR):

President of the Personal Data Protection Office

ul. Stawki 2, 00-193 Warsaw

Phone: +48 22 531 03 00Website: www.uodo.gov.plEmail: kancelaria@uodo.gov.pl

What next?

If you want to learn the details of legal bases, retention periods, and your rights — see the full policy.

View privacy policy