Simena Digital LLC · privacy@vacatio.ai
Last updated: March 20, 2026
Vacatio is a vacation planner app made by Simena Digital LLC ("we," "us," or "our"), a Wyoming limited liability company based in the United States. This policy explains what data we collect, why, and how we protect it.
When you use Vacatio, you may provide the following information:
When you access Vacatio, we automatically receive:
We do not use analytics SDKs, crash reporting services, advertising trackers, or the App Tracking Transparency framework. We do not track you across apps or websites.
Vacatio uses Anthropic's Claude Haiku in two ways. Both are cloud-based and require an internet connection.
AI travel assistant (Pro only): If you subscribe to Pro and use the AI chat, your messages — together with relevant trip context we send alongside (destinations, dates, today's date) — are sent to Anthropic for processing. Anthropic returns the assistant's reply to us and we stream it back to you. Conversation history is stored locally on your device (not on our servers), and individual messages are sent to Anthropic only while you are actively chatting. You can delete conversations at any time from the AI tab.
Booking email parsing (opt-in): If you enable the booking import feature, forwarded booking confirmation emails are processed by Claude Haiku to extract reservation details (dates, hotel names, confirmation numbers). You must explicitly opt in before this feature is activated — your unique import email address is only generated after you grant consent. The raw email content is not stored after parsing is complete.
In both cases, Anthropic does not use API data to train their models. See anthropic.com/privacy for details. Free users do not have access to the AI assistant, so no AI data is sent anywhere for free accounts.
We use your information to:
| Service | Purpose | Data shared |
|---|---|---|
| Apple | Authentication (Sign in with Apple) | Name, email |
| Anthropic (Claude Haiku 4.5) | Pro AI travel assistant + booking email parsing (opt-in). Not used for Free accounts. | Chat messages + trip context (while actively chatting); forwarded email text (temporary, deleted after parsing) |
| RevenueCat | Subscription management | Purchase history, anonymous user ID |
| Pexels | Destination photos | Search queries |
| Photon (Komoot) | Place search | Search queries |
| Viator | Experience recommendations (affiliate partner — we may earn commission on bookings) | Destination queries |
| MapTiler | Map tiles | Viewport coordinates |
| Expo Updates | Over-the-air app updates | Device platform, app version |
All third-party service providers listed above are contractually required to protect your data to a standard equivalent to or greater than described in this policy.
We do not sell your personal data. We do not share data with third parties for advertising.
Your data is stored on secure servers within the European Union. All database connections are encrypted, and communication between the app and our servers uses HTTPS (TLS 1.2+). Authentication uses timing-safe token comparison to prevent timing attacks.
On your device, Vacatio stores data using:
Your data is retained as long as your account is active. When you delete your account (available in Settings), all your data is permanently removed from our servers through a cascade delete. This includes your profile, all trips, expenses, packing lists, AI chat history, diary entries, and collaboration data.
Data held by third-party services (e.g. RevenueCat purchase records, Apple account data) is subject to those services' own retention policies.
When you share a trip with other Vacatio users, collaborators can see the trip details, destinations, itinerary, expenses, and packing lists associated with that trip. Your profile name and avatar are visible to trip collaborators. You can remove collaborators or leave a shared trip at any time.
Your data is primarily stored within the European Union. However, some third-party services operate in the United States, including Anthropic, RevenueCat, and Apple. When your data is transferred to these services, it is protected by Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR and UK GDPR.
If you are in the European Economic Area or the United Kingdom, we process your personal data under the following legal bases:
You may withdraw consent for consent-based processing at any time by disabling the relevant feature or contacting us at privacy@vacatio.ai.
If you are in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data:
To exercise any of these rights, email us at privacy@vacatio.ai. You can also delete your account directly in the app under Settings. We will respond to requests within 30 days.
Vacatio uses local notifications only (trip reminders, countdown alerts). No push notification tokens are sent to our servers. All notification scheduling happens on your device.
Vacatio requests camera and photo library access for profile photos, trip photos, and scanning travel documents or tickets. Photos you take or select are uploaded to your account and stored on our servers as part of your trip data. You can delete photos at any time.
With your permission, Vacatio can read and write calendar events to sync your vacation plans with your device calendar. Calendar data is only accessed locally and is not sent to our servers.
Vacatio is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@vacatio.ai and we will delete it promptly.
In addition to the GDPR and UK GDPR rights described above, the following rights may apply based on your location:
United States (California — CCPA/CPRA): California residents have the right to know what personal information we collect, request its deletion, and opt out of the sale of personal information. We do not sell your personal information. To exercise your rights, contact us at privacy@vacatio.ai.
Canada (PIPEDA): Canadian users have the right to access, correct, and request deletion of their personal data. We only collect personal information for purposes that a reasonable person would consider appropriate. Contact us at privacy@vacatio.ai to exercise your rights.
Australia (Privacy Act 1988): Australian users may access and correct their personal data under the Australian Privacy Principles. If you believe we have breached the APPs, you may lodge a complaint with us at privacy@vacatio.ai or with the Office of the Australian Information Commissioner (OAIC).
Japan (APPI): Japanese users have the right to request disclosure, correction, and deletion of their personal data. We handle personal information in accordance with the Act on the Protection of Personal Information. Contact us at privacy@vacatio.ai.
South Korea (PIPA): Korean users have the right to access, correct, delete, and suspend processing of their personal data under the Personal Information Protection Act. Contact us at privacy@vacatio.ai to exercise your rights.
For all jurisdictions: regardless of where you are located, you can delete your account and all associated data at any time from Settings within the app.
We may update this privacy policy from time to time. If we make material changes, we will notify you through the app or by email. The "Last updated" date at the top of this page indicates when the policy was last revised.
If you have questions, concerns, or requests regarding this privacy policy or your personal data, contact us at:
Simena Digital LLC
1021 E Lincolnway, Suite 9026
Cheyenne, WY 82001, United States
Email: privacy@vacatio.ai