Privacy Policy

1. Data Controller

Vosvil Lifestyle SL (provisional corporate name until formal registration). Activity location: Dénia, Alicante (Spain). Privacy contact email: contact@vosvil.com.

2. Data We Collect

• Identification & contact data: name, email, phone number.
• Service preference and experience details (dates, number of guests, interests).
• Declared gastronomy or dietary notes to tailor menus (please avoid entering highly sensitive data).
• Chat history in the internal chatbot and DeepSeek AI chatbot while the conversation is active.
• Minimal technical data: shortened IP, session identifiers, device/browser type, preferred language.
• Usage-derived information: aggregated analytics metrics and technical cookies.
• Operational backend records: request status, internal notes, commercial follow-up tracking.

3. Purposes of Processing

• Managing requests and forms submitted by prospective clients (preparing proposals and answering questions).
• Configuring requested services (private chef, villa, nautical, transfers, concierge, packs).
• Sending transactional emails for confirmation and service coordination.
• Internal team communications (contact@vosvil.com) for commercial follow-up and support.
• Providing automated answers and contextual assistance through the chatbot and DeepSeek AI engine.
• Improving quality, security and user experience by analyzing aggregated usage and the short-lived chat history.
• Fulfilling legal obligations, preventing abusive use and ensuring platform security.

4. Legal Bases

• Consent: when sending forms, starting a chat or accepting non-essential cookies.
• Pre-contractual / service performance: preparing proposals and organizing requested experiences.
• Legitimate interest: security, fraud prevention, process improvement and efficient support (minimal impact, internal assessments).
• Legal obligation: tax/accounting duties and responding to authority requests.
• Additional explicit consent if future commercial messaging is introduced (no mass newsletters sent currently).

5. Data Disclosure

We do not sell your data. We share only strictly necessary information with operational service providers (e.g. chefs, transport, accommodation) after confirming a booking and under confidentiality or contractual instructions. Limited to what is needed for execution.

6. Data Processors

• Infrastructure & secure hosting provider (servers where Spring Boot backend and PostgreSQL database run).
• Analytics services operating with aggregated data and technical/third-party cookies (after consent where applicable).
• DeepSeek: AI engine processing your message text to generate automatic replies (see specific section).
• Transactional email systems used for confirmations and coordination.

7. DeepSeek Chatbot Usage

Conversations you hold with the AI chatbot are temporarily sent to DeepSeek servers solely to generate the requested response. DeepSeek acts as a processor under GDPR and follows our instructions to process only the submitted text and return a reply. Chat history is stored in our database while the session is active and for a short subsequent period for support, service quality and security (detect misuse or disallowed content). No automated profiling producing legal or similarly significant effects is performed. You may request deletion of chat history at any time by emailing contact@vosvil.com. Please do not enter highly sensitive data (health, ideology, sexual orientation, etc.).

8. International Transfers

Limited international transfers may occur when DeepSeek processing or certain infrastructure services involve servers outside the EEA. In such cases we apply appropriate safeguards: EU Standard Contractual Clauses, impact assessments and complementary technical measures (in-transit encryption, restricted access).

9. Retention Periods

• Forms & proposals: while the request is evaluated and up to 24 months for legitimate commercial follow-up if no contract is formed.
• Contractual/service data: during the relationship and legal retention periods (tax/accounting).
• Chat history: active during the session then a maximum of 30 days for support and quality, after which it is anonymized or deleted.
• Technical data & security logs: short periods (30–180 days) unless required longer due to incidents.
• Cookies: according to their nature (see cookies section).

10. User Rights

• Access: know what data we process.
• Rectification: correct inaccurate data.
• Erasure: request deletion where appropriate.
• Restriction: request temporary limitation under certain circumstances.
• Objection: object to processing based on legitimate interest.
• Portability: receive your data in a structured format to transfer to another provider.
• Withdraw consent: without affecting prior lawful processing.
• Complain to the AEPD: if you consider we have not properly addressed your rights (www.aepd.es).

To exercise rights email contact@vosvil.com clearly indicating the right you wish to exercise and, where needed, documentation proving identity.

11. Data Security

We implement proportional technical & organisational measures: role-based access control, TLS encryption, environment segmentation, activity logging, periodic permission reviews and data minimisation principles. Internal assessments and continuous improvement are performed.

12. Minors

Our services target adults. If we detect data from minors without verifiable authorisation we will promptly delete it. If you are a parent/guardian and believe data has been processed without consent, please contact us.

13. Cookies & Similar Technologies

We use essential technical cookies for operation (session management, language preferences). After your consent we may enable analytics cookies to measure aggregated usage and improve experience, and third-party cookies linked to integrations (e.g. maps, players). You can configure or revoke consent in the cookie panel when available.

14. Policy Changes

We will update this policy when improvements or regulatory changes occur. We will show last revision date and, if the change is material, inform you through reasonable channels (e.g. prominent notice).

15. Privacy Contact

For any privacy or data protection query email contact@vosvil.com. We will handle your request with diligence and confidentiality.