GDPR & Data Protection

TravelGuard SARL is the data controller for personal information processed through lemonrate.app and the TravelGuard platform.

Contact: privacy@lemonrate.app

A dedicated Data Protection Officer contact will be published here once appointed.

The categories of personal data we process depend on how you interact with us:

• Waitlist (lemonrate.app today): email address
• Platform users (when launched): identity and contact details, travel and claim-related data, communications, and technical security logs
• Organization administrators: business contact details and account configuration data

Under the GDPR, we rely on one or more of the following lawful bases:

• Consent — for example, when you submit your email to the launch waitlist
• Contract — when processing is necessary to provide the TravelGuard service you or your organization has requested
• Legitimate interests — for example, securing our systems and preventing fraud, balanced against your rights
• Legal obligation — when we must comply with applicable laws and regulations

If you are in the European Economic Area or United Kingdom, you have the following rights in relation to your personal data, subject to certain exceptions:

• Right of access (Art. 15) — obtain a copy of your personal data
• Right to rectification (Art. 16) — correct inaccurate data
• Right to erasure (Art. 17) — request deletion in certain circumstances
• Right to restriction (Art. 18) — limit how we use your data
• Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
• Right to object (Art. 21) — object to processing based on legitimate interests or for direct marketing
• Rights related to automated decision-making (Art. 22) — where applicable, request human review of solely automated decisions with legal or similarly significant effects

Send your request to privacy@lemonrate.app. We may need to verify your identity before responding. We aim to respond within one month, as required by the GDPR, and will inform you if an extension is needed.

There is no fee for exercising your rights unless your request is manifestly unfounded or excessive.

Personal data may be transferred to countries outside the EEA. Where required, we implement appropriate safeguards, such as Standard Contractual Clauses, to protect your data in accordance with GDPR Chapter V.

You have the right to lodge a complaint with a data protection supervisory authority in your country of habitual residence, place of work, or place of alleged infringement.

In Luxembourg, the supervisory authority is the Commission nationale pour la protection des données (CNPD). In the UK, it is the Information Commissioner's Office (ICO).

For more detail on what we collect and how we use it, see our Privacy Policy. For terms governing use of this website and the TravelGuard service, see our Terms of Use.