Privacy Policy of Boombino

This Privacy Policy describes how we, Vanilla Odyssey DE UG, collect, use, and protect your personal data when you access or use the Boombino platform.

The platform is operated by Vanilla Odyssey DE UG, Baumpieperweg 8, 21149 Hamburg, Germany. We are committed to protecting your privacy and handling your data in a transparent and secure manner.

Vanilla Odyssey DE UG acts as the controller for the processing described in this Privacy Policy.

Vendors providing services booked via the platform usually act as independent controllers for the processing necessary to perform their services.

Payment providers (e.g., Stripe) generally act as independent controllers for payment processing.

We collect and process the following categories of personal data:

• Account Information: Name, email address, password, phone number.
• Booking Information: Party service details (entertainers, venues, rentals, dates, addresses).
• Payment Data: Billing details, IBAN, payment history (processed securely by our payment provider).
• Communication Data: Messages between users and with support.
• Technical Data: IP address, device type, browser, usage logs.

We process your personal data for the following purposes:

• Account creation and management
• Service booking and coordination
• Payment processing
• Customer support
• Marketing communications and newsletters (with consent)
• Legal obligations and fraud prevention

We rely on the following legal bases:

• Contractual necessity (Art. 6(1)(b) GDPR)
• Legal obligations (Art. 6(1)(c) GDPR)
• Legitimate interests (Art. 6(1)(f) GDPR)
• Consent (Art. 6(1)(a) GDPR), where applicable

We may share your data with the following categories of recipients:

No personal data will be shared with third parties unless required by law or necessary to fulfill our services.

• Payment providers (e.g., Stripe)
• IT and hosting providers
• Customer support tools
• Legal and tax advisors

Where personal data is transferred to countries outside the EEA, we use appropriate safeguards, such as adequacy decisions or the European Commission’s Standard Contractual Clauses (SCCs). Copies are available on request.

We use cookies and similar technologies. Essential cookies are necessary to operate the platform (Art. 6(1)(f) GDPR).

Non-essential cookies (e.g., analytics or marketing) are used only with your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time in the cookie settings.

Details on the specific tools used (such as analytics or advertising partners) are provided in our Cookie Policy.

We retain personal data only for as long as necessary to fulfill the purposes of processing or to comply with legal obligations.

Booking and invoicing data: up to 10 years (statutory retention).

Support communications: up to 3 years after last interaction.

Technical logs: 14–90 days, unless required longer for security or legal purposes.

Marketing data: until consent is withdrawn or you opt out.

Under the GDPR, you have the right to:

• Access your data (Art. 15 GDPR)
• Rectify incorrect data (Art. 16 GDPR)
• Erase data (Art. 17 GDPR)
• Restrict processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Object to processing (Art. 21 GDPR)
• Withdraw consent at any time (Art. 7(3) GDPR)
• Lodge a complaint with a supervisory authority

The platform is intended for use by parents or legal guardians. We do not knowingly allow direct registration by children under the age of 16 without parental consent.

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse. These include encryption, access controls, regular security testing, and a strict need-to-know principle for data access.

You can lodge a complaint with any data protection authority. Our lead authority is the Hamburg Commissioner for Data Protection and Freedom of Information (https://datenschutz-hamburg.de/).

We may update this Privacy Policy from time to time. You will be informed of significant changes through the platform or by email. The updated policy will apply from the date of publication.

If you have any questions about this Privacy Policy or your personal data, you can contact us at:

• Vanilla Odyssey DE UG
• Baumpieperweg 8
• 21149 Hamburg, Germany
• Email: info@boombino.com