ConXion

Privacy Policy

This policy explains who controls personal data for ConXion, what information is processed, why it is used, when it may be shared, and how privacy rights can be exercised.

Last Updated

April 3, 2026

This policy follows a controller-first structure: who operates the service, what data is processed, how rights requests are handled, and where to contact the operator directly.

Contact: Yuri Bucioprivacy@conxion.app • Liivalaia 40, Tallinn, Estonia

Privacy Rights RequestsCookie SettingsSubprocessors

Who controls your data

ConXion is currently operated directly by Yuri Bucio, a private individual based in Tallinn, Estonia. At the date of this policy, the service is not yet operated through a separate incorporated company.

For GDPR purposes, Yuri Bucio acts as the controller for personal data processed through conxion.social, the app, support channels, payments, messaging, events, trips, hosting, references, and related member tools.

What personal data we collect

  • Information you provide directly, including account details, profile content, photos, videos, messages, references, support messages, and any other content you choose to submit.
  • Activity and relationship data generated through the service, including connections, requests, trips, hosting, events, moderation actions, and safety-related reports.
  • Billing and subscription metadata such as customer identifiers, purchase status, invoice references, and payment events. Full payment-card numbers are processed by payment providers and are not intentionally stored in the app database.
  • Technical, device, and security information such as log data, browser details, IP-related metadata, session history, and cookie or similar-technology data used to run and protect the service.
  • Information received from other members, vendors, or integrations when needed to operate the product, investigate abuse, or comply with legal obligations.

Why we use personal data and legal bases

Depending on the context, the legal bases relied on include performance of a contract, legitimate interests, consent, compliance with legal obligations, and the establishment, exercise, or defense of legal claims.

  • To create and run accounts, profiles, messaging, discovery, hosting, trips, events, references, and other member-facing features of ConXion.
  • To process payments, manage subscriptions or verification purchases, prevent fraud, and maintain accounting, tax, and business records.
  • To communicate with you about login, support, security, moderation, billing, product updates, and other operational matters.
  • To review reports, enforce the Terms, investigate abuse, protect members, protect ConXion, and comply with legal or regulatory duties.
  • To maintain, debug, improve, and secure the product, including internal analytics, abuse detection, and service reliability work.

Who can receive personal data

Some information is visible to other members or to the public by design, depending on the feature you use and the visibility settings you choose. This can include profile information, media, references, events, trips, hosting-related information, and other content you publish.

Public-facing content may also be visible to search engines or other third parties that can access public pages.

  • With service providers that help operate the platform, such as hosting, storage, authentication, payments, media processing, email delivery, security, and limited analytics providers.
  • With advisers, insurers, payment partners, regulators, law enforcement, courts, or other third parties where disclosure is necessary to comply with law, respond to claims, or protect safety and rights.
  • With a future buyer, investor, or successor if the service is reorganized, financed, sold, or transferred, subject to applicable law.

Where data is processed

ConXion and its providers may process personal data in countries other than your own, including outside the European Economic Area. When required, appropriate transfer safeguards are used, such as contractual protections recognized under applicable law.

A current overview of the main vendors that may process personal data on the service's behalf is available on the Subprocessors page.

Retention and security

  • Personal data is kept for as long as reasonably necessary to operate ConXion, protect members, enforce rules, resolve disputes, process payments, and meet legal obligations.
  • Deactivation is not the same as deletion. Data may still be retained after deactivation for fraud prevention, safety reviews, backups, legal claims, and compliance records.
  • Billing, tax, fraud, and payment-related records may be retained for the periods required by law or business recordkeeping obligations.
  • Reasonable technical and organizational security measures are used, but no system can guarantee complete security.

Your rights and how to exercise them

Depending on where you live and the processing involved, you may have rights of access, rectification, erasure, restriction, objection, portability, and withdrawal of consent where consent is the basis for processing.

Formal privacy requests must be sent to privacy@conxion.app. ConXion does not offer instant in-app approval for these requests. To reduce misuse and protect all members, requests are handled manually and may require clarification of scope.

If there are reasonable doubts about identity, additional information may be requested before data is disclosed, exported, corrected, or erased.

A response is normally sent without undue delay and within one month of receipt. If the request is complex, the response period may be extended by up to two additional months where the law allows, with notice during the first month.

Where permitted by law, a request may be refused, limited, or subject to a reasonable fee if it is manifestly unfounded, excessive, repetitive, or would adversely affect other people's rights, safety investigations, fraud prevention, legal obligations, or legal claims.

You also have the right to complain to the supervisory authority where you live. Because the controller is based in Estonia, you may also complain to the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

Cookies and similar technologies

ConXion uses cookies and similar technologies for login continuity, security, preferences, and optional analytics or functionality where allowed.

You can manage browser-level settings directly on your device and can review the current product-level choices on the Cookie Settings page.

Children, changes, and contact

  • ConXion is intended for adults. You must be at least 18 years old to use the service.
  • We may update this Privacy Policy from time to time. The latest version will be posted here with a revised date.
  • For privacy questions or formal privacy requests, contact privacy@conxion.app.