BAIAE Privacy Policy

We, Orean AI ApS, CVR: 45510050, Denmark ("BAIAE", "we", "us", or "our"), operate BAIAE — an AI-powered travel assistant that helps users plan, manage, and enhance their travel experiences.

We take your privacy seriously. This Privacy Policy explains how we collect, process, and protect your personal data when you use BAIAE’s services (our website, app, and other platforms — collectively, the "Services").

We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679.

By using BAIAE, you acknowledge and agree to this Privacy Policy.

1. Personal Data We Collect and Process

We may collect and process the following categories of personal data:

Contact details: name, email address
Travel preferences and history
Travel-related information: itineraries, bookings, loyalty/rewards data, claims history
Interaction history with BAIAE Services
Technical data: IP address (temporary for service delivery), browser type, device information
Geolocation data (if you choose to share it, to enhance services)

We do not process sensitive personal data.

2. How We Use Your Data

We process your personal data to:

Provide and operate BAIAE Services
Personalize your travel experience and recommendations
Assist with travel claims and loyalty opportunities
Refer you to third-party platforms for bookings
Communicate with you regarding services, updates, or support
Fulfill legal obligations

We do not use your personal data for automated decision-making or profiling that has legal or significant effects.

3. Legal Basis for Processing

We process your data based on:

Performance of a contract — to provide the Services
Legitimate interests — to operate and improve BAIAE
Compliance with legal obligations
Consent — for geolocation and certain types of communication (where required)

4. Data Sharing

We do not sell your personal data.

We may share your data with trusted third-party service providers to operate BAIAE, for example:

IT and hosting providers
Analytics providers (e.g. Google Analytics)
Customer support tools
Partners involved in loyalty programs or claims handling.
Third-party travel platforms (when you initiate a booking through BAIAE)

All third parties are required to comply with GDPR and only process data for BAIAE’s purposes.

5. International Data Transfers

BAIAE is designed to process and store personal data primarily within the European Economic Area (EEA). However, in certain cases, limited data may be transferred outside the EEA if required to provide specific services or functionalities.

If such transfers occur, we ensure that they comply with the GDPR by implementing appropriate safeguards, such as Standard Contractual Clauses or equivalent legal mechanisms, to maintain the required level of data protection.

6. Data Retention

We retain your personal data only as long as necessary to:

Provide the Services
Comply with legal obligations
Resolve disputes and enforce agreements

You may request deletion of your personal data at any time (see Section 9).

7. Cookies

We use essential and non-essential cookies to operate BAIAE and enhance your experience.

Essential cookies — required for site functionality
Non-essential cookies — used for analytics and improving our services (used only with your consent)

You can manage your cookie preferences at any time.

8. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

However, no system can be completely secure. You are responsible for safeguarding your login information.

9. Your Rights

Under GDPR, you have the right to:

Access your personal data
Correct inaccurate personal data
Request deletion of your personal data
Restrict processing
Object to processing
Data portability (where applicable)

You also have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) if you believe we are not complying with data protection law.

To exercise your rights, contact us at: hello@BAIAE.dk