← Back to Home

Privacy Policy

Last Updated: December 9, 2025

This Privacy Policy describes how GoXtra ("we", "us", or "our") collects, uses, and protects your information when you visit our website goxtra.app (the "Site").

Please note: This policy applies only to this website. The GoXtra mobile application has its own separate privacy policy available within the app.

1. Who We Are (Data Controller)

GoXtra operates this Site and acts as the data controller for the personal data processed here. For any privacy questions or requests, contact [email protected].

2. Information We Collect

We collect limited information necessary to operate and secure the Site and to communicate with you:

• Email Address: collected only if you voluntarily provide it to join our waitlist or newsletter.
• Technical Data: our hosting/CDN/security provider (Cloudflare) may process IP addresses, request metadata, and security logs to deliver the Site, protect against abuse (e.g., DDoS), and improve performance.
• Communications: messages you send us (e.g., support inquiries) and related metadata.

3. How We Use Your Information

We use your information for:

• Website operation, security, and performance.
• Waitlist and newsletter communications you request.
• Responding to your inquiries.

Legal Bases (GDPR/UK): We rely on your consent for waitlist/newsletter emails; and our legitimate interests for Site security, fraud prevention, and performance.

We do not sell, rent, or trade personal information.

4. Service Providers (Processors)

We use trusted service providers to operate this Site:

• Brevo (Sendinblue): email list management and email delivery. See Brevo Privacy Policy.
• Cloudflare: hosting, content delivery, and security (e.g., DDoS protection). See Cloudflare Privacy Policy.

These providers act as our processors under contractual terms and only process personal data to provide their services. We do not sell or share personal information for cross-context behavioral advertising (CPRA).

5. International Transfers & Safeguards

Where our providers process data outside the EEA/UK, we use appropriate safeguards such as Standard Contractual Clauses and, where applicable, participation in the EU-U.S. Data Privacy Framework to protect your information.

6. Cookies

We do not use tracking cookies for advertising. The Site may use essential cookies or similar technologies that are necessary for functionality, security, and performance. We do not use analytics cookies on this Site.

7. Your Rights

GDPR/UK: You have the right to access, rectify, erase, restrict, object to processing, and data portability, and to withdraw consent at any time (without affecting prior processing). You may also lodge a complaint with your local supervisory authority.

CPRA (California): You have the right to know the categories of personal information we collect, the purposes, and the categories of recipients; to access, delete, and correct personal information; and to limit the use of sensitive personal information (not collected on this Site). We do not sell or share personal information for cross-context behavioral advertising.

To exercise rights, contact [email protected]. We aim to respond within 30 days.

8. Data Retention

• Email addresses: retained until you unsubscribe or for up to 24 months of inactivity.
• Technical logs: retained according to our provider’s standard rotation and security practices.
• Support communications: retained until resolved and for a reasonable administrative period.

9. Security

We implement appropriate technical and organizational measures, including TLS encryption in transit, access controls, and hardened hosting/CDN, to help protect your information. No system is perfectly secure, but we work to maintain the security and integrity of the Site.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes to the Site or legal requirements. We will post updates on this page and revise the "Last Updated" date above.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, contact us at [email protected].