Privacy

Who we are

g0.md is operated by Radu Trifan, an individual based in Chișinău, Republic of Moldova. Contact: [email protected].

Infrastructure (database, photo storage, auth sessions) is hosted on our own servers in Moldova, under the api.g0.md domain. No third-party cloud holds your data.

What we collect

Account (optional): your email. We use it only to send the 6-digit OTP login code. We never ask for a password.

Profile (optional): display name, avatar photo, preferred language. You fill these in at /account.

On-site activity: which vendors you view, how long you spend on their page, what you search, what plans you build, what places you save. We use this for personalization ("for you") and to improve recommendations.

Content you create: reviews, photos for menus or reviews, public plans, comments.

Technical: IP address, browser type, request time. We keep them for 30 days for debugging and anti-abuse; they are not joined with your profile.

Why we collect it

To make the site work (authentication, saving plans, syncing across devices).

To recommend relevant places — signals from your activity (preferred clusters, vibe, neighborhoods) feed a "taste profile" that is used only for you and never sold or shared.

To answer questions and resolve issues when you contact us.

To measure anonymously how the catalog is used (popular pages, frequent searches) and decide what to improve.

Who we share with

Anthropic (United States) — receives the photos you upload to the search canvas plus their short descriptions, for AI vision analysis. They do not store the photos; the response (text + palette) is returned and saved on our side.

Google (Ireland) — Google Analytics 4 for anonymized usage stats (IP is anonymized before it reaches them).

Open-Meteo (Europe) — receives Chișinău coordinates to return the weather shown in the header. No personal data is sent.

Pinterest / public image sources — when you paste a Pinterest link in the canvas, we download the image from that URL. Pinterest sees a normal image-download request.

We do not sell or trade personal data with anyone. Period.

Cookies & local storage

Strictly necessary cookies: Supabase session token (auth), g0_sid (anonymous session ID to recommend places before you sign in), aivent.locale (your language).

Analytics cookies: GA4 (_ga, _ga_*). You can block these in your browser without affecting site functionality.

Local storage: we save your plans, favorite places, and preferences locally in the browser. If you sign in, we sync them with the server so they appear on other devices.

How long we keep data

Account + plans + favorites: for as long as your account exists. You can delete them anytime from /account.

Activity history (taste profile): rolling 90-day window. Older signals stop influencing recommendations.

Technical logs: 30 days.

Database backups: 30 days, encrypted and accessed only in case of disaster recovery.

Your rights

Access: you can see what data we hold about you at /account.

Correction: edit your profile at /account/profile.

Deletion: write to [email protected] and we delete the account + all associated data within 7 days.

Portability: on request we send you a JSON export of your plans + favorites.

Objection: you can unsubscribe from emails (link in any email) or ask us to stop collecting activity (taste profile) while keeping just the account.

Under GDPR (when you visit from the EU) and Republic of Moldova Law No. 133/2011 on personal data protection.

Security

Connections are TLS-encrypted (HTTPS). Passwords are replaced with one-time OTP codes, so they cannot be stolen. The database uses Row Level Security (RLS) — every query is checked against the user who made it.

Your photos and backups are encrypted at rest. Infrastructure access is restricted to the operator.

Children under 16

The site is not directed at children under 16. We do not knowingly collect data about minors. If you discover that a minor has created an account, write to [email protected] and we will delete it immediately.

Changes

If this policy changes significantly, we will notify you with a banner on the site or by email (if you have an account).