🔥 séana
Privacy Policy
Last updated: 21 March 2026
séana ("we", "us", "our") operates the séana mobile app and the website seana.ie, which help people discover sauna and wellness experiences across Ireland and Northern Ireland, and allow sauna businesses to list and manage their venues.
We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR), the Irish Data Protection Act 2018, and the ePrivacy Regulations 2011 (S.I. No. 336 of 2011).
The short version: App users need no account. We collect minimal data and never sell it. Business owners who list their venue provide personal and business information needed to run the service. All data is handled securely and in line with GDPR.
1. Who We Are (Data Controller)
The data controller for personal data collected through séana is:
2. Data We Collect — App Users
If you use the séana app to browse or discover saunas, here is exactly what we collect:
2a. Location Data (optional)
- Only collected if you explicitly tap "Use My Location" and grant permission
- Reduced to approximate precision (~1 km radius) before use
- Held in device memory only for the current session — never written to our servers or disk
- Never shared with third parties
- You can withdraw consent at any time by revoking location permission in your device settings
Legal basis: Consent — GDPR Article 6(1)(a)
2b. Device Identifier
- A random alphanumeric identifier is generated the first time you use the app and stored on your device (via AsyncStorage)
- This identifier is not linked to your name, email, Apple ID, Google account, or any other personal information
- It is used only to prevent duplicate ratings (so one device cannot submit multiple reviews for the same sauna) and to associate bug reports with a device for diagnostic purposes
- It is deleted when you uninstall the app or clear app storage
Legal basis: Legitimate interest — GDPR Article 6(1)(f) (preventing abuse and ensuring review integrity)
2c. Anonymous Usage Analytics
- We collect anonymous, non-identifying events: which saunas are viewed, search terms used, buttons tapped, and booking referrals
- No personal identifiers (name, email, IP address, or device ID) are attached to analytics events
- This data helps us improve the app and understand which features are useful
- Analytics data is aggregated and not retained on a per-event basis indefinitely
Legal basis: Legitimate interest — GDPR Article 6(1)(f)
2d. AI Chat Messages
- The app includes an AI assistant to help you find saunas. Your messages are sent to our server and processed by Anthropic's Claude AI model
- Chat messages are not stored after your session ends — they are used solely to generate a response
- No personal information is required to use the chat feature
- Anthropic processes chat data as a data processor under our instruction; see Anthropic's Privacy Policy
Legal basis: Legitimate interest — GDPR Article 6(1)(f)
2e. Bug Reports (optional)
- If you choose to submit a bug report from the app, the text you write, the screen you were on, and your device identifier (see 2b) are sent to us
- No other personal information is collected
Legal basis: Consent — GDPR Article 6(1)(a)
3. Data We Collect — Business Owners (Listing Operators)
If you register your sauna venue on séana through the business portal (seana.ie/portal/onboard.html), we collect the following personal and business information in order to operate the listing service:
| Data | Purpose | Legal basis |
|---|
| Name | To identify the account holder and personalise communications | Contract — Art. 6(1)(b) |
| Business email | Account login, notifications, and correspondence | Contract — Art. 6(1)(b) |
| Phone number | Displayed on your listing for customers (optional) | Contract — Art. 6(1)(b) |
| Password (hashed) | Authentication — stored as a bcrypt hash; we never see your plain password | Contract — Art. 6(1)(b) |
| Business/venue details | Populate your listing: name, address, county, description, hours, photos, amenities, pricing | Contract — Art. 6(1)(b) |
| Payment information | Processed by Stripe for paid listing subscriptions (Featured / Premium). We do not store card details — Stripe handles all payment data | Contract — Art. 6(1)(b) |
| Booking and analytics data | Shown in your Business Dashboard to help you track performance. Retained for the duration of your subscription | Legitimate interest — Art. 6(1)(f) |
Retention
- Business account data is retained for as long as your account is active
- Following account deletion, basic records (name, email, transaction history) are retained for up to 7 years to comply with Irish tax and accounting obligations
- You can request deletion of your account at any time by emailing hello@seana.ie
4. Third-Party Services & Processors
We use the following third-party services that may process personal data on our behalf:
| Service | Purpose | Location | Basis for transfer |
|---|
| Anthropic (Claude API) | AI chat responses | United States | Standard Contractual Clauses (SCCs) |
| Stripe | Payment processing for business subscriptions | United States / EU | SCCs + Stripe's EU-US Data Privacy Framework certification |
| Google (Places API) | Sauna location data and mapping | United States | SCCs |
We also link to affiliate partners (Amazon Associates, AllGifts.ie, Pigsback.com). Clicking these links takes you to their sites, which have their own privacy policies. We receive only anonymous referral data (no personal information about your activity on those sites).
5. Third-Party Links
The app contains links to sauna websites, booking pages, and external services. When you follow these links, you leave séana and are subject to the privacy policies of those third parties. We are not responsible for their practices.
6. Cookies & Local Storage
- The séana app does not use browser cookies. It uses AsyncStorage (device-only) to store the device identifier and location consent preference
- The business portal (seana.ie/portal/) uses a session token stored in memory and/or browser storage to keep you logged in. This is a functional, strictly necessary cookie — it expires when you log out or the session times out
- We do not use advertising cookies, tracking cookies, or third-party analytics cookies on our website
- No cookie consent banner is required for strictly necessary cookies under the ePrivacy Regulations
7. Data Storage & Security
- Our servers are hosted in the European Union
- Passwords are hashed using bcrypt before storage — we never store or transmit plain-text passwords
- All data in transit is encrypted using TLS (HTTPS)
- We apply appropriate technical and organisational measures to prevent unauthorised access, loss, or disclosure of personal data
- In the event of a data breach affecting your rights, we will notify the Data Protection Commission within 72 hours and inform affected individuals without undue delay
8. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — request deletion of your data (subject to legal retention obligations)
- Right to restriction — ask us to limit how we use your data while a dispute is resolved
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — for location access or other consent-based processing, at any time without penalty
To exercise any of these rights, email hello@seana.ie. We will respond within 30 days.
9. Complaints
If you believe we have mishandled your personal data, you have the right to lodge a complaint with the supervisory authority:
10. Children's Privacy
séana is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at hello@seana.ie and we will delete it promptly.
11. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in the service or legal requirements. Material changes will be communicated via the app or by email (for business account holders). The "Last updated" date at the top of this page indicates when the policy was last revised.
12. Contact Us
For any questions about this privacy policy, your rights, or how we handle your data: