Privacy Policy

Last updated: 27 March 2026

1. Introduction

MT Concierge ("we", "us", "our") operates the website at mtconcierge.vip and the MT Concierge mobile applications for iOS and Android (collectively, the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our Platform and related services.

By using the Platform you agree to the practices described in this policy. If you do not agree, please do not use our services.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, phone number, password, and profile photo.
  • Membership details: selected membership tier, preferences, and communication preferences (e.g. WhatsApp opt-in).
  • Payment information: billing address and payment card details. Card details are processed directly by our payment processor (Stripe) and are never stored on our servers.
  • Enquiries & requests: messages, subject lines, preferred contact method, and any attachments you submit through our contact or enquiry forms.
  • Booking & order data: details of events, activities, and services you enquire about, reserve, or purchase, including guest counts, special requirements, and travel preferences.

2.2 Information Collected Automatically

  • Device & usage data: IP address, browser type and version, operating system, device identifiers, pages visited, time and date of access, and referring URLs.
  • Location data: approximate location derived from your IP address; precise location only if you explicitly grant permission in the mobile app (e.g. for the events map feature).
  • Push notification tokens: if you enable push notifications in the mobile app, we collect and store a device-specific push token on our servers to deliver notifications. You can revoke this at any time by disabling notifications in your device settings.
  • Biometric authentication: if you enable Face ID or Touch ID for secure access, biometric checks are performed entirely on your device by Apple's frameworks. We do not receive, store, or have access to your biometric data.
  • Cookies & similar technologies: session cookies for authentication and preferences. See Section 7 for details.

2.3 On-Device Storage

The mobile app stores authentication credentials securely on your device using the operating system's encrypted keychain (iOS Keychain). This data never leaves your device and is protected by your device's hardware security.

2.4 Information From Third Parties

We may receive information from payment processors (transaction confirmations), identity-verification providers, or publicly available sources to verify your identity or enhance our services.

3. How We Use Your Information

  • To create, maintain, and secure your account and membership.
  • To process bookings, orders, payments, and refunds.
  • To respond to your enquiries, concierge requests, and support tickets.
  • To personalise event, activity, and service recommendations based on your preferences and tier.
  • To send transactional communications (booking confirmations, quotations, order updates).
  • To send promotional communications about events and offers where you have opted in.
  • To operate, improve, and optimise the Platform, including analytics and performance monitoring.
  • To detect, prevent, and address fraud, abuse, and security incidents.
  • To comply with legal obligations and enforce our Terms of Service.

4. How We Share Your Information

We do not sell your personal information. We may share it with:

  • Service providers: third-party vendors who perform services on our behalf, including payment processing (Stripe), cloud hosting and database services (Convex), push notification delivery (Expo), email delivery, and analytics.
  • Event & experience partners: selected details (e.g. name, guest count) may be shared with venues, organisers, or suppliers solely to fulfil your booking.
  • Professional advisers: lawyers, auditors, and insurers where necessary.
  • Legal requirements: when required by law, regulation, legal process, or governmental request.
  • Business transfers: in connection with a merger, acquisition, reorganisation, or sale of assets, your information may be transferred as part of that transaction.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account closure we retain data for a reasonable period to comply with legal obligations, resolve disputes, and enforce agreements. Payment records are retained for the duration required by applicable tax and financial regulations.

6. Data Security

We implement industry-standard technical and organisational measures to protect your information, including encryption in transit (TLS), secure authentication, role-based access controls, and regular security reviews. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Cookies & Tracking Technologies

We use essential cookies to maintain your session and authentication state. We may also use analytics cookies to understand how the Platform is used so we can improve it. You can control cookie preferences through your browser settings. Disabling essential cookies may affect Platform functionality.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete information.
  • Request deletion of your personal information, including via the in-app account deletion feature (Profile > Delete Account).
  • Object to or restrict certain processing activities.
  • Request data portability.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at info@mtconcierge.vip.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including standard contractual clauses or equivalent measures, to protect your data in accordance with applicable law.

10. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before providing any personal information.

11. Children's Privacy

Our Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Platform. Your continued use of the Platform after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: