The protection of the user's personal data is important to us. This privacy policy outlines which data we collect, how we process it, and the rights the user has concerning their data. This privacy policy is provided in accordance with the General Data Protection Regulation (GDPR).
The data controller and data protection officer responsible under data protection law is:
Bastian Raschke
(contact information is available in the imprint)
The user can freely choose whether to use the app solely locally or to synchronize their data with the provided server. This part of the privacy policy applies only to the latter case.
We utilize hosting services to provide the infrastructure for this feature. To this end, we have entered into a data processing agreement with the following data processor:
netcup GmbH
Daimlerstr. 25
76185 Karlsruhe
This legally required contract under data protection law ensures that the processor handles users' personal data exclusively in accordance with our instructions and in compliance with the GDPR.
In the context of using this feature, we transfer, process and store the following data:
The processing of the user's data is based on Article 6(1)(b) of the GDPR, as the processing is necessary for the performance of the contract regarding the use of the desired server synchronization feature, and on Article 6(1)(f) of the GDPR due to our legitimate interest in the security and stability of our infrastructure.
The data is exclusively transmitted to our server, which is operated in Vienna, Austria.
No transfer of personal data to third-party countries outside the EU takes place.
All data is encrypted during transmission between the user's device and our servers.
The collected data is stored only for as long as necessary to fulfill the contractual purpose or as long as there are legal retention obligations. Data processed as part of the server synchronization feature is stored until the user requests the deletion of the user account. After the termination of the contractual relationship and the expiration of any legal retention periods, the data will be deleted.
Server logs are typically stored for 7 days unless further retention is required to analyze attacks or misuse or to preserve evidence. In such cases, the data may be partially or fully exempt from deletion until the incident is fully resolved.
The user has the right to:
We use the analytics service Mixpanel in our app, a service of Mixpanel Inc., 405 Howard Street, Floor 2, San Francisco, CA 94105, USA (hereinafter referred to as "Mixpanel"). Mixpanel helps us analyze user behavior in the app. This is done solely to better tailor the app to the needs of our users (e.g., to prioritize popular and unpopular features in the app's development) or to quickly resolve problems.
The following data is transferred, processed and stored by Mixpanel:
The complete privacy policy for Mixpanel can be found here.
The processing of the data is based on the user's consent, pursuant to Article 6(1)(a) of the GDPR. We obtain consent at the start of the app. The user can revoke their consent at any time through the app settings.
The collected data is transmitted to Mixpanel. As part of Mixpanel's EU Data Residency Program, user data is processed and stored exclusively within the European Union. Mixpanel is committed to complying with the requirements of the GDPR and taking appropriate security measures to ensure the confidentiality and security of user data.
No transfer of personal data to third-party countries outside the EU takes place.
All data is encrypted during transmission between the user's device and Mixpanel's servers.
Collected event data is stored for a maximum period of 60 months. After this period, the event data is automatically deleted, making it impossible to link the data to the affected user.
Collected user profile data is stored until the user requests the deletion of the user account. After the termination of the contractual relationship and the expiration of any legal retention periods, the data will be deleted.
The user has the right to:
We use the in-app purchases platform Qonversion in our app, a service of Qonversion Inc., 1160 Battery Street East, Suites 100, San Francisco, CA 94111, USA (hereinafter referred to as "Qonversion"). Qonversion helps us manage subscriptions in the app.
The following data is transferred, processed and stored by Qonversion:
The complete privacy policy for Qonversion can be found here.
The processing of the user's data is based on Article 6(1)(f) of the GDPR, due to our legitimate interest in the ability to provide in-app purchases to the user to maintain our business.
The collected data is transmitted to Qonversion. The user data is processed and stored in Microsoft Azure data centers in London, UK. This is permissible, as there is an adequacy decision in place for the United Kingdom under Article 45 of the GDPR.
All data is encrypted during transmission between the user's device and Qonversion's servers.
The collected data is stored only for as long as necessary to fulfill the contractual purpose or as long as there are legal retention obligations. The data is stored until the user requests the deletion of the user account. After the termination of the contractual relationship and the expiration of any legal retention periods, the data will be deleted.
The user has the right to:
The following permissions are required by the Android app:
This permission is needed if the user wishes to use the server synchronization feature. Additionally, this permission is used by Mixpanel to transmit analytics data if consent has been granted and Qonversion to be able to provide in-app purchases.
This permission allows for the determination of the network connection status on the device, such as whether an internet connection is available or the type of connection (e.g., Wi-Fi or mobile network). Additionally, it enables the detection of changes in network status. Mixpanel uses this permission so that we can better understand specific issues or errors encountered by users with the app in relation to connectivity problems, provided that consent for the use of Mixpanel has been granted.
This permission allows access to the device's biometric sensors, making it possible to unlock the app using a fingerprint, facial recognition, or another biometric feature for enhanced security and convenience.
We reserve the right to update this privacy policy to reflect changes in our services or legal requirements. The user will be informed of significant changes in the way we process personal data through a notification in the app.
Continuing to use the app after 30 days from the notification will be considered acceptance of the amended privacy policy.
If the user does not agree to the amended privacy policy, they are required to terminate their account within this period. After this period, and in the case of non-acceptance, all data will be deleted, and access to the service will be permanently terminated.
If you have any questions or concerns about data protection, you can contact us at any time:
(contact information is available in the imprint)
Effective Date: 2024-10-10