Last updated: February 2026
1. Data Controller
The controller of personal data is:
Sole trader (JDG)
European Union
Email: [email protected]
For all data protection inquiries, please contact us at the email above.
2. Scope and Application
This Privacy Policy applies to the mobile application (“App”), related backend infrastructure, AI-powered features, and associated services (collectively, the “Service”).
This Policy is provided in accordance with:
- Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)
- Applicable national data protection laws
- Apple App Store privacy requirements
- Google Play Data Safety requirements
By using the Service, you acknowledge that your personal data may be processed as described in this Policy.
3. Categories of Personal Data Processed
We may process the following categories of data:
3.1 Information You Provide
- Email address
- Account identifiers
- Authentication credentials (via secure providers)
- Content submitted within the App
3.2 Automatically Collected Data
- IP address
- Device type and operating system
- Application version
- Log data
- Usage interactions
- Crash reports and diagnostics
3.3 Analytics Data
- Session data
- Aggregated usage statistics
- Feature interaction data
We do not intentionally collect special categories of personal data (Art. 9 GDPR). If such data is voluntarily submitted, it is processed solely for providing the Service.
4. Purposes and Legal Bases for Processing
We process personal data strictly for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Account registration and authentication | Art. 6(1)(b) – Contract |
| Providing core application functionality | Art. 6(1)(b) – Contract |
| AI-powered features | Art. 6(1)(b) and/or Art. 6(1)(f) |
| Security, fraud prevention, and logging | Art. 6(1)(f) – Legitimate interest |
| Analytics and performance monitoring | Art. 6(1)(f) – Legitimate interest |
| Compliance with legal obligations | Art. 6(1)(c) – Legal obligation |
Where required by law, processing is based on user consent (Art. 6(1)(a)).
5. AI Processing Disclosure
Certain features of the Service may use artificial intelligence models.
User-submitted content may be processed by external AI providers solely to generate requested outputs.
AI providers may include:
- OpenAI
- Anthropic
The AI provider may change over time due to infrastructure decisions, testing, or service optimization.
We:
- Do not sell personal data to AI providers
- Require contractual safeguards
- Require processing solely for service delivery
- Do not permit training on user data unless explicitly stated
Users should not submit confidential, regulated, or sensitive data unless necessary for intended functionality.
6. Service Providers (Data Processors)
We use third-party processors to operate and secure the Service.
Infrastructure & Hosting
- Own servers hosted within the European Union
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform
- iDrive
- Backblaze
Backend & Analytics
- Google Firebase
- Google Analytics
Error Monitoring
- Sentry
All providers process data under applicable data processing agreements (DPAs).
7. International Data Transfers
Some providers may process data outside the European Economic Area (EEA).
Where such transfers occur, we rely on:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Additional safeguards where required
Data transfers are performed in accordance with Chapter V of the GDPR.
8. Data Retention
We retain personal data only as long as necessary for:
- Providing the Service
- Fulfilling contractual obligations
- Complying with legal requirements
- Resolving disputes
- Ensuring security
Data may be deleted or anonymized when no longer required.
Users may request deletion of their account and associated personal data, subject to legal retention obligations.
9. Data Sharing and No Sale of Data
We:
- Do not sell personal data
- Do not share personal data for advertising purposes
- Do not engage in data brokerage
Personal data is shared only with service providers necessary for operating the Service.
10. User Rights (GDPR)
If you are located in the European Economic Area, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure
- Restrict processing
- Object to processing
- Request data portability
- Withdraw consent (where applicable)
Requests may be submitted to: [email protected]
You have the right to lodge a complaint with a supervisory authority in your EU Member State.
11. Security Measures
We implement appropriate technical and organizational measures, including:
- Encryption in transit (TLS)
- Access controls
- Authentication safeguards
- Monitoring and logging
- Data minimization practices
However, no system can guarantee absolute security.
12. Children’s Privacy
The Service is not directed to children under 16 (or lower age permitted by national law). We do not knowingly collect personal data from children without required consent.
If we become aware of such processing, we will delete the data.
13. App Store & Platform Compliance
In accordance with Apple and Google requirements:
- Data collection practices are transparently disclosed
- Tracking for advertising purposes is not performed
- Sensitive permissions are requested only when necessary
- Users may request account deletion
- Data is processed only for specified purposes
14. Limitation of Liability
To the maximum extent permitted by applicable law:
- We are not responsible for independent processing performed by third-party providers.
- We are not liable for service interruptions or security incidents beyond our reasonable control.
- Users are responsible for ensuring that submitted content complies with applicable laws.
15. Changes to This Policy
We may update this Privacy Policy from time to time.
Material changes will be communicated via the App or website. Continued use of the Service after updates constitutes acceptance of the revised Policy.