Controller according to GDPR: Jose Manuel Matas Villavicencio Muffendorferstr. 32 53177 Bonn Germany Email: app.matas@gmail.com
We process your personal data for the following purposes: Account management and authentication, processing of GDPR requests to data brokers, subscription management and billing, sending of privacy newsletters (optional), compliance tracking and request status monitoring.
Data processing is based on: Contract performance (Art. 6(1)(b) GDPR) for account and subscription management, Legal obligation (Art. 6(1)(c) GDPR) for compliance with GDPR requirements, Consent (Art. 6(1)(a) GDPR) for newsletter subscriptions.
Personal data is stored in Germany. Data is retained for the duration of the contractual relationship and thereafter in accordance with legal retention periods (typically 10 years for accounting records). Account data is deleted upon account deletion request, subject to legal retention obligations.
Payment data is processed by Stripe (Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA), which is PCI DSS-certified. We do not process payment data ourselves. Email delivery is handled by Postmark (Postmark LLC, 201 West 83rd Street, New York, NY 10024, USA) for transactional and newsletter emails. Your GDPR requests are sent directly to data brokers as specified in your requests.
You have the right to: Access your data (Art. 15 GDPR), Rectification (Art. 16 GDPR), Erasure (Art. 17 GDPR), Restriction of processing (Art. 18 GDPR), Data portability (Art. 20 GDPR), Objection (Art. 21 GDPR). To exercise these rights, contact us at app.matas@gmail.com.
We implement appropriate technical and organizational measures to protect your personal data. All data is processed and stored on servers located in Germany. Passwords are hashed using industry-standard methods. Communication is encrypted using HTTPS.
For questions regarding data protection, please contact: app.matas@gmail.com. You also have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.