top of page

Privacy Policy

Introduction

We take the protection of the data of users of our website and/or mobile app (the “Website” or the “Mobile App”) very seriously and are committed to protecting the information that users provide to us in connection with the use of our website and/or mobile app (together, the “digital assets”). Furthermore, we are committed to protecting and using your data in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through your use of our digital assets (the “Services”) when you access the Services via your devices.
Please read this Privacy Policy carefully and ensure that you fully understand our practices regarding your data before using our Services. If you have read and fully understood this Policy but do not agree with our practices, you must cease using our digital assets and Services. By using our Services, you acknowledge the terms of this Privacy Policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any amendments to it.


This Privacy Policy explains:

  • How we collect data
     

  • What data we collect
     

  • Why we collect this data
     

  • With whom we share the data
     

  • Where the data is stored
     

  • How long the data is retained
     

  • How we protect the data
     

  • How we handle minors’ data
     

  • Updates or changes to the Privacy Policy

What data do we collect?

Category: Always
 

Below is an overview of the types of data we may collect:

  • Non-identifiable and non-identifying information that you provide during the registration process or that is collected through your use of our Services (“Non-personal Data”). Non-personal Data does not allow us to identify the individual from whom it was collected. Such data mainly includes technical and aggregated usage information.
     

Personally identifiable information, i.e. any data that can be used to identify you or that could reasonably allow your identification (“Personal Data”). The Personal Data we collect through our Services may include information such as names, email addresses, mailing addresses, phone numbers, IP addresses, and more. When we combine Personal and Non-personal Data, we will treat the combined data as Personal Data as long as it remains combined.

How do we collect data?

Category: Always

The main methods we use to collect data are as follows:

  • We collect data when you use our Services. When you visit our digital assets and use our Services, we may collect, record, and store usage sessions and related information.
     

  • We collect data that you provide to us directly, for example, when you contact us through a communication channel (such as email with a comment or feedback).
     

  • We may collect data from third-party sources as described below.
     

  • We collect data that you provide when signing in to our Services through a third-party provider such as Facebook or Google.

Why do we collect this data?

Category: Always
 

We may use your data for the following purposes:

  • To provide and operate our Services;
     

  • To develop, customize, and improve our Services;
     

  • To respond to your feedback, inquiries, and requests and to provide support;
     

  • To analyze usage and demand patterns;
     

  • For internal, statistical, and research purposes;
     

  • To enhance our data security and fraud prevention capabilities;
     

  • To investigate violations and enforce our terms and policies and to comply with applicable laws, regulations, and legal orders;
     

  • To send updates, news, promotional materials, and other information related to our Services. You may choose whether to continue receiving promotional emails—if not, simply click the unsubscribe link in any such email.
     

 

With whom do we share this data?

Category: Always
 

We may share your data with our service providers to operate our Services (e.g., for data storage via third-party hosting services, providing technical support, etc.).

We may also disclose your data under the following circumstances:
(i) to investigate, detect, prevent, or address illegal activities or misconduct;
(ii) to establish or exercise our rights of defense;
(iii) to protect our rights, property, or personal safety as well as the safety of our users or the public;
(iv) in the event of a change in control of our company or one of our affiliates (e.g., through a merger, acquisition, or sale of substantially all assets);
(v) to collect, hold, and/or manage your data via authorized third-party providers (e.g., cloud service providers) as reasonably required for business purposes;
(vi) to collaborate with third parties to improve your user experience.

Please note that we may transfer, share, or otherwise use Non-personal Data at our sole discretion.

 

Category: User has a blog or forum

Please note that our Services may enable social interactions (e.g., posting content, information, and comments publicly, or chatting with other users). Be aware that any content or data you provide in these areas may be read, collected, and used by others. We advise against posting or sharing information that you do not wish to make public. If you upload content or otherwise provide information within our digital assets, you do so at your own risk. We cannot control the actions of other users or members of the public who may access your data or content. You acknowledge and agree that copies of your data may remain accessible even after deletion, on cached or archived pages, or if third parties have copied or stored your content.

 

Cookies and similar technologies

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services (“Tracking Technologies”). These technologies allow third parties to automatically collect your data in order to improve navigation on our digital assets, optimize their performance, ensure a personalized user experience, and for security and fraud prevention purposes.

For more information, please read our Cookie Policy.

 

Category: The user is NOT connected to an advertising service

Without your consent, we will not share your email address or other Personal Data with advertising companies or ad networks.

Category: The user IS connected to an advertising service or Facebook Ads

We may display advertising through our Services and digital assets (including websites and apps that use our Services) that may be tailored to you—such as ads based on your recent browsing behavior across websites, devices, or browsers.

To deliver these ads, we may use cookies, JavaScript, web beacons (including clear GIFs), HTML5 local storage, or other technologies. We may also engage third parties such as network advertisers to serve targeted ads. These third parties may also use cookies and related technologies to measure ad effectiveness and customize advertising content for you. Such third-party data collection and use are governed by the respective third party’s privacy policy.

 

Where do we store the data?

Category: Always

Non-personal Data

Please note that our company and our trusted partners and service providers are located around the world. For the purposes described in this Privacy Policy, we store and process all non-personal data collected in various jurisdictions.

Category: User collects personal data

Personal Data
Personal Data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and other jurisdictions as necessary for the proper provision of our Services and/or as required by law (as further explained below).

 

How long do we retain the data?

Category: Always
 

We retain collected data for as long as necessary to provide our Services, to comply with our legal and contractual obligations to you, to resolve disputes, and to enforce our agreements. We may correct, complete, or delete inaccurate or incomplete data at our discretion at any time.

 

How do we protect the data?

Category: Always
 

The hosting service for our digital assets provides us with the online platform that enables us to offer our Services. Your data may be stored through our hosting provider’s data storage, databases, and general applications. They store your data on secure servers behind a firewall and offer secure HTTPS access to most areas of their services.

Category: User accepts payments/eCommerce

All payment options offered by us and our hosting provider comply with the PCI-DSS (Payment Card Industry Data Security Standard) managed by the PCI Security Standards Council—a joint effort of brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of credit card data through our shop and service providers.

Category: Always

Despite the measures and efforts taken by us and our hosting provider, we cannot guarantee absolute protection or security of the data you upload, post, or share with us or others.

Therefore, we ask that you set secure passwords and avoid sharing confidential information that could cause significant or lasting harm if disclosed. Since email and instant messaging are not considered secure communication channels, please refrain from sharing confidential information via these methods.

 

How do we handle minors’ data?

Category: User does NOT collect data from minors

The Services are not intended for users who have not reached the legal age of majority. We do not knowingly collect data from children. If you are underage, you should not download or use the Services or provide us with any information.

We reserve the right to request proof of age at any time to verify that minors are not using our Services. If we become aware that a minor is using our Services, we may block that user’s access and delete all data related to them. If you believe that a minor has provided data to us, please contact us as described below.

 

Use of personal data

We use your Personal Data only for the purposes set out in this Privacy Policy and only when we believe that:

  • The use of your Personal Data is necessary to perform or enter into a contract (e.g., to provide you with the Services or customer/technical support);
     

  • The use of your Personal Data is necessary to comply with legal or regulatory obligations; or
     

  • The use of your Personal Data is necessary to support our legitimate business interests (provided such use is proportionate and respects your privacy rights).
     

 

As an EU resident, you may:

  • Request confirmation as to whether we process your Personal Data and gain access to such data and certain supplementary information;
     

  • Request receipt of the Personal Data you provided to us in a structured, commonly used, and machine-readable format;
     

  • Request correction of your stored Personal Data;
     

  • Request deletion of your Personal Data;
     

  • Object to our processing of your Personal Data;
     

  • Request restriction of processing; or
     

  • File a complaint with a supervisory authority.
     

Please note that these rights are not absolute and may be subject to our legitimate interests and regulatory requirements.

By using our Services, you consent to the transfer of your data outside the EEA. Personal Data will only be transferred to locations outside the EEA where we believe that an adequate or comparable level of data protection exists. We take appropriate measures to ensure contractual safeguards with third parties to minimize risks of unlawful use, alteration, deletion, loss, or theft of your Personal Data and to ensure compliance with applicable laws.

 

California Consumer Privacy Rights (CCPA)

If you use the Services as a California resident, you may have the right under the California Consumer Privacy Act (CCPA) to request access to and deletion of your data.

To exercise your rights, please contact us as described below.

Category: The website does not sell users’ data

We do not sell users’ Personal Data for purposes under the CCPA.

Category: Websites with a blog or forum

California residents under the age of 18 who use the Services may request deletion of publicly posted content by emailing us at the address listed below under “Contact.” Such requests must include “California Removal Request” in the subject line, a description of the content to be deleted, and sufficient information for us to locate the material.

Please note that your request does not guarantee complete or comprehensive removal—for example, your content may have been reposted or republished by others.

 

Updates or changes to this Privacy Policy

Category: Always
 

We may revise this Privacy Policy at our discretion from time to time. The version posted on the website is always the most current (see “Effective Date”). Please review this Privacy Policy periodically for updates. If we make significant changes, we will post a notice on our website. Continued use of our Services following such notice will constitute your acknowledgment and acceptance of the changes.

 

Contact

If you have general questions about the Services or the data we collect about you and how we use it, please contact us at:

Name: Tina Rapp
Address: Hohenklingenstr. 4a, D-81375 München
Email address: hello@tinarapp.de

bottom of page