Privacy Policy / Datenschutzerklärung
Effective Date: January 27, 2025
1. Controller
The controller responsible for data processing on this website is:
Jan Siegmann — unlimited
c/o Online-Impressum.de #6013
Europaring 90
53757 Sankt Augustin
Germany
Email: jan@jansiegmann.com
2. Information We Collect
Personal Information
When you register for our Service, we may collect:
- Email address
- Username
- Payment information (processed securely through Paddle)
- Reddit account information (usernames, authentication tokens)
Usage Data
We may also collect:
- IP address (anonymized after 7 days)
- Browser type and version
- Pages visited and time spent
- Device identifiers and diagnostic data
3. Legal Basis for Processing (Art. 6 GDPR)
We process your data based on:
- Contract performance (Art. 6(1)(b) GDPR): To provide our Service
- Legitimate interests (Art. 6(1)(f) GDPR): To improve our Service and ensure security
- Consent (Art. 6(1)(a) GDPR): For optional features, which you may withdraw at any time
4. How We Use Your Information
- To provide and maintain our Service
- To notify you about changes to our Service
- To provide customer support
- To improve our Service
- To monitor usage and detect technical issues
- To process payments
- To schedule and post content to Reddit on your behalf
5. Reddit Integration
When you connect your Reddit account:
- We store Reddit authentication tokens to post on your behalf
- We access your Reddit account information as permitted by Reddit's API
- We may store post content, schedules, and subreddit information
- All Reddit interactions comply with Reddit's Terms of Service and API guidelines
6. Data Sharing and Disclosure
We may share your information with:
- Service Providers: Third-party processors necessary to operate our Service
- Legal Requirements: If required by German or EU law
- Business Transfers: In case of sale or merger (you will be notified)
We do not sell your personal data.
7. Third-Party Processors
| Provider | Purpose | Location | Privacy Policy |
|---|---|---|---|
| Vercel Inc. | Hosting | USA (EU data region available) | Link |
| Paddle.com Market Ltd | Payment processing, Merchant of Record | UK | Link |
Paddle acts as Merchant of Record for all transactions. This means Paddle is the seller of record and handles all payment data directly. We do not store your credit card information.
All processors are bound by GDPR-compliant Data Processing Agreements.
8. Data Transfers Outside the EU
If data is transferred outside the EU/EEA, we ensure adequate protection through:
- EU Standard Contractual Clauses (SCCs)
- UK GDPR adequacy (for Paddle)
- Vercel's EU data region option
9. Data Retention
- Account data: Retained until you delete your account
- Usage data: Anonymized or deleted after 12 months
- Payment records: Handled by Paddle per their retention policy
- Reddit tokens: Deleted immediately upon disconnection
10. Your Rights (Art. 15-22 GDPR)
You have the right to:
- Access your personal data (Art. 15)
- Rectification of inaccurate data (Art. 16)
- Erasure ("right to be forgotten") (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Withdraw consent at any time (Art. 7(3))
To exercise these rights, contact us at the email above.
11. Cookies
We use only technically necessary cookies. No tracking or advertising cookies are used without your explicit consent.
12. Data Security
We implement appropriate technical and organizational measures (Art. 32 GDPR) including encryption, access controls, and regular security reviews.