Privacy Policy

Effective: update pending

1. Controller

Kay Beckmann
Address to be added
Email: kontakt@tracker-app.dev

2. General information

Protecting your personal data matters to us. This statement explains which data we collect when you visit the website, use the web app, or subscribe to Tracker, how we process it, and the rights available to you.

3. Providing the website

When you access our pages, the web server automatically stores information transmitted by your browser. This may include the IP address, browser type, date and time of the request, and the requested resource. Processing is based on our legitimate interest in a stable and secure service (Art. 6(1)(f) GDPR).

Server log files are deleted automatically as soon as they are no longer required for the purpose for which they were collected.

4. Contact

If you contact us by email, we process the data you provide in order to respond to your request. Processing is based on Art. 6(1)(b) GDPR when your request relates to contractual obligations, otherwise on our legitimate interest in answering enquiries (Art. 6(1)(f) GDPR).

We retain your information until the purpose of storage no longer applies or you ask us to delete it, provided no statutory retention obligations apply.

5. Using the Tracker web app

The web app can be used locally without a user account. In that case all data is stored exclusively in your browser. Optional synchronisation features require an account; we process registration details, encrypted usage data, and technical metadata in that context.

Purpose: Providing the app and synchronisation features
Legal basis: Art. 6(1)(b) GDPR (contract fulfilment)
Retention: Until membership is cancelled or statutory retention periods lapse

6. Payment processing

Payments for Tracker memberships are handled by external payment providers. Once a provider is integrated, we will supply detailed information about the service used and the associated data processing here.

7. Hosting and infrastructure

Tracker services run inside containerised environments (Docker). Internal traffic between services is secured, and PostgreSQL is used for database operations. Regular backups are created and stored in encrypted form.

8. Recipients

We only share personal data with third parties when necessary to perform a contract, when legally required, or when you have given your consent. Data is not transferred to third countries unless explicitly stated.

9. Your rights

Under applicable law you have the following rights:

Access to your stored data (Art. 15 GDPR)
Rectification of inaccurate data (Art. 16 GDPR)
Erasure of personal data (Art. 17 GDPR)
Restriction of processing (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Objection to certain processing (Art. 21 GDPR)
Withdrawal of consent granted (Art. 7(3) GDPR)

You also have the right to lodge a complaint with the competent supervisory authority. In Germany this is generally the data protection authority of the federal state in which you reside.

10. Security

We implement technical and organisational measures to protect your data against manipulation, loss, or unauthorised access. Measures include access restrictions, encryption for synchronised data, and regular software updates.