Privacy Policy

1. Introduction

This Privacy Policy ("Policy") is effective as of March 14, 2024 and explains how Jonas Rodehorst ("we," "us," or "our"), as the operator of the Rizzard application ("App"), collects, uses, and protects your personal information. By using our App, you consent to the data practices described in this Policy. We are committed to protecting your privacy and handling your data in an open and transparent manner.

2. Information We Collect

We collect and process the following categories of personal information:

• Account Information: When you create an account, we collect your name, email address, and authentication data.
• Payment Information: For premium features, we process payment and subscription data through our payment processors.
• Usage Data: We automatically collect information about how you interact with our App, including:
  • Device information (type, model, operating system)
  • IP address and general location data
  • App usage statistics and interaction data
  • Error logs and performance data
• User Content: We process the content you create, upload, or share within the App.

Legal Basis for Processing: We process your personal data based on:

• Your consent
• The necessity to perform our contract with you
• Our legitimate interests in improving and securing our services
• Compliance with legal obligations

3. How We Use Your Information

We use your information for the following purposes:

• Providing and maintaining our services
• Processing your payments and managing subscriptions
• Personalizing your experience and improving our App
• Communicating with you about service updates and changes
• Analyzing usage patterns to enhance performance
• Detecting and preventing fraud or abuse
• Complying with legal obligations

4. Third-Party Services

We use the following third-party services. Each service processes your data in accordance with their respective privacy policies and our data processing agreements with them:

• OpenAI API: Processes user interactions for AI-powered features. Data processing occurs in compliance with OpenAI's privacy standards and our service agreement.
• Google's Gemini API: Handles specific AI functionalities. Data processing follows Google's privacy practices and our contractual agreements.
• Apple and Google In-App Subscriptions: Process payment information for subscriptions. Your payment data is handled directly by these platforms under their respective privacy policies and PCI-DSS compliance standards.
• Google and Apple Sign-In: Provide secure authentication services. Authentication data is processed according to their respective privacy and security standards.
• Sentry: Monitors app performance and errors. Collects technical data including device information, error contexts, and crash reports to improve service reliability.
• Cloudflare: Acts as our reverse proxy and provides security services. Your traffic passes through Cloudflare's infrastructure, where they process technical data such as IP addresses and request metadata to protect against threats and optimize performance.

We ensure all third-party providers maintain appropriate technical and organizational measures for data protection.

5. Data Storage and Security

Our servers are hosted in Germany, within the European Union. We implement industry-standard security measures including:

• End-to-end encryption for sensitive data transmission
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Data backup and recovery procedures
• Employee training on data protection

Data Retention: We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy or as required by law. When data is no longer needed, it is securely deleted or anonymized.

6. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

To exercise these rights, please contact us using the information provided in the Contact section. We will respond to your request within 30 days.

7. International Data Transfers

When we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place through:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Binding corporate rules where applicable

8. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. We will notify you of any material changes through the App or via email. Your continued use of our services after such modifications constitutes your acknowledgment of the modified Policy and your agreement to abide and be bound by it.

9. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Data Controller:
Jonas Rodehorst
Kattenturmer Heerstr. 122
28277 Bremen
Germany

Email: [email protected]

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.