Privacy Policy for the App "Super Fast Logo Generator" / "Logo Design Generator" (Version 1.0)

I. General

1. Legal Basis for Processing Data

Personal data is processed in accordance with the GDPR. It is only processed after the user has given consent for this by accepting this privacy policy. The only exception is the case where processing of data is legally allowed without the user given consent. This can for example be the case when the processing is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

2. Maximum Storage Time and Data Deletion

Any user related data is deleted shortly after the purpose for storage does not apply anymore. Data is also deleted in case a legal obligated storage period exceeds except when further storage is necessary by another legal obligation or for the performance of a contract in which the user is a participant.

3. Owner and Data Controller

Leif Both

Moritzstraße 37

44807 Bochum

Germany

Phone: +49 15206596155

E-Mail: leif.both@leifhacks-apps.com

II. Required Permissions

The app requires some permissions to work properly.

1. Internet Connection

A core functionality of the app is to request data via the internet. This requires the corresponding permission for internet connectivity.

2. In-App Purchases

The app offers the possibility to purchase a premium version of the app with additional functionalities. For this, it requires the corresponding permission for in-app purchases.

3. Push Notifications

The user is able to create a support ticket via the app. In order to be notified via push notifications in case of a response to the ticket, the user can grant the corresponding permission for push notifications. If the permission is not granted, no notification is sent to the user's device.

III. On-Device Storage

1. Data Processing

1. Stored Logos & Created Photos

Any information about logos in the "My Logos" collection or created photos are stored on the device.

2. Legal Basis for Processing Data

Processing of above described data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

Storing data on the device is required so it is available permanently (e.g. after restarting the device). This is mandatory for the app to work.

4. Storage Time

All processed data is stored as long as the app is installed or the user manually removes the data via the device's storage settings.

5. Possibilities for Objection and Data Removal

Any processed data stored on the device can be removed anytime via the device's storage settings or by uninstalling the app.

IV. Search & Generation Requests

Search requests can be used to find logos online. Generation Requests let the user generate custom logo designs.

1. Data Processing

Search requests & generation requests are sent to the app server. No data beyond that specified in X. and XI. is stored.

2. Legal Basis for Processing Data

Above mentioned personal data is only processed after the user has given consent.

3. Purpose of Data Processing

See IX. and X. for more details.

4. Storage Time

See IX. and X. for more details.

5. Possibilities for Objection and Data Removal

See IX. and X. for more details.

V. In-App Purchases

1. Data Processing

In the scope of in-app purchases the Google Play Store (for the Android app) or App Store (for the iOS app) are processing data. This covers especially data related to electronic payment. The data is processed locally by the app and stored on the device.

Further information on Google resp. Apple and privacy can be found here:

https://policies.google.com/privacy

https://www.apple.com/legal/privacy/

Purchase details are furthermore sent to the app server. This includes purchase id, product id, status and date of purchase but no data related to electronic payment

2. Legal Basis for Processing Data

Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

Processing of above mentioned data is responsible to verify in-app purchases as well as the determination which contents have been bought in order to provide them adequately to the customer.

4. Storage Time

Further information on the storage time can be found on the Privacy Page of Google resp. Apple:

https://policies.google.com/privacy

https://www.apple.com/legal/privacy/

The data stored on the app server is deleted in case they are not necessary for the initial purpose anymore.

5. Possibilities for Objection and Data Removal

The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.

VI. Push Notifications

1. Data Processing

1.1. Firebase Cloud Messaging Token

After the app’s installation a random token is generated which is uniquely identifies the current installation of the app. This token is necessary to receive push notifications or to associate other data with the device.

1.2. Processing by Google Firebase

Push notifications are send by the app's Server to the Google Firebase servers in order to forward them to the associated device. Firebase is used as a transmitter only and cannot make any conclusions about the user. For further information about Google Firebase & Privacy please refer to:

https://policies.google.com/privacy

1.3. Processing on the app server

Token, device language, operating system (Android/iOS) as well as settings for push notifications (e.g. time of desired notifications) are sent to the server and stored so that notifications can be delivered as desired.

2. Legal Basis for Processing Data

Above mentioned personal data is only processed after the user has given consent.

3. Purpose of Data Processing

Processing of above mentioned data is required to deliver push messages correctly.

4. Storage Time

Further information on the storage time can be found on the Privacy Page of Google:

https://policies.google.com/privacy

5. Possibilities for Objection and Data Removal

The user can deny the permission to send notification.

VII. Support Tickets

1. Data Processing

Support tickets created by the user as well as the message history are stored on the app server. In addition, device related data is stored in case permission for this is granted by the user. This includes the used Firebase Cloud Messaging Token or purchase information. This data is not stored together with other user related data like mail address or user name.

2. Legal Basis for Processing Data

Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

The temporary storage of support tickets is required to allow replying to the requests. Device related data is required to identify potential errors and bugs. They are NOT used for marketing purposes.

4. Storage Time

The data is deleted in case they are not necessary for the initial purpose anymore.

5. Possibilities for Objection and Data Removal

The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.

VIII. User Interactions

1. Data Processing

Some user interactions are processed on the app server. This contains information about consent to this privacy policy, app openings, onboarding activities or pricing page accesses. Besides the Firebase Cloud Messaging Token no personal data is processed and stored for this purpose.

2. Legal Basis for Processing Data

Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

The processing and storage of the data described above is necessary to securely prove the purchase of in-app products or the consent of the user.

4. Storage Time

The data is deleted in case they are not necessary for the initial purpose anymore.

5. Possibilities for Objection and Data Removal

The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.

IX. Logs

1. Data Processing

The app server stores anonymized data about access into log files. The following data is logged:

- Date and time of the access
- On requesting this privacy policy in the browser: used browser and OS, used device
- Used IP

This data is not stored together with other user related data. The user’s IP is anonymized for long term storage.

2. Legal Basis for Processing Data

Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

The temporary storage of the full IP address for the current session is mandatory in order to deliver the requested data to the user’s device.

The log files are stored in order to ensure the functionality of the server. They are used to identify potential errors and bugs, for optimization purposes and to ensure the security of the IT system. They are NOT used for marketing purposes.

4. Storage Time

The data is deleted in case they are not necessary for the initial purpose anymore. In case of session data this is the case after the session has ended. Log files are deleted after 14 days at the latest.

5. Possibilities for Objection and Data Removal

The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.

X. Server Provider

1. Data Processing

The app server is hosted by Netcup GmbH. The server is located in Germany. Netcup may store data about server accesses.

More information about Netcup and privacy can be found here:

https://www.netcup.de/kontakt/datenschutzerklaerung.php

2. Legal Basis for Processing Data

Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.

3. Purpose of Data Processing

Information on the purpose of data processing can be found on Netcup's privacy page:

https://www.netcup.de/kontakt/datenschutzerklaerung.php

4. Storage Time

You can find information about the duration of storage on Netcup's privacy page:

https://www.netcup.de/kontakt/datenschutzerklaerung.php

5. Possibilities for Objection and Data Removal

The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.