← Back to home

Privacy policy

Last updated: Mai 2026

1. Controller

Controller within the meaning of the General Data Protection Regulation (GDPR) is:

Joel Frederic Duscha

Plankstraße 1

41462 Neuss

Germany

Email: jfduscha@gmail.com

2. Hosting & technical infrastructure

This application is operated via a hosting provider (e.g. Vercel Inc., USA) and uses Supabase (Supabase Inc.) as the backend for authentication and the database. Personal data (e.g. IP address, timestamps, technical diagnostic data) may be processed. Please refer to the privacy notices of your hosting provider and Supabase. Where possible, choose an EU region for data storage in Supabase.

3. Purposes and legal bases

  • Providing the app & user account (Art. 6 (1) (b) GDPR): registration, login, storage of CRM data you create (contacts, notes, etc.) in the database.
  • Security & operations (Art. 6 (1) (f) GDPR): protection against misuse, error analysis to the extent technically necessary.

4. Categories of personal data

Depending on use, including:

  • Account data (e.g. email address, internal user ID from Supabase Auth)
  • Content you enter in the app (e.g. third-party contact data, free-text fields)
  • Technical metadata (timestamps, IP address on access — per hoster log settings)

5. Storage period

We store personal data for as long as a user account exists and the data is required for the stated purposes. After account deletion, data must be deleted unless statutory retention obligations apply.

6. Disclosure to third parties

Data is disclosed to third parties only where necessary for contract performance (e.g. processors: hosting, Supabase) or where there is a legal obligation.

7. Transfers to third countries

If providers outside the EU/EEA are used, processing takes place only where appropriate safeguards exist (e.g. EU standard contractual clauses) or an adequacy decision by the Commission — please check the current information for your chosen providers and regions.

8. Your rights

Where the legal requirements are met, you have in particular:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, contact: jfduscha@gmail.com

9. Cookies & local storage

Technically necessary cookies or comparable technologies (e.g. Supabase Auth in the browser) may be used for login and session management. These are required for the application to function.

10. Changes

We may update this privacy policy so that it always complies with current legal requirements or reflects changes to our service.

Note: This template is not legal advice. Adapt the content to your specific hosting, tracking, and other tools.