Privacy Policy

Information about the processing of personal data according to GDPR.

1. Controller

Address

Yannick Schroth

c/o Impressumsservice Dein Impressum

Stettiner Str. 41

35410 Hungen

Germany

Please do not send packages to this address.

Contact

Full imprint

2. Web Appearance (GitHub Pages)

My websites are static pages hosted via GitHub Pages. When accessing this website, no cookies are set by me and no analytics tools are used.

Note: GitHub may collect server log files (IP address, browser type, operating system, date and time of access). This is the responsibility of GitHub Inc. (Microsoft Corporation). For details, see the GitHub Privacy Statement.

3. Third-Party Services on This Website

Google Fonts

This website uses the Google Fonts typeface 'Inter', which is hosted locally on this server. No connection to Google servers is established and no data is transmitted to Google.

Tailwind CSS

This website uses the Tailwind CSS framework, which is hosted locally on this server. No connection to external CDN servers is established.

Imprint Service Provider

This website uses the imprint service "Dein Impressum" (ihr-impressum.de) for the provision of the legally required imprint address. The service provider receives and forwards postal mail on my behalf. In doing so, the service provider may process personal data (e.g. sender name and address) contained in correspondence sent to the imprint address. The processing is carried out on the basis of Art. 6 (1) lit. c GDPR (compliance with a legal obligation, namely the imprint requirement under § 5 DDG). Further information can be found in the privacy policy of "Dein Impressum" at ihr-impressum.de.

4. Social Media Presence (Instagram)

I maintain a public profile on Instagram. The Instagram service is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Meta").

Data Processing by Meta

When you visit my Instagram profile, Meta collects, stores, and processes data about your visit — regardless of whether you have an Instagram account or are logged in. This may include your IP address, browser and device information, pages visited, and interactions with the profile. If you are logged into Instagram, Meta can associate this data with your personal account and use it for targeted advertising and market research purposes. I have no influence over the scope of this data collection or Meta's further use of it.

Joint Controllership (Page Insights)

For the statistical analysis of profile interactions (Instagram Insights), Meta and I are joint controllers within the meaning of Art. 26 GDPR. Meta provides these statistics in anonymised and aggregated form; I do not receive any personal data in this process. Meta bears primary responsibility for fulfilling data subject rights in this context. You can assert your rights directly with Meta via their privacy settings.

Legal Basis & Purpose

My presence on Instagram serves the purpose of presenting my apps and projects to a broader audience. The legal basis for this is Art. 6 (1) lit. f GDPR (legitimate interest in public communication and product presentation). Data transfers to the United States are covered by Meta's participation in the EU-U.S. Data Privacy Framework (Adequacy Decision of 10 July 2023).

For full details on how Meta processes your data, please refer to Meta's Privacy Policy at mbasic.facebook.com/privacy/policy. You can manage your privacy settings directly in your Instagram or Meta account.

5. Social Media Presence (YouTube)

I maintain a public channel on YouTube. The YouTube service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google"). Google Ireland Limited is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Data Processing by Google

When you visit my YouTube channel, Google collects, stores, and processes data about your visit — regardless of whether you have a Google account or are logged in. This may include your IP address, browser and device information, pages visited, watch history, and interactions with the channel (e.g. likes, comments, subscriptions). If you are logged into your Google account, Google can associate this data with your personal account and use it for personalised advertising and recommendations. I have no influence over the scope of this data collection or Google's further use of it.

Joint Controllership (YouTube Analytics)

For the statistical analysis of channel interactions (YouTube Studio Analytics), Google and I are joint controllers within the meaning of Art. 26 GDPR. Google provides these statistics in anonymised and aggregated form; I do not receive any personal data in this process. Google bears primary responsibility for fulfilling data subject rights in this context. You can assert your rights directly with Google via your Google account settings.

Legal Basis & Purpose

My YouTube channel serves the purpose of presenting my apps and projects to a broader audience through video content. The legal basis for this is Art. 6 (1) lit. f GDPR (legitimate interest in public communication and product presentation). Data transfers to the United States are covered by Google's participation in the EU-U.S. Data Privacy Framework (Adequacy Decision of 10 July 2023).

For full details on how Google processes your data, please refer to Google's Privacy Policy at policies.google.com/privacy. You can manage your privacy settings directly in your Google account at myaccount.google.com.

6. Social Media Presence (TikTok)

I maintain a public profile on TikTok. For users in the European Economic Area, the responsible service provider is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin 2, D02 T380, Ireland (hereinafter "TikTok"). TikTok Technology Limited is a subsidiary of ByteDance Ltd.

Data Processing by TikTok

When you visit my TikTok profile, TikTok collects, stores, and processes data about your visit — regardless of whether you have a TikTok account or are logged in. This may include your IP address, device and browser information, pages visited, content viewed, and interactions with the profile (e.g. likes, comments, shares, follows). If you are logged into TikTok, TikTok can associate this data with your personal account and use it for personalised content recommendations and advertising. I have no influence over the scope of this data collection or TikTok's further use of it.

Joint Controllership (TikTok Analytics)

For the statistical analysis of profile and content interactions (TikTok Analytics), TikTok and I are joint controllers within the meaning of Art. 26 GDPR. TikTok provides these statistics in anonymised and aggregated form; I do not receive any personal data in this process. TikTok bears primary responsibility for fulfilling data subject rights in this context. You can assert your rights directly with TikTok via your account's privacy settings.

Legal Basis & Purpose

My presence on TikTok serves the purpose of presenting my apps and projects to a broader audience. The legal basis for this is Art. 6 (1) lit. f GDPR (legitimate interest in public communication and product presentation).

International Data Transfers

TikTok may transfer personal data to servers located outside the European Economic Area, including to the United States and Singapore. For such transfers, TikTok relies on Standard Contractual Clauses (SCCs) approved by the European Commission as the appropriate safeguard pursuant to Art. 46 (2) lit. c GDPR. Please note that data may also be accessible to TikTok's parent company ByteDance Ltd., headquartered in the People's Republic of China. TikTok has implemented technical and organisational measures to restrict such access; however, a level of data protection equivalent to that within the EEA cannot be fully guaranteed.

For full details on how TikTok processes your data, please refer to TikTok's Privacy Policy at tiktok.com/legal/page/eea/privacy-policy. You can manage your privacy settings directly in your TikTok account.

7. App Provisions (Monetheus)

Secure

In my apps, protecting your privacy is the top priority:

  • Local Storage: All financial data is stored exclusively on your device (SwiftData). No data is transmitted to external servers.
  • No Data Access: As the developer, I have no access to your financial data, income, or expenses.
  • Data Export/Import: You can export and import your data as a file at any time — giving you full control over your data.

In-App Purchases & Apple App Store

The app is distributed via the Apple App Store and offers in-app purchases (subscriptions). Payments are processed exclusively by Apple Inc. I do not receive or store any payment data (credit card information, bank details, etc.). Apple processes your data in accordance with its own privacy policy. The legal basis is Art. 6 (1) lit. b GDPR (performance of a contract).

RevenueCat

This app uses RevenueCat (RevenueCat Inc., San Francisco, USA) to manage in-app subscriptions. When you use the app, RevenueCat may process the following data: an anonymous user ID, purchase and subscription status (provided by Apple), device information (operating system version, app version), and your IP address through the API connection. This data is necessary for the management and verification of your subscription. RevenueCat acts as a data processor on my behalf. The legal basis is Art. 6 (1) lit. b GDPR (performance of a contract). RevenueCat participates in the EU-U.S. Data Privacy Framework. For details, see the RevenueCat Privacy Policy.

8. Legal Basis

The processing of personal data is based on the following legal grounds:

  • Art. 6 (1) lit. f GDPR — Legitimate interest in the technically secure and optimized provision of this website.
  • Art. 6 (1) lit. b GDPR — Performance of a contract (e.g. in-app purchases, app usage).
  • Art. 6 (1) lit. c GDPR — Compliance with legal obligations (e.g. imprint requirements).

9. International Data Transfers

Through the use of GitHub Pages, Apple services, RevenueCat, Meta (Instagram), Google (YouTube), and TikTok, data may be transferred to servers outside the European Economic Area, including in the United States.

GitHub, Apple, RevenueCat, Meta, and Google participate in the EU-U.S. Data Privacy Framework, which ensures an adequate level of data protection as recognized by the European Commission (Adequacy Decision of 10 July 2023). For TikTok, data transfers to third countries are safeguarded by Standard Contractual Clauses (SCCs) pursuant to Art. 46 (2) lit. c GDPR.

10. Storage Duration

Personal data will only be stored for as long as necessary to fulfill the respective purpose or as required by legal retention obligations. Server log files collected by GitHub are subject to GitHub's retention policies.

11. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR) — You can request information about the data stored about you.
  • Right to rectification (Art. 16 GDPR) — You can request the correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR) — You can request the deletion of your data under certain conditions.
  • Right to restriction of processing (Art. 18 GDPR) — You can request the restriction of data processing.
  • Right to data portability (Art. 20 GDPR) — You can request to receive your data in a structured, commonly used format.
  • Right to object (Art. 21 GDPR) — You can object to the processing of your data based on legitimate interests at any time.

To exercise your rights, please contact me at the address or email listed above.

12. Contact

If you contact me via email, the transmitted data (e.g. email address, name, content of your message) will be stored for the purpose of processing your request. This data will not be passed on to third parties without your consent. The legal basis is Art. 6 (1) lit. f GDPR. The data will be deleted once your request has been fully processed, unless legal retention obligations apply.

13. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR (Art. 77 GDPR). The competent supervisory authority is the data protection authority of the German federal state in which you reside, or the authority responsible for the controller.

14. Changes to This Privacy Policy

This privacy policy may be updated from time to time to reflect changes in data processing practices or legal requirements. The current version is always available at this URL.