Privacy Policy
(Convenience translation – the German version is legally binding. Last updated 20 May 2025)
1. Controller
Recal GbR – represented by Jona Schwarz & Torben Köhler
Donaustraße 44, 12043 Berlin, Germany
E-mail: privacy@recal.dev
2. Hosting
Our web application is hosted exclusively on servers located in Germany. All data transmissions are TLS-encrypted.
3. Access Data (Server Log Files)
When you visit our website, we automatically process:
- Truncated IP address
- Date/time of request
- Requested resource (URL)
- Referrer URL
- User agent string
Purpose: technical functionality and security analysis (Art. 6 (1) f GDPR).
4. Contact by E-mail
If you contact us by e-mail, we process the data you provide to handle your request (Art. 6 (1) b GDPR). We delete the data once the purpose has been fulfilled and no statutory retention periods apply.
5. Authentication via Clerk
We use the service Clerk (EU region) for registration and login.
- Data processed: e-mail address, login events, optional profile data
- Purpose: user account management (Art. 6 (1) b GDPR)
- Legal safeguards: Data-Processing Agreement; EU-US Data Privacy Framework
6. Analytics with PostHog Cloud EU
- Data processed: pseudonymised user ID, page views, click paths (IP addresses are truncated)
- Purpose: statistical analysis and product improvement (Art. 6 (1) f GDPR)
- Opt-out: disable 'Analytics' in the cookie banner at any time.
7. Cookies
Type | Purpose | Legal basis | Retention |
---|---|---|---|
Necessary | Login session | Art. 6 (1) f GDPR | End of session |
Analytics | Usage statistics (PostHog) | Art. 6 (1) a GDPR | 12 months |
8. Storage Period
We delete personal data as soon as its purpose is fulfilled and no statutory retention periods prevent deletion.
9. Data Subject Rights
You have the right to access, rectify, erase, restrict or object to processing, and to data portability (Art. 15–21 GDPR). Contact us at privacy@recal.dev.
10. Right to Lodge a Complaint
You may lodge a complaint with any supervisory authority, e.g. the Berlin Commissioner for Data Protection and Freedom of Information.
11. Data Security
All personal data is transferred via TLS encryption and, where possible, stored in encrypted form.
12. Amendments
We may update this Privacy Policy. The version published on this page is the current one.