Privacy Policy

Last updated: March 19, 2026

1. Controller and Scope

This Privacy Policy applies to the website memorybankapp.com and the mobile application MemoryBank (hereinafter referred to as the "App").

The data controller is:

Daniel Möck
c/o IP-Management #2816
Ludwig-Erhard-Straße 18
20459 Hamburg
Germany
Email: info@dancingmacaw.com

2. Data Collection on the Website (Hosting)

Our website provides information and account management features (e.g., account deletion). The site is hosted by an external provider. The provider automatically collects server log files (IP address, browser type, referrer URL, timestamp). The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in technical stability).

3. Registration and Infrastructure (Supabase & Expo)

3.1 Supabase (Backend & Database)

We use Supabase (Supabase Inc., USA) for user management (authentication) and data storage (database).

• Processed Data: Email address, encrypted login credentials, User ID, and the content you store within the app ("Memories").
• Data Location: We configure Supabase to store data on servers within the European Union (Frankfurt region) whenever possible. Any data transfer to the USA is based on EU Standard Contractual Clauses (SCCs).
• Legal Basis: Art. 6 (1) (b) GDPR (performance of a contract).

3.2 Expo

We use Expo (650 Industries, Inc., USA) for development and providing "Over-the-Air" updates. Technical connection data may be processed to ensure the app functions correctly.

4. Analytics and Improvement (PostHog)

To identify bugs and improve the app experience, we use PostHog.

• Data: IP address (stored anonymously), device information, usage patterns.
• Location: We use the PostHog EU Cloud. Data transfers to third countries are secured by SCCs.
• Legal Basis: Art. 6 (1) (f) GDPR (legitimate interest).

5. Subscriptions and Purchases (RevenueCat)

We use RevenueCat to manage in-app purchases and subscriptions.

• Function: Validating purchase receipts from App Stores (Apple/Google).
• Data: App User ID, purchase history. We do not have access to your credit card details or real name; these are handled securely by Apple/Google.
• Legal Basis: Art. 6 (1) (b) GDPR.

6. Newsletter (beehiiv)

If you subscribe, we use beehiiv for email delivery and analytics.

• Data: Email address, interaction data (e.g., open rates).
• Legal Basis: Your consent (Art. 6 (1) (a) GDPR). You can withdraw consent at any time via the unsubscribe link.

7. Account Deletion and Retention

You have full control over your data.

• In-App: You can delete your account directly in the app settings.
• Website: If you no longer have access to the app, you can request account deletion at memorybankapp.com/delete-account.
• Consequence: Upon account deletion, all personal data in the Supabase database will be permanently erased, unless legal retention requirements apply.

8. Your Rights

Under the GDPR, you have the right to:

• Access (Art. 15)
• Rectification (Art. 16)
• Erasure (Art. 17)
• Data Portability (Art. 20)
• Withdraw consent.

For any inquiries, please contact info@dancingmacaw.com.