Blog ZIELESETZEN.COM

Privacy Policy

1. Controller

Luca Jandke
Predigtstuhlweg 3
84508 Burgkirchen an der Alz
Germany
Email: support@zielesetzen.com

2. Collection and storage of personal data

2.1 Visiting the website

When visiting the website, information is automatically stored in server log files: browser type, operating system, referrer URL, time of the request and IP address. This data is not merged with other data sources.

2.2 Registration and user account

When you create a user account, we process: username, email address, your hashed password, and your goal definitions (e.g. personal goals with deadlines and descriptions). We use this data solely to provide and manage your account.
Legal basis: Contract performance (Art. 6(1)(b) GDPR).
Retention: As long as your account is active; afterwards deletion (unless legal retention obligations apply, e.g. payments).

2.3 Contact options

For messages sent via the contact form or by email, we store your details (name, email, message) to respond to your inquiry.
Legal basis: Contract performance (Art. 6(1)(b) GDPR).

3. Cookies

We use technically necessary session cookies for login and, if applicable, a persistent cookie to keep you signed in (“stay logged in”). Session cookies are deleted when you close your browser; persistent cookies after a few days to weeks.
Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

4. Payments (Stripe)

For paid features we use Stripe Checkout. Payment data (e.g. credit card numbers) is processed directly by Stripe; we only receive payment confirmations.
Legal basis: Contract performance (Art. 6(1)(b) GDPR).
More information: Stripe Privacy Policy.
Stripe may transfer data to the USA. For this, Stripe uses the EU Commission-approved Standard Contractual Clauses (SCCs).

5. Hosting & server logs (Vercel)

Our website is hosted by Vercel Inc. Vercel stores IP address, browser data, date and time for up to 14 days to ensure security and stability.
Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).
More information: Vercel Privacy Policy.

6. Database & authentication (Supabase)

We use Supabase (Supabase Inc., USA / Ireland) for user data storage, authentication and file management.
Legal basis: Contract performance (Art. 6(1)(b) GDPR).
Supabase may process data outside the EU based on SCCs. More info: Supabase Privacy.

7. Email communication (Zoho Mail, Resend)

For business email we use Zoho Mail (Zoho Corporation B.V., Netherlands). Zoho may transfer data to third countries using SCCs. More info: Zoho Privacy.

For transactional emails (e.g. confirmations, reminders) we use Resend (Resend, Inc., USA). Resend uses SCCs to ensure an adequate level of protection. More info: Resend Privacy Policy.

8. Disclosures & third countries

We only share your data with third parties if necessary for contract performance, if you consented, or if we are legally obliged.
We have data processing agreements (Art. 28 GDPR) with all service providers.
Where data is processed outside the EU, this is based on SCCs approved by the EU Commission.

9. Your rights

You have the right to access, rectification, erasure, restriction, data portability and objection. Please contact support@zielesetzen.com or your competent supervisory authority.

10. SSL/TLS encryption

Your data is transmitted via HTTPS. Please look for the padlock in your browser’s address bar.

11. Changes to this policy

This Privacy Policy applies as of . When updated, the current version will appear here.