Privacy Policy for Eat 30 Plants

Privacy Policy for
Eat 30 Plants

Privacy Policy for Eat 30 Plants

  1. Responsible person

MvG Mehr vom Guten OG
Max-Winter-Platz 9/17
1020 Vienna, Austria
Email: support@eat30plants.app

2. Overview of Data Processing

The “Eat 30 Plants” app helps you track your plant intake. This privacy policy informs you about which data we collect, how we use it, and what rights you have.

  1. What data we collect
3.1. Device identification

When you use the app for the first time, a random device identifier (UUID) is generated and stored on your device. This identifier contains no personal information and is used solely to assign your entries to your device.

Legal basis: Legitimate interest (Art. 6 para. 1 lit. f GDPR) – for providing the app functionality.

3.2. Plant entries

When you enter plants in the app, the following data is collected:

- Date of entry
- Selected plants/categories
- Timestamps of creation and modification

This data is stored locally on your device and synchronized with our server to enable data backup.

Legal basis: Performance of a contract (Art. 6(1)(b) GDPR) – for the provision of the service.

3.3. Push notifications

If you enable push notifications, we collect:

- Your push token (provided by Apple)
- The time zone of your device

We use this data to send you reminders at the right time.

Legal basis: Consent (Art. 6 para. 1 lit. a GDPR)

3.4. In-App Purchases and Subscriptions

To process in-app purchases, we use the RevenueCat service (RevenueCat Inc., USA). The following are processed:

- Your device identifier
- Purchase history and subscription status
- Transaction data (processed via Apple)

Your payment data is processed exclusively by Apple and is not accessible to us.

Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).

RevenueCat privacy notice: https://www.revenuecat.com/privacy

3.5. Error Reports and Stability

To improve app stability, we use Sentry (Functional Software Inc.). In the event of app errors, the following data is transmitted:

- Error messages and stack traces
- Device information (model, operating system version)
- App version
- Anonymized usage data

The data is processed on servers in the EU (Germany).

Legal basis: Legitimate interest (Art. 6 para. 1 lit. f GDPR) – for troubleshooting and quality assurance.

Sentry privacy notice: https://sentry.io/privacy/

3.6. Usage analysis

For the anonymized analysis of app usage, we use TelemetryDeck (TelemetryDeck UG, Germany). TelemetryDeck is a privacy-friendly analytics service that does not store any personal data.

Collected are:

- Anonymized usage events (e.g. interaction with the subscription screen)
- No IP addresses, no device IDs

Legal basis: Legitimate interest (Art. 6 para. 1 lit. f GDPR) – for product improvement.

TelemetryDeck privacy notice: https://telemetrydeck.com/privacy/

4. Disclosure of Data to Third Parties

We only share your data with the service providers named in this statement:

Service provider: Own server (Fly.io)

Purpose: Data synchronization, push notifications

Location: EU

Service provider: Sentry

Purpose: Error reports

Location: EU (Germany)

Service provider: TelemetryDeck

Purpose: Anonymous usage analysis

Location: EU (Germany)

Service provider: RevenueCat

Purpose: In-app purchases

Location: USA*

Service provider: Apple

Purpose: Push services, App Store

Location: USA*

*For data transfers to the United States, we rely on Standard Contractual Clauses (Art. 46(2)(c) GDPR) or the EU-US Data Privacy Framework.

5. Storage Duration

- Plant entries: As long as you use the app; deleted upon request
- Device identifier: Until the app is uninstalled or upon request
- Push token: Until permission is revoked
- Error reports: 90 days
- Analytics data: Anonymized, therefore unlimited

6. Your Rights

Under the GDPR, you have the following rights:

- Information (Art. 15 GDPR): You may request information about the data stored about you.
- Rectification (Art. 16 GDPR): You may request the correction of inaccurate data.
- Erasure (Art. 17 GDPR): You may request the deletion of your data.
- Restriction (Art. 18 GDPR): You may request the restriction of processing.
- Data portability (Art. 20 GDPR): You may receive your data in a machine-readable format.
- Objection (Art. 21 GDPR): You may object to processing.
- Withdrawal of consent (Art. 7 para. 3 GDPR): You may withdraw any consent you have given at any time.

To exercise your rights, contact us at: app@30pflanzen.com

7. Right to lodge a complaint

You have the right to complain to a data protection supervisory authority. The authority responsible for us is:

Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
E-mail: dsb@dsb.gv.at
Website: https://www.dsb.gv.at

8. Data We Do NOT Collect

For clarification: The app collects not:

- Names, email addresses, or contact details
- Location data
- Photos or camera access
- Health data
- Contacts or calendar entries
- Tracking across apps

9. Data Security

We use technical and organizational measures to protect your data:

- Encrypted transmission (HTTPS/TLS)
- Secure storage on your device
- Regular security updates

10. Changes to this Privacy Policy

We reserve the right to amend this privacy policy to reflect changes in the legal situation or changes to the app. You can always find the current version at the link provided in the app.

11. Contact

If you have any questions about data protection, you can reach us at:

MvG Mehr vom Guten OG
Email: support@eat30plants.app

back