Privacy Policy

Information on how we handle your data

1. Privacy at a glance

This privacy policy explains the nature, scope, and purpose of processing personal data within this web app (hereinafter referred to as "App").

The app is designed with data minimization in mind and does not use any third-party tracking or analytics services.

3. Data collection in this app

a) Hosting, Server Log Files & CDN (Cloudflare)

We host our app with an external provider (Strato AG). The provider automatically collects and stores information in server log files (e.g., browser type, operating system, IP address) which serve the technical security and stability of the system (Art. 6 Para. 1 lit. f GDPR). A Data Processing Agreement (DPA) has been concluded.

Additionally, we use Cloudflare (Cloudflare, Inc., USA) as a Content Delivery Network. All data traffic is routed through Cloudflare to protect the app and optimize loading times. Cloudflare inevitably processes IP addresses (legitimate interest according to Art. 6 Para. 1 lit. f GDPR). Cloudflare is certified under the EU-US Data Privacy Framework.

b) Cookies & Login Status

This app uses technically necessary cookies to manage your session (Art. 25 Para. 2 TDDDG):

  • Session Cookie: Stores a temporary "Session ID" to identify you as a logged-in user. This cookie is deleted after closing the browser or logging out.
  • Stay-Logged-In Cookie: If you select the "Keep me logged in" option, an encrypted security token is stored in your browser. This cookie automatically expires after 90 days or is deleted immediately upon manual logout.
  • Language Cookie: Saves your preferred language setting (e.g., German or English) so that the app is displayed correctly on future visits. This cookie expires after one year.
c) LocalStorage

To improve your user experience, the app stores purely functional settings (e.g., filter status or the lock status of input fields) locally in your browser (LocalStorage). This data remains exclusively on your device and is not transmitted to our servers.

d) Registration and user data

When you register, we collect the data you provide (username, email address, password hash). The email address is used exclusively for sending the activation link and is deleted immediately after successful account activation in the spirit of data minimization. An email for password resets can optionally be added later. Once activated, we also store your custom search strings and Pokédex entries to continuously provide the service to you (Art. 6 Para. 1 lit. b GDPR).

4. Your rights

You have the right at any time to:

  • Request information about your stored data (Art. 15 GDPR).
  • Request the correction or deletion of your data (Art. 16, 17 GDPR).
  • Request the restriction of data processing (Art. 18 GDPR).
  • Object to the processing (Art. 21 GDPR) and lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

5. Analytics and advertising

This app does not use analytics tools (like Google Analytics) or advertising trackers. We do not create user profiles.