Privacy Policy

Last Updated: February 22, 2026

1. Introduction & Scope

This Privacy Policy explains what personal data we collect, how we use it, when we share it, and your rights with respect to your data when you use the Prody Board Website and macOS App (“Service”). Personal data refers to any information that can identify you or be reasonably linked to you.

2. Definitions

“Controller” means the person or organization that determines how personal data is processed. “Processor” means a third party that processes data on behalf of the Controller. “Personal Data” means information about an identified or identifiable person. “Processing” includes collection, storage, use, sharing or deletion of data.

3. Data Controller

The data controller for the Service is:

Markus Biermeier

Kopernikusplatz 11

90459 Nürnberg, Germany

Email: bigjennymusic@gmail.com

4. Data We Collect

We may collect the following categories of personal data:

  • Account Data: Email address, unique ID via authentication.
  • Local Contact Data: Stored locally on your device only.
  • File References: Metadata such as filename, path, stored on your device and referenced server-side.
  • Technical Data: Device model, OS version, App version, push tokens for notifications.
  • Email Metadata: Nylas message IDs, timestamps, webhook events for open/delivery tracking.

5. How We Collect Data

We collect data when you:

  • Create an account via Apple Sign‑In
  • Use the macOS App
  • Import contacts or files locally
  • Trigger webhook events (email tracking)

6. Cookies & Tracking

Our website may use cookies and similar technologies for essential site functionality and analytics. Cookies may be used to store preferences or track visits. You can disable cookies through browser settings at any time.

7. Use of Data & Legal Basis

  • Contract Fulfillment: Providing the Service and features. (Art. 6(1)(b) GDPR)
  • Consent: When you opt into tracking or communications. (Art. 6(1)(a) GDPR)
  • Legal Obligations: Compliance with laws and regulations. (Art. 6(1)(c) GDPR)
  • Legitimate Interests: Security, fraud prevention, analytics. (Art. 6(1)(f) GDPR)

8. Sharing with Third Parties

We may share personal data with:

  • Processors like Supabase (authentication), Nylas (email), payment providers
  • Law enforcement or regulators when required by law

All third-party processors are bound by data processing agreements to comply with GDPR.

9. International Data Transfers

Personal data may be transferred to servers outside the European Economic Area (EEA). We implement appropriate safeguards such as Standard Contractual Clauses or other mechanisms recognized under GDPR to ensure data protection.

10. Security Measures

We implement reasonable technical and organizational measures such as encryption in transit (HTTPS), secure access control, regular updates, and backups to protect your data.

11. Data Retention

We retain personal data only as long as necessary for the purposes described, unless retention for longer periods is required by law. Local data remains on your device until you delete it.

12. Your GDPR Rights

Under GDPR you have rights to:

  • Access your data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Delete data (Art. 17)
  • Restrict processing (Art. 18)
  • Object to processing (Art. 21)
  • Withdraw consent (Art. 7)

13. Exercising Your Rights

You can contact us at the email listed above to exercise your rights or request information.

14. Children’s Data

Our Service is not intended for children under 16. We do not knowingly collect data from children without parental consent.

15. Changes to Privacy Policy

We may update this policy; significant changes will be notified via the Service or email.

16. Supervisory Authority

You may lodge complaints with your local data protection authority. For Germany, see:https://www.bfdi.bund.de/EN/Home/home_node.html