Privacy Policy

Ioannis Toptsis

Email: contact@janni.email

Hesse, Germany

This app may process technical request data required to deliver the site, account data submitted during sign-up, and checklist state used to provide the tracker.

• Name, email address, and a hashed password when you register with credentials.
• Name, email address, and optional profile image when you sign in with Google.
• Checklist completion data, selected language, and selected time zone.
• Session token data required to keep you signed in.
• Guest-mode preferences and checklist state stored locally in your browser.

Data is processed to provide the app, keep accounts secure, sync checklist progress, remember preferences, and operate the sign-in flow.

The legal basis is generally Art. 6(1)(b) GDPR for providing requested functionality and Art. 6(1)(f) GDPR for technical operation, security, and abuse prevention. If you choose Google sign-in, the transfer of your profile data is initiated by your login action.

• Authenticated account and checklist data are stored server-side in SQLite for as long as the account remains active or until deletion is requested.
• Session tokens expire after up to 30 days unless you sign out earlier.
• Temporary Google OAuth verification cookies are cleared after the sign-in flow completes or fails.
• Guest-mode checklist data, language selection, and time-zone selection remain in localStorage until you clear your browser data.
• Technical server logs may be retained by the deployment environment for operational and security purposes, subject to that environment's retention settings.

This app only uses data stores that are technically necessary for its operation.

• The `nte-session` cookie keeps authenticated users signed in.
• Temporary Google OAuth cookies are used to validate the login callback securely.
• Guest checklist state, language preference, and time-zone preference can be stored in localStorage.

No advertising, profiling, or analytics cookies are used by this app itself.

Personal data is not sold. Data may be shared only where technically required to provide the service, such as with the deployment provider or Google when you explicitly use Google sign-in.

When you follow dashboard links to external websites, those services operate under their own privacy policies.

Under the GDPR, you may have rights of access, rectification, erasure, restriction, objection, and data portability.

To exercise these rights or request deletion of your account data, contact contact@janni.email.

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates applicable data protection law.