Privacy Policy

Last Updated: January 2026

1. General Information & Responsible Body

We take the protection of your personal data seriously. This Privacy Policy explains how SciEspresso UG (haftungsbeschränkt) ("we", "us") collects and processes your data when you use the SciEspresso mobile application ("App") and our website.

Controller (Verantwortlicher):
SciEspresso UG (haftungsbeschränkt)
[Insert Street Address]
[Insert Zip Code & City], Germany
Email: [Insert Support Email]

2. Data Collection in the App

To provide our services, we collect and process the following data:

Account Data: When you register, we store your email address and a unique User ID. This is necessary to save your preferences and library (Art. 6(1)(b) GDPR).
Usage Data: We store your selected topics, read articles ("Espresso Shots"), and bookmarked items to customize your feed.
Device Data: We collect technical information (Device Model, OS Version, Language) to ensure app stability.

3. Third-Party Services & Processors

We use trusted third-party service providers to operate our App. We have concluded Data Processing Agreements (AV-Verträge) with these providers.

3.1 Infrastructure & Authentication (Google Firebase)

We use Google Firebase (provided by Google Ireland Ltd.) for:

Authentication: Secure login management.
Firestore Database: Storing your summaries and user profile.
Crashlytics: Analyzing app crashes to improve stability.

3.2 Artificial Intelligence (OpenAI)

Our "Espresso Shots" are generated using AI models provided by OpenAI. Your search queries or requested summaries may be processed by OpenAI via an API. We do not use your personal data to train public AI models.

3.3 Push Notifications

To send you daily briefings, we use notification services (Apple Push Notification Service / Firebase Cloud Messaging). This requires processing your device's unique "Push Token." You can disable this in your phone settings at any time.

4. Subscriptions & Payments

We do not process or store your credit card or banking information directly. All payments are handled by the respective app store providers:

Apple App Store: Payments are processed by Apple Inc. (USA/Ireland).
Google Play Store: Payments are processed by Google (USA/Ireland).

We only receive a confirmation that a payment was successful and the validity period of your subscription.

5. Deletion of Your Account

You can delete your account and all associated data at any time directly within the App.

How to delete: Go to Settings > Account > Delete Account.

Upon request, your data (Email, User ID, Saved Library) will be irrevocably deleted from our servers immediately, unless statutory retention periods apply (e.g., for tax purposes regarding invoices).

6. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR)
Right to Rectification (Art. 16 GDPR)
Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR)
Right to Restriction of Processing (Art. 18 GDPR)
Right to Data Portability (Art. 20 GDPR)

To exercise these rights, please contact us at the email address listed in our Imprint.

7. International Data Transfers

Some of our service providers (e.g., Google, OpenAI) are based in the USA. Data transfers to the USA are based on the EU-US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.