Privacy Policy

Effective Date: January 15, 2025

Last Updated: January 2, 2026

1. Data Controller

Marsrock
Feldmochinger Str. 217b
80995 Munich, Germany

Email: info@1to10me.com

2. Data Collection and Usage

We only collect data that is technically necessary to provide our services. We process your data based on Art. 6(1)(b) GDPR (Contract Performance) and Art. 6(1)(a) GDPR (Consent).

2.1 Account & Identity Data

When you sign up via Google or Apple (OAuth), we collect:

• Name & Email Address: To manage your account and identify you.
• Date of Birth: To verify you are at least 18 years old.
• Gender: To enable demographic targeting features.

Purpose: Account management and app functionality. We do not share your name or email with third parties for marketing purposes.

2.2 Location Data (Strictly Purpose-Bound)

If you grant permission, we collect your GPS coordinates to enable regional photo feeds and targeting.

What we store:

• Country code (e.g., "DE")
• Region (e.g., "europe")
• City name
• Geohash (5-character location identifier)

What we do NOT store:

• Street address
• Postal code
• Precise home location

Purpose: App Functionality only.

Advertising: We do not explicitly pass your location data to advertising networks (e.g., AdMob). However, the AdMob SDK may collect approximate location if you have granted location permission to the app. This is standard SDK behavior.

2.3 User-Generated Content

Photos you upload, ratings (1–10), comments, and in-app messages are stored to provide the core experience of the app. You retain ownership of your content and can delete it at any time.

2.4 App Performance & Diagnostics

To maintain and improve the app, we may collect technical information including crash reports, performance metrics, and usage analytics. This data is collected through our infrastructure providers (Firebase, Google Play) and is used solely for app improvement and troubleshooting.

2.5 Financial Data & In-App Purchases

We use RevenueCat and Google Play Billing / Apple App Store to manage subscriptions and credit purchases.

What we receive: A unique User ID and your purchase history (e.g., "Premium Active", "100 Credits purchased").

What we NEVER receive: Your credit card details, bank account numbers, or raw payment information. These are handled exclusively by Google or Apple.

3. Data We Do NOT Collect

To be clear, we do not collect:

• ❌ Phone numbers
• ❌ Street addresses or postal codes
• ❌ Payment card details
• ❌ Health or biometric data
• ❌ Political or religious beliefs

4. Data Sharing and Third-Party Services

We share limited data with the following processors to ensure the app works correctly:

4.1 Google AdMob (Advertising)

To keep the app free, we show ads.

What is shared:

• Device ID (IDFA/AAID)
• Consent status (personalized/non-personalized)

What is NOT shared:

• Your name or email
• Your exact location (not explicitly passed by our code)

4.2 Firebase (Infrastructure)

Used for our database, hosting, authentication, and analytics.

What is shared: All user data (encrypted in transit and at rest).

Privacy Policy: https://firebase.google.com/support/privacy

4.3 RevenueCat (Purchases)

Used to verify your subscription and credit purchase status across devices.

What is shared: User ID only.

What is NOT shared: Email, name, or payment details.

Privacy Policy: https://www.revenuecat.com/privacy

5. Data Security

Your security is our priority. In accordance with our Google Play Data Safety declaration:

• Encryption in Transit: All data is encrypted using TLS 1.3.
• Encryption at Rest: Data is stored using AES-256 encryption within the Google Cloud/Firebase infrastructure.
• Access Controls: Strict Firebase Security Rules ensure users can only access their own data.

6. Your Rights and Data Deletion

Under the GDPR, you have the right to access, rectify, or delete your personal data.

6.1 Account Deletion

You can delete your account and all associated data (photos, profile, ratings, credits) instantly via the app:

Profile → Settings → Delete Account

What happens:

• All personal data deleted permanently
• Photos removed from storage
• Ratings anonymized (no longer linked to you)
• Purchased credits forfeited (no refund)
• Premium subscription cancelled (no refund)

Timeframe: Immediate (automated)

⚠️ Cannot be undone!

6.2 Data Export

You can request a copy of your data by contacting us at info@1to10me.com.

6.3 Right to Object

You can opt-out of personalized advertising via:

Profile → Settings → Ad & Privacy Settings

7. Children's Privacy

Minimum Age: 18 years

We collect your date of birth during registration and do not permit users under 18 to use the Service.

If you believe a person under 18 has created an account, please contact us at info@1to10me.com.

8. Updates to This Policy

We will notify you of material changes via in-app notification or email. The "Last Updated" date at the top will always reflect the most recent version.

9. Contact

For any privacy-related questions, please contact us at:

Email: info@1to10me.com

Postal Address:
Marsrock
Feldmochinger Str. 217b
80995 Munich, Germany

10. Supervisory Authority

You have the right to lodge a complaint with a data protection authority:

Germany:
Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153
53117 Bonn, Germany

Email: poststelle@bfdi.bund.de
Website: https://www.bfdi.bund.de

Effective Date: January 15, 2025
Last Updated: January 2, 2026
Version: 2.0.0