Swipesight LogoSwipesight
ENDE

Privacy Policy

Last updated: October 17, 2025

This Privacy Policy explains the nature, scope, and purpose of the processing of personal data within our app "Swipesight" and its associated promotional website.

1. Data Controller

Leo Nobis
Boltensternstr. 18
40239 Düsseldorf
Germany
contact@leonobis.com

2. Data Processing on the Website

a) Hosting

Our website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. With every visit to the website, Vercel automatically collects server log files, which typically include your IP address, the time of access, browser type, and the page accessed. This data is used to ensure the stable and secure operation of the website.

b) Contact

If you contact us via email, the data you provide (e.g., your email address and your inquiry) will be stored to process your request.

c) Cookies & Analytics Tools

Our promotional website currently does not use cookies and does not employ external analytics tools such as Google Analytics.

3. Data Processing in the "Swipesight" App

a) Registration and Authentication

To manage user accounts, we use Firebase Authentication, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In this process, data may also be processed on Google's servers in the USA.

The following login types are supported:

  • Anonymous Authentication: When you first start the app, a temporary, anonymous account is created to allow immediate use of the app's core features. For this, an anonymous user ID is generated by Firebase.
  • Google Sign-In: If you sign in with your Google account or link an anonymous account to it, we process the data provided by Google (usually your email address, your name, and your Google user ID). We do not gain access to your Google password.

b) Data for Core App Functionality

  • Location Data:
    • Nearby Attractions: To show you attractions in your vicinity, the app requests your current device location and transmits it to our backend.
    • Image Upload Wizard: When you upload an image, the app, with your explicit permission, reads the GPS coordinates (EXIF data) stored in the image. These coordinates are sent once to our backend to suggest a list of nearby attractions where the photo might have been taken.
  • Photo Gallery Access: The app requires access to your photo gallery only when you actively use the feature to upload a picture for an attraction. The app only accesses the images you explicitly select.

c) User-Generated Data

The following data that you actively create in the app is stored on our servers:

  • Ratings: Your "Likes" and "Dislikes" for attractions are linked to your user ID to prevent already-rated places from being suggested to you again.
  • Uploaded Images: Images you upload are stored along with your user ID and the associated attraction.
  • Reports: If you report content (images or attractions), we store your report along with your user ID and the reported content.
  • Visit Data: If you mark a favorite as "visited," the corresponding timestamp is stored.

d) App Usage Analytics

We use the services Firebase Analytics and Firebase Crashlytics (both services by Google) to understand the usage of our app and improve its stability. This involves collecting anonymized usage data (e.g., which features are used) and crash reports. This data helps us to fix bugs and optimize the app.

4. Service Providers and Data Storage

  • Backend Hosting: Our backend is operated on a virtual server at Netcup GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany. The server location is Germany.
  • Image Storage: Uploaded images are stored in Amazon S3 (Simple Storage Service), a service by Amazon Web Services (AWS). We exclusively use the data center in Frankfurt am Main, Germany, for this purpose.
  • Authentication: Firebase Authentication (Google), see section 3a.
  • Map SDK: The app uses the Google Maps SDK to display maps. When using the map features, data such as IP address and location is transmitted to Google.

5. Data Security and International Data Transfers

  • Encryption: All communication between the app and our backend is protected by TLS/SSL encryption.
  • Data Transfers to Third Countries (USA): When using services from Google (Firebase Authentication, Firebase Analytics, Google Maps SDK) and Vercel, personal data (e.g., IP address, user IDs) may be transferred to servers in the USA. The level of data protection is ensured by appropriate safeguards, typically through the conclusion of EU Standard Contractual Clauses.

6. Right to Erasure (Account Deletion)

You can exercise your right to the erasure of your personal data ("right to be forgotten") at any time and easily within the app. For this purpose, we provide a "Delete My Account" function in your profile.

When you trigger this function, an automated and irreversible process is initiated that removes all your personal data from our systems. This includes:

  • The deletion of your favorites, ratings, and visit data.
  • The deletion of all images you have uploaded from our storage (Amazon S3) and their associated metadata.
  • The anonymization of any reports you have created.
  • Finally, the complete deletion of your user account from our database and from the Firebase Authentication system.

7. Your Other Rights as a User

You have the right to access, rectify, restrict the processing of, and port your data stored by us at any time. To exercise these rights, please contact us via the email address provided in the legal notice. You also have the right to lodge a complaint with a data protection supervisory authority.

Back to Home
Privacy Policy | Swipesight