Privacy policy

1. Data controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) for the operation of keyshelf.app is the natural person named in the legal notice.

2. Data collected & purpose

When using keyshelf.app, the following personal data is processed:

• Email address – for authentication and transactional emails (e.g. registration confirmation, password reset, email change)
• Username – as your public identity on the platform
• Password – transmitted over a TLS-encrypted connection and stored server-side exclusively as a bcrypt hash
• Profile picture & bio – optional, publicly visible
• Registration timestamp & last login – for account management

The legal basis for processing is Art. 6(1)(b) GDPR (performance of a contract), as the data is necessary to provide the platform and its features. Optional profile information (profile picture, bio) is processed on the basis of Art. 6(1)(a) GDPR (consent).

3. Server log files

When keyshelf.app is accessed, the hosting provider Strato AG automatically records technical access data in so-called server log files. This includes, for example:

• Page accessed
• Date and time of access
• Amount of data transferred
• Browser type and version
• Operating system used

According to the hosting provider, the IP address or hostname of the accessing client is stored in anonymized form in the log files, so that no direct personal reference can be established.

The log files are used exclusively for the technical provision, stability, and security of the server. The anonymized log data is stored by the hosting provider for a maximum of 6 weeks and then automatically deleted.

4. Cookies & local storage

keyshelf.app only uses technically necessary cookies and browser storage entries:

No tracking cookies, advertising cookies, or third-party cookies are set. These cookies and storage mechanisms are technically required to provide the website's features and do not require consent.

5. Data processors

The server and hosting infrastructure for keyshelf.app is provided by Strato AG. Strato operates the server on which the application and the database containing personal data reside, and therefore has technical access to that data. In addition, Strato's SMTP service is used for sending transactional emails.

A data processing agreement in accordance with Art. 28 GDPR exists with Strato, covering both services.

Strato AG, Pascalstraße 10, 10587 Berlin, Germany – Strato privacy policy

6. Data sharing

Personal data is not shared, sold, or rented to third parties, except for the data processing by Strato described above.

7. Retention period

Account data is retained for as long as the account exists. Upon account deletion, all personal data is permanently erased. Account deletion can be performed directly from the dashboard.

8. Your rights

Under GDPR, you have the following rights:

• Access (Art. 15 GDPR) – What data is stored about me?
• Rectification (Art. 16 GDPR) – Correction of inaccurate data
• Erasure (Art. 17 GDPR) – Account deletion is available via the dashboard
• Restriction of processing (Art. 18 GDPR)
• Objection (Art. 21 GDPR)
• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, please contact: …

9. No analytics services

keyshelf.app does not use any external analytics or tracking services (no Google Analytics, no social media pixels, etc.). No data is transmitted to advertisers.

10. Data security

This website uses TLS/SSL encryption for security purposes and to protect the transmission of confidential content. You can recognize an encrypted connection by the "https://" prefix in your browser's address bar.