Privacy Policy

1. Controller of Data Processing

Yanik Kendler
Pfennigmayrstraße 8
4641 Steinhaus
Austria
Email: yanik@shotly.at

2. Collection and Processing of Personal Data

The following personal data is processed when using Shotly:

  • Username
  • Email address
  • Password (stored in encrypted form)

Authentication and user data management are handled by the service provider Auth0(Okta Inc.). More information about data processing by Auth0 can be found at: https://auth0.com/privacy

3. Purpose and Legal Basis of Data Processing

Data is processed for the purpose of providing and using the web application and managing user accounts.
Legal basis: Art. 6 (1) lit. b GDPR (performance of a contract) and Art. 6 (1) lit. f GDPR (legitimate interest).

4. Hosting and Data Processing

Shotly is hosted on Google Cloud Run (Google LLC). Data processing may occur in data centers located in the EU or the USA.
A data processing agreement with Google exists pursuant to Art. 28 GDPR and includes standard contractual clauses for securing data transfers to third countries.

5. Cookies

Shotly only uses technically necessary cookies to ensure the basic functionality of the web application (e.g., for login and session management). No tracking or marketing cookies are used.

6. Storage Duration

Your data is stored as long as necessary to use the app. When the account is deleted, all personal data will be permanently removed.

7. Rights of Data Subjects

You have the right to access, rectify, delete, restrict processing, and data portability. You may also withdraw consent at any time.

For complaints or questions: yanik@shotly.at

8. Use of TelemetryDeck to analyze app usage

We use the privacy-friendly analytics service TelemetryDeck (provider: TelemetryDeck GmbH, Von-der-Tann-Str. 54, 86159 Augsburg, Germany) to analyze usage data. The use is based on Art. 6 para. 1 lit. b GDPR, as we require reliable and efficient tools for collecting app usage data in order to fulfill the contract with you, our customer.

What data is transferred?

The data processed by TelemetryDeck is completely anonymized and does not allow any conclusions to be drawn about personal information.

The following data is collected, among other things:

  • an anonymized, untraceable user ID (per app installation),
  • actions defined by the app publisher (e.g., "app launched," "settings opened"),
  • a rounded timestamp (to the nearest hour),
  • device metadata (e.g., system version, app version, device type),
  • additional metadata defined by the app publisher (e.g., "number of items in the database").

What is not stored?

  • No IP addresses (not in logs, not in the database),
  • No cookies or tracking technologies,
  • no persistent identifiers that could be traced back to individuals.

The source code of the TelemetryDeck SDK is completely open source and available on GitHub: https://github.com/TelemetryDeck

Further information on the exact data processing by TelemetryDeck can be found at: https://telemetrydeck.com/privacy and at https://telemetrydeck.com/docs/guides/privacy-faq/