Privacy Policy for Saurify

Last updated: 19 May 2026

This Privacy Policy explains how Saurify processes personal data when you use the Saurify web app and website.

Controller:
Matthias Kampmann
Pettenkoferstr. 30
45147 Essen
Germany
Email: [email protected]
Phone: +49 152 593 228 09

1) Controller (Art. 4(7) GDPR)

The data controller is Matthias Kampmann. Contact: [email protected].

2) Data we process

We follow data minimization and process only what is necessary to operate and secure Saurify.

Depending on use, this may include:

  • Account/guardian contact data (e.g., parent email)
  • User-provided content required for web app functionality
  • Technical data (e.g., IP address, browser/device metadata, timestamps, log data)
  • Support communication data if you contact us

We do not collect unnecessary personal data.

3) Purposes and legal bases (Art. 6 GDPR)

We process personal data for:

  • Providing Saurify’s core functionality (Art. 6(1)(b) GDPR)
  • Security, fraud prevention, and system stability (Art. 6(1)(f) GDPR)
  • Legal obligations (Art. 6(1)(c) GDPR)
  • Support communication (Art. 6(1)(b) or (f) GDPR)

Where consent is required, we rely on Art. 6(1)(a) GDPR. Consent can be withdrawn at any time with effect for the future.

4) Children and parental consent (Art. 8 GDPR)

Saurify is intended for children.

Where processing is based on consent and the child is below the applicable digital age of consent, we obtain consent from a parent or legal guardian before processing. For users in Germany, this generally applies to users under 16 years of age.

Parents/guardians can contact us at [email protected] to:

  • review data associated with their child,
  • request correction or deletion,
  • withdraw previously given consent.

5) Cookies and tracking

We use only technically necessary cookies/technologies by default.

No advertising tracking or non-essential analytics is enabled without explicit consent, where required.

Any analytics used for product operation is hosted in privacy-first mode on our own infrastructure (Hetzner).

You can manage cookie preferences at any time via cookie settings (if implemented on the website).

6) Recipients and processors (Art. 28 GDPR)

We use the following processors for operation of Saurify:

  • Hetzner Online GmbH (hosting/infrastructure, including self-hosted tracking infrastructure)
  • Cloudflare, Inc. (DNS, CDN, and security/network protection)

Processing is performed under data processing agreements pursuant to Art. 28 GDPR.

We do not sell personal data.

Data is disclosed to authorities only when legally required.

7) International transfers

If personal data is transferred outside the EU/EEA (e.g., via service providers), we apply appropriate safeguards, such as EU Standard Contractual Clauses or adequacy decisions, where required.

8) Retention

We retain personal data only as long as necessary for the relevant purpose or as required by law, then delete or anonymize it.

9) Data subject rights (Arts. 15–21 GDPR)

You have the right to access, rectification, erasure, restriction of processing, data portability, objection (where processing is based on legitimate interests), and withdrawal of consent at any time (if consent is the legal basis).

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Contact: [email protected]

10) Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

11) Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or operational changes. The current version is always published on this page.