Privacy Policy

Introduction and Terms

1. Introduction

Using the noeia ideas app on Mac, iPhone, and iPad requires processing certain personal data. Ensuring the careful handling of this information in compliance with GDPR and the Federal Data Protection Act (BDSG-neu) is a priority. This privacy statement explains which data are collected when using the app, the purpose of such collection, the legal basis, and if or to whom data may be disclosed. Additionally, the rights regarding personal data will be outlined.

2. Terms

The privacy policy includes technical terms from the GDPR and the BDSG-neu. For clarity, these terms are explained in simple words beforehand:

2.1 Personal Data

“Personal data” includes all information relating to an identified or identifiable person (Art. 4 No. 1 GDPR). This could be names or email addresses. It also includes data where identity is not immediately apparent but can be determined by combining it with other information. Identity can be ascertained, for example, by address, bank details, birthdate, username, IP address, or location data. Relevant information allows any deduction about a person.

2.2 Processing

Personal data encompasses any information that can be attributed to a specific individual, whether the identity is obvious or unveiled by linking different data (cf. Art. 4 No. 1 GDPR). Examples include names, email addresses, addresses, bank details, birthdates, usernames, IP addresses, or location data, permitting deductions regarding an individual’s identity. Any information permitting direct or indirect identification is considered personal.

Controller

3. Controller

Responsible for data processing: {address2}

{email}

Processing Framework

4. Processing Framework: noeia ideas

In connection with the use of noeia ideas, certain personal data are collected and processed, detailed in sections 5 to 10. This involves only those details actively entered in the app or automatically generated through its use. Fundamentally, there is no sharing, selling, or renting of data to third parties. If external service providers are used for certain processes, it happens within a data processing agreement retaining control over data processing.

No transmission of data to non-EU or non-EEA countries is planned. If a particular case requires such a transfer, notification will occur within the respective processing context.

Specific Data Processing Details

4. Contract Conclusion

4.1 Processing Description

When acquiring noeia ideas via the Apple App Store or the Mac App Store, necessary data, like username, email address, Apple ID, installation time, and device-specific identifier, is transmitted to Apple. Choosing a paid subscription via in-app purchase entails transmitting relevant information, such as username, email address, Apple ID, purchase time, device ID, and payment details to Apple. The capture and processing of these details are handled solely by Apple; no personal data from users is received. Apple does not provide names, Apple IDs, or email addresses.

4.2 Purpose

Processing facilitates purchase and management of subscription contracts via noeia ideas.

Processing is necessary for contract conclusion and fulfillment (Art. 6(1)(b) GDPR).

4.4 Storage Duration

Since no personal data related to in-app purchases is obtained from Apple, address, payment, and order data storage is managed solely by Apple, adhering to commercial and tax law requirements.

6. Idea Management

6.1 Processing Description

noeia ideas allows collection and organization of thoughts into custom lists and boards, ready for next steps or as reminders. Lists and boards can be displayed via custom filters and sorting, and specific elements, lists, or boards can be shared/exported as PNG, SVG, or PDF. Synchronization across current Apple devices possible, running on iOS and macOS (Silicon Macs).

6.2 Purpose

Data processing ensures the functionality of the time tracking features within noeia ideas.

Processing timers, projects, time entries, and app settings is required for providing contractually obligated services (Art. 6(1)(b) GDPR).

6.4 Storage Duration

Data in single-user applications is deleted from devices upon app uninstallation. If synchronized through Apple iCloud, synchronization data is deleted when manually removed under “Synchronize” > “Delete Cloud Data” or “Delete Device and Cloud Data” before the last instance uninstallation of noeia ideas.

7. Sentry

7.1 Processing Description

noeia ideas employs error diagnostics software “Sentry.” If the app crashes or encounters errors, specifics such as device type, OS version, error date/time, querying country, and OS language setting are sent to Sentry, but without IP addresses or personal data. Data collection occurs only if explicitly activated under “Support” > “Enable Crash Reports,” “Send Usage Data,” or “Developer Tools” > “Error Logging.”

7.2 Purpose

Processing aims to detect and assess errors for app maintenance and improvement.

This processing is necessary to preserve the legitimate interests of the controller (Art. 6(1)(f) GDPR). The legitimate interest rests in the purpose outlined in 10.2.

7.4 Storage Duration and Right to Object

One can object to data processing by “Sentry” anytime by deactivating “Enable Crash Reports,” “Send Usage Data,” or “Error Logging” functions. By default, these options are deactivated. Analyzed data processed by “Sentry” is deleted after 90 days.

7.5 Recipients, Third-Country Transfers

“Sentry” data is not transferred to non-EU third countries. Servers are located in Nuremberg, Germany.

8. Matomo

8.1 Processing Description

Utilizing Matomo, an open-source software enables internet usage analysis. Collected data include IP address, visited website sections, referrer URL, time spent, and visit frequency. A cookie, stored via the browser, is valid for a week.

Legal basis is consent (Art. 6(1)(a) GDPR). Alternatively, Art. 6(1)(f) GDPR applies, serving the legitimate interest of site analysis and optimization. Anonymization “Automatically Anonymize Visitor IPs” truncates the IP address, preventing user identification.

If disagreeing with this processing, prevent cookie storage via browser settings. Further details under “Cookies.”

The analysis can also halt through opt-out. Confirm the link:

{cookieConsent}

8.2 Purpose

Processing facilitates app usage evaluation for app improvement and further development.

This processing is necessary to preserve the legitimate interests of the controller (Art. 6(1)(f) GDPR). The legitimate interest rests in the purpose outlined in 11.2.

8.4 Storage Duration and Right to Object

Matomo data analysis can be opposed anytime by disabling usage and diagnostics data in the app settings. The default setting in noeia ideas is disabled. After a period, noeia ideas prompts consent for analysis. Matomo-processed data is automatically erased after one year.

8.5 Recipients and Third-Country Transfers

Using Matomo does not result in personal data transfers to servers or third countries.

9. Newsletter

Within noeia ideas, one can optionally subscribe to a newsletter, affecting no app functionality.

9.1 Processing Description

Newsletters are dispatched via internal servers.

9.2 Purpose

To deliver noeia ideas news via newsletters, email addresses are necessary.

Processing is based on consent (Art. 6(1)(a) GDPR), granted by activating the newsletter subscription (Double-Opt In). Consent is voluntary.

9.4 Storage Duration and Right to Object

Newsletter processing can be opposed anytime, unsubscribing via the newsletter link or emailing via [E-Mail](https://www.noeia ideas.com/de/contact/).

User Rights

10. Rights of the Data Subject

Regarding the aforementioned data processing, the following data subject rights apply:

10.1 Access (Art. 15 GDPR)

One has the right to request confirmation of personal data processing. If applicable, under Art. 15 GDPR, access to such data and listed information is granted.

10.2 Rectification (Art. 16 GDPR)

Immediate correction of inaccuracies and completion of incomplete data can be requested.

10.3 Erasure (Art. 17 GDPR)

Requests for deleting personal data are granted if one of the reasons listed in Art. 17 GDPR applies, like the data being unnecessary for pursued purposes.

10.4 Restriction of Processing (Art. 18 GDPR)

Request processing restrictions under conditions of Art. 18 GDPR, like data accuracy disputes allowing time for verification.

10.5 Data Portability (Art. 20 GDPR)

Under Art. 20 GDPR, one may request data release in a structured, commonly used machine-readable format.

Consent-based processing can be withdrawn anytime, effective upon expression, without retroactive illegal processing consequences.

10.7 Complaint (Art. 77 GDPR)

Data processing consent can be withdrawn anytime. Withdrawal is future-effective, past processing remains legal.

10.8 Objection (Art. 21 GDPR)

Personal data processed on legal interest basis (Art. 6(1)(f) GDPR) can be objected under Art. 21 GDPR conditions, particularly when personal situation arguments exist against processing. Post-objection processing ceases unless overriding compelling grounds or claims necessity exist. Advertisements processing objections remain available.

Last Updated: July 2025