Privacy Policy
Last updated: December 14, 2025
Your privacy matters to us. This Privacy Policy explains what information we collect, how we use it, and what rights you have under the General Data Protection Regulation (GDPR). We also describe how we work with trusted third-party providers, some of which are based outside the European Union. Please take a few minutes to read through — we've tried to keep it clear and human-friendly.
What information we collect
The information we collect depends on how you use our website.
If you use our free service, you don't need to register. We only process the technical details your browser automatically sends when loading a webpage — for example your IP address, browser type, and the page you requested. This information is necessary for the site to function and is used beyond that only in anonymized or redacted form (for example, IP addresses are redacted) to generate statistics about the use of our website and to ensure security and stability. We do not link this data to any personal information.
If you use map features (Google Maps or Apple Maps) and their geocoding services, your requests are transmitted to the respective provider only with your consent. When you enter a location and select a satellite, this information gets transmitted to our servers so that the satellite calculations can be performed and returned. When we do so, we update our statistics on country and satellite usage. We do not store your specific location data or link it to any identifying information.
On the free service we may display advertising through Google AdSense. Personalized advertising is shown only if you have given your explicit consent via our Consent Management Platform (CMP). If you decline, you may still see non-personalized advertising.
To tailor the service to your region, we perform an IP-to-country lookup on our own servers. This helps us preselect your country and set currency/pricing, choose the appropriate satellite/region configuration, and indicate whether certain features or services are available in your location. On the free service, this is used when you visit the site. On the premium service, it is used to suggest a country during sign-up if you do not select one yourself. We use this only at country level (not precise location). Your IP address is used only transiently for the lookup during your session and is not stored by us for this purpose; we store only the resulting country selection for the session and/or your account (and you can change it).
If you become a premium subscriber, you create an account so we can grant you access to premium content and services. For that purpose we process your email address, the country you selected, login credentials, and your subscription status. Payments are handled securely by our payment provider (Stripe) and we do not store full card details on our servers.
The premium service includes map features (Google Maps and Apple Maps) as part of the service and these are processed on the basis of contract performance. When using the premium service you may explicitly ask us to store preferences or favourites (for example your favourite satellites) — those items will be stored only when you explicitly request them. We also log access events (number of visits, number of map requests and related technical metadata) for the limited purpose of enforcing our stated usage limits and ensuring service reliability. We do not store raw location search strings or location coordinates unless you explicitly save them as favourites.
If you contact us by email or via a support form we collect the information you provide (for example your email address and message) so we can reply. This data is used only for communication and is stored securely.
Why we process your data
We only process personal data when we have a valid reason for doing so. The legal basis depends on the context:
- Contract performance (Art. 6(1)(b) GDPR): granting access to premium content and services, managing subscriptions, and delivering account-related features.
- Consent (Art. 6(1)(a) GDPR): for optional features such as personalized advertising and certain analytics — you may withdraw consent at any time.
- Legitimate interest (Art. 6(1)(f) GDPR): ensuring platform stability, preventing abuse and fraud, and running a secure service (for example server logs in anonymized form, DDoS protection, and service monitoring).
- Legal obligation (Art. 6(1)(c) GDPR): where we must retain specific data for tax, accounting, or regulatory reasons.
For free users, the reasons include ensuring the site functions correctly, showing maps or personalized advertising if you have consented, and protecting our systems from misuse. For premium subscribers, the reasons are to create and manage your account, provide you with access to premium content and services, handle payments, integrate map features, prevent misuse and ensure the security and safety of our systems and your data, and comply with legal obligations such as tax and accounting requirements. We do this as the Data Controller, namely DP Tec Solutions GmbH, Humboldstr. 25, 21059 Glinde, Germany, telephone: +49 40 609 440 37, e-Mail: [email protected], within the meaning of the GDPR.
Newsletter and updates
When you create an account you may opt in to receive our newsletter and occasional product updates. This is separate from your subscription and requires explicit consent (Art. 6(1)(a) GDPR). We use your email only for the stated purpose and never share it with third parties for marketing. You can withdraw your consent at any time via the unsubscribe link included in each message or by contacting us.
Cookies and consent management
Our website uses cookies. Some are essential for basic functions such as keeping you logged in and remembering your session data (theme, language, default country, last location). Session cookies are deleted immediately after the session ends. Other cookies — such as analytics and advertising cookies — are optional and are used only if you have given consent. You can change the cookie settings at any time via the cookie consent tools or your browser settings.
Consent banner and CMP cookies for Adsense:
On the main site with the free service you will see a consent banner provided by Google's Consent Management Platform (CMP) for serving Google Ads through Google Adsense. This CMP stores your consent choices in small cookies such as FCCDCF and __eoi. These cookies ensure that your preferences for advertising and personalization are respected across sessions. They do not store personal data beyond your consent status and are retained only as long as necessary for the CMP to respect your preferences (typically up to 13 months). You can withdraw or change your choices at any time via the cookie settings.
If you give consent, Google may process data such as IP address, device identifiers and browsing behaviour (prior visits to our websites or other websites) to provide personalized advertising. For this purpose, Google and third party vendors use cookies. You can opt out of personalized ads at any time via your browser or by visiting Google Ads Settings. Learn more in Google’s advertising documentation.
Third-party services and international transfers
We use trusted third-party providers to operate and secure the service. Some of these providers are based in the United States. To protect your data when it is transferred outside the EU we rely on the EU–US Data Privacy Framework (DPF) for certified providers. Where a provider is not DPF-certified we use Standard Contractual Clauses (SCCs) and additional safeguards as required.
Neue Medien Münnich (primary hosting)
Who: Neue Medien Münnich, Inhaber: René Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany.
Purpose: Primary hosting of our main site and free service. E-Mail hosting is also provided.
Legal basis: legitimate interest (Art. 6(1)(f) GDPR).
Privacy: All-inkl.com Privacy Policy.
Google Firebase
Who: Provided in the EEA by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In some cases processing may occur via Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (DPF-certified).
What we use it for: user authentication, premium web application hosting, data storage
Legal basis: legitimate interest for functionality, stability and security (Art. 6(1)(f))
Retention: IP logs typically for a few weeks; crash reports around 90 days; authentication/installation IDs until deletion + ~180 days.
Privacy: Firebase Privacy & Security.
Google Cloud / Google CDN
Who: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (EEA) and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (DPF).
What we use it for: hosting, global content delivery (CDN), caching and load balancing to improve availability and performance.
Legal basis: legitimate interest (Art. 6(1)(f)).
Retention: Deleted customer data is generally removed within about two months (including a safe recovery buffer).
Privacy: Google Cloud Privacy Notice.
Sign in with Google
Who: In the EEA, Google services are generally provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Processing may also occur by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (EU–US Data Privacy Framework participant).
What we use it for: user authentication (sign-in/sign-up), linking your account to a Google identity.
Data we receive: a stable Google user identifier and—depending on configuration/consent—basic profile details such as email address, display name, and profile picture URL (“picture” claim). (Profile claims like “picture” are typically returned when the profile scope is used and are not guaranteed to always be present.)
Legal basis: performance of a contract / steps at your request (Art. 6(1)(b) GDPR) for providing login; legitimate interest (Art. 6(1)(f) GDPR) for security and abuse prevention.
Retention: we store the identifier and the profile data linked to your account for as long as your account exists; we delete it when you delete your account (subject to our general retention rules and backups). Authentication tokens are handled only as long as necessary to complete sign-in and maintain your session.
Privacy: Google Identity · How Sign in with Google shares data · Google API Services User Data Policy (Limited Use) · Google Privacy Policy · DPF listing (Google LLC).
Sign in with Apple
Who: Provided in the EEA by Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Republic of Ireland.
What we use it for: user authentication and account management (sign-in / sign-up). We receive an Apple-provided user identifier; on first sign-in we may also receive your name and an email address (either your real email or an Apple private relay address, depending on your choice).
Legal basis: performance of a contract / pre-contractual steps on your request (Art. 6(1)(b) GDPR) for login; legitimate interest (Art. 6(1)(f) GDPR) for security and abuse prevention.
Retention: Apple states it does not see or retain a history of which apps/websites you sign in to or when you use Sign in with Apple (this information stays on your device). We store the identifier/email linked to your account for as long as your account exists, and delete it according to our account deletion/retention rules.
Privacy: Apple Privacy Policy · Sign in with Apple & Privacy.
Google Maps
Who: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (EEA) and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (DPF).
What we use it for: interactive maps, geocoding and location-based features.
Legal basis: consent for free users (Art. 6(1)(a)); contract performance for premium subscribers (Art. 6(1)(b)).
Privacy: Google Privacy Policy.
Apple Maps
Who: Provided in the EEA by Apple Distribution International Ltd., Hollyhill Industrial Estate, Cork, Ireland. Processing may also occur via Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA (DPF participation).
What we use it for: interactive maps and geolocation features.
Legal basis: consent for free users (Art. 6(1)(a)); contract performance for premium subscribers (Art. 6(1)(b)).
Privacy: Apple Privacy Policy.
Cloudflare
Who: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA (DPF-certified).
What we use it for: DDoS protection, security, caching and performance optimization.
Legal basis: legitimate interest (Art. 6(1)(f)).
Retention: cached content is transient (per cache TTL); security logs retained as needed for abuse prevention.
Privacy: Cloudflare GDPR Center.
Stripe — payments & subscription portal
Who: Stripe Payments Europe, Ltd., The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland and Stripe, Inc., 354 Oyster Point Blvd, South San Francisco, CA 94080, USA (DPF-certified).
What we use it for: payment processing, subscription management and the customer portal where you can view, update or cancel your subscription. Depending on your payment method, Stripe may also involve partners such as Apple Pay, PayPal or card networks to complete transactions.
Legal basis: contract performance (Art. 6(1)(b)) and legal obligations (Art. 6(1)(c)) such as accounting and anti-fraud checks.
Retention: transaction records kept as required for accounting and legal obligations (often several years); payment event retention circa 13 months; identity verification documents up to about 3 years; biometric data (where used by Stripe identity features) up to about 1 year.
Privacy: Stripe Privacy Policy.
Your rights
Under the GDPR you have the following rights in relation to your personal data:
- Right of access (Art. 15): request a copy of the personal data we hold about you.
- Right to rectification (Art. 16): request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17): request deletion of your data unless we must retain it for legal reasons.
- Right to restriction (Art. 18): request limitation of processing.
- Right to be informed (Art. 19)
- Right to data portability (Art. 20): request your data in a structured, machine-readable format.
- Right to object (Art. 21): object to processing based on our legitimate interests, including profiling for fraud prevention.
- Right to withdraw consent (Art. 7(3)): withdraw consent at any time (this does not affect processing already carried out).
- Right to lodge a complaint (Art. 77): file a complaint with a supervisory authority.
Right to object (Art. 21 GDPR)
If we process your personal data on the basis of our legitimate interests you may object at any time on grounds relating to your particular situation. If you object, we will stop processing the data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing is necessary for the establishment, exercise or defence of legal claims.
If we process your personal data for direct marketing purposes (for example, sending newsletters where you have previously consented), you have the right to object at any time and we will stop processing your data for direct marketing immediately.
Automated decisions and profiling
We do not use automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Children's Data
Our services are not directed to children under 16. We do not knowingly collect or process personal data from children under 16. If we become aware that we have collected such data we will delete it promptly.
How we protect your data
We protect personal data using appropriate technical and organizational measures. All connections to our website are encrypted (HTTPS/TLS). We host on secure infrastructure and use industry-standard access controls, encryption, monitoring and patching practices.
How long we keep your data
We keep personal data only as long as necessary for the purposes described in this policy or as required by law. Where processing is based on your consent we keep the data until you withdraw consent. If we process your personal data for direct marketing in accordance with Art. 6 (1) f. GDPR, we store your data until you exercise your right to object. Specific service retention times by third-party providers (for example Stripe, Firebase, Google Cloud) are described above in the relevant provider sections.