Wishpa

Last updated: 12/17/2025

1. Information We Collect

1.1 Account Information

Email address and name (for authentication)
Birthday (optional, for reminder features)
Wishlist data (titles, descriptions, links, prices)
Friend connections and group memberships

1.2 Technical Data

For service improvement and spam prevention, we automatically collect:

IP Address: Collected temporarily for rate limiting and spam prevention when you submit feedback. IP addresses are not linked to your account and are retained for up to 30 days for security purposes.
Browser Information: User agent string (browser type and version) to optimize our service and detect abuse.
Page URLs: The pages you visit within our service to understand feature usage and improve user experience.
Session Cookies: Essential authentication cookies (expire after 7 days of inactivity).

1.3 Feedback Data

When you submit feedback through our feedback widget:

Star rating (1-5 stars)
Likelihood score (0-100%)
Optional written feedback message
IP address (for spam prevention, retained for up to 30 days)
Browser information (user agent)
Current page URL (to understand context)
Your user ID (if logged in) or anonymous submission

Legal Basis: Legitimate interest (service improvement and spam prevention). You may submit feedback anonymously.

2. How We Use Your Information

We use your information to:

Provide and maintain our service
Send birthday reminders and notifications (if enabled)
Enable sharing wishlists with friends and groups
Protect surprise gifts with Surprise Mode
Prevent spam and abuse through rate limiting (using IP addresses)
Improve our service based on user feedback and usage patterns
Monitor service performance and fix technical issues
Send service-related notifications (account security, system updates)

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Data Storage

Your data is stored securely in the European Union (Stockholm, Sweden - EU North 1 region) using Supabase infrastructure with encryption at rest and in transit.

4. Third-Party Services

We use the following trusted third-party services to operate Wishpa:

Infrastructure & Hosting

Supabase (BaaS GmbH): Database and authentication infrastructure hosted in EU (Stockholm, Sweden - EU North 1 region). GDPR compliant. Privacy Policy
Vercel Inc.: Website hosting and edge network. Compliant with EU-US Data Privacy Framework. Privacy Policy

Communication Services

Resend: Transactional email delivery for account verification and notifications (only if you enable email notifications). No marketing emails are sent. Privacy Policy

Performance Monitoring

Vercel Speed Insights: Performance monitoring to ensure fast page loads. Data is anonymized and aggregated. No personal data is collected. Privacy Policy

Important: We do not use tracking cookies, advertising networks, or analytics platforms. We do not share your data with third parties for marketing purposes. All third-party services are carefully selected for GDPR compliance and data protection.

5. Your Rights (GDPR)

Under GDPR, you have the right to:

Access your personal data
Correct inaccurate data
Request deletion of your account and all associated data
Export your data in a portable format
Object to data processing
Withdraw consent at any time

To exercise these rights, please contact us at: hb@taquiri.de

6. Cookies

We use essential cookies for authentication only. No tracking or analytics cookies are used. Session cookies expire after 7 days of inactivity.

7. Data Retention

We retain your data as follows:

Account Data: Retained as long as your account is active. If you delete your account, all personal data will be permanently deleted within 30 days.
IP Addresses: Retained for up to 30 days for spam prevention and security purposes, then automatically deleted.
Feedback Submissions: Retained indefinitely to improve our service, but IP addresses are deleted after up to 30 days.
Session Cookies: Expire after 7 days of inactivity.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

For privacy-related questions or to exercise your GDPR rights, contact:

Email: hb@taquiri.de
Website: wishpa.com

Last updated: 12/17/2025

1. Information We Collect

1.1 Account Information

Email address and name (for authentication)
Birthday (optional, for reminder features)
Wishlist data (titles, descriptions, links, prices)
Friend connections and group memberships

1.2 Technical Data

For service improvement and spam prevention, we automatically collect:

IP Address: Collected temporarily for rate limiting and spam prevention when you submit feedback. IP addresses are not linked to your account and are retained for up to 30 days for security purposes.
Browser Information: User agent string (browser type and version) to optimize our service and detect abuse.
Page URLs: The pages you visit within our service to understand feature usage and improve user experience.
Session Cookies: Essential authentication cookies (expire after 7 days of inactivity).

1.3 Feedback Data

When you submit feedback through our feedback widget:

Star rating (1-5 stars)
Likelihood score (0-100%)
Optional written feedback message
IP address (for spam prevention, retained for up to 30 days)
Browser information (user agent)
Current page URL (to understand context)
Your user ID (if logged in) or anonymous submission

Legal Basis: Legitimate interest (service improvement and spam prevention). You may submit feedback anonymously.

2. How We Use Your Information

We use your information to:

Provide and maintain our service
Send birthday reminders and notifications (if enabled)
Enable sharing wishlists with friends and groups
Protect surprise gifts with Surprise Mode
Prevent spam and abuse through rate limiting (using IP addresses)
Improve our service based on user feedback and usage patterns
Monitor service performance and fix technical issues
Send service-related notifications (account security, system updates)

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Data Storage

Your data is stored securely in the European Union (Stockholm, Sweden - EU North 1 region) using Supabase infrastructure with encryption at rest and in transit.

4. Third-Party Services

We use the following trusted third-party services to operate Wishpa:

Infrastructure & Hosting

Supabase (BaaS GmbH): Database and authentication infrastructure hosted in EU (Stockholm, Sweden - EU North 1 region). GDPR compliant. Privacy Policy
Vercel Inc.: Website hosting and edge network. Compliant with EU-US Data Privacy Framework. Privacy Policy

Communication Services

Resend: Transactional email delivery for account verification and notifications (only if you enable email notifications). No marketing emails are sent. Privacy Policy

Performance Monitoring

Vercel Speed Insights: Performance monitoring to ensure fast page loads. Data is anonymized and aggregated. No personal data is collected. Privacy Policy

5. Your Rights (GDPR)

Under GDPR, you have the right to:

Access your personal data
Correct inaccurate data
Request deletion of your account and all associated data
Export your data in a portable format
Object to data processing
Withdraw consent at any time

To exercise these rights, please contact us at: hb@taquiri.de

6. Cookies

We use essential cookies for authentication only. No tracking or analytics cookies are used. Session cookies expire after 7 days of inactivity.

7. Data Retention

We retain your data as follows:

Account Data: Retained as long as your account is active. If you delete your account, all personal data will be permanently deleted within 30 days.
IP Addresses: Retained for up to 30 days for spam prevention and security purposes, then automatically deleted.
Feedback Submissions: Retained indefinitely to improve our service, but IP addresses are deleted after up to 30 days.
Session Cookies: Expire after 7 days of inactivity.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

For privacy-related questions or to exercise your GDPR rights, contact:

Email: hb@taquiri.de
Website: wishpa.com

Privacy Policy

1. Information We Collect

1.1 Account Information

1.2 Technical Data

1.3 Feedback Data

2. How We Use Your Information

3. Data Storage

4. Third-Party Services

Infrastructure & Hosting

Communication Services

Performance Monitoring

5. Your Rights (GDPR)

6. Cookies

7. Data Retention

8. Children's Privacy

9. Changes to This Policy

10. Contact Us

Privacy Policy

1. Information We Collect

1.1 Account Information

1.2 Technical Data

1.3 Feedback Data

2. How We Use Your Information

3. Data Storage

4. Third-Party Services

Infrastructure & Hosting

Communication Services

Performance Monitoring

5. Your Rights (GDPR)

6. Cookies

7. Data Retention

8. Children's Privacy

9. Changes to This Policy

10. Contact Us