Privacy Policy

1. Information We Collect

We collect the following information when you use Wishpa:

• Email address and name (for authentication)
• Birthday (optional, for reminder features)
• Wishlist data (titles, descriptions, links, prices)
• Friend connections and group memberships

2. How We Use Your Information

We use your information to:

• Provide and maintain our service
• Send birthday reminders (if enabled)
• Enable sharing wishlists with friends and groups
• Protect surprise gifts with Surprise Mode

3. Data Storage

Your data is stored securely in the European Union (Frankfurt, Germany) using Supabase infrastructure with end-to-end encryption.

4. Third-Party Services

• Supabase: Database and authentication (EU region, GDPR compliant)
• Vercel: Hosting (with EU-US Data Privacy Framework)

We do not share your data with any third parties for marketing purposes.

5. Your Rights (GDPR)

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your account and all associated data
• Export your data in a portable format
• Object to data processing
• Withdraw consent at any time

To exercise these rights, please contact us at: hb@taquiri.de

6. Cookies

We use essential cookies for authentication only. No tracking or analytics cookies are used. Session cookies expire after 7 days of inactivity.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data will be permanently deleted within 30 days.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

For privacy-related questions or to exercise your GDPR rights, contact:

Email: hb@taquiri.de
Website: wishpa.com