Privacy & Data Protection

How we handle your data

Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit or use our KassenBonBon app. Personal data is any data that can be used to personally identify you.

Responsible Party

Patrick Speidel
Buchenweg 3, 85643 Steinhöring, Germany
Email: info@kassenbonbon.app

Hosting and Infrastructure

Google Cloud Platform (GCP)

We host our application and databases on Google Cloud Platform. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Our servers are preferably located in Germany (Frankfurt region, europe-west3). Google processes your data on our behalf. We have concluded a data processing agreement (DPA) with Google.

Data Collection in Our App

Registration & Authentication

To use KassenBonBon, you must register. We store your email address and an encrypted password (or auth token). We use technologies that ensure secure login (JWT tokens).

Uploading Receipts

When you upload receipts (as photo or PDF), these files are stored on our cloud servers (Google Cloud Storage). We analyze the contents of these receipts to provide you with statistical evaluations. Data extraction is automated.

Use of Artificial Intelligence (Google Gemini)

We use Google's "Gemini" AI model to analyze your purchases and provide health recommendations.

  • What is transferred? The text content of your receipts (products, prices) is sent to Google's API.
  • Purpose: Categorization of products and creation of health tips.
  • Privacy: According to the terms of use for Google Cloud Enterprise API, your data is NOT used to train Google's AI models. Your data remains confidential and is only used for your personal analysis.

Privacy Overview

Your privacy is important to us. We are committed to protecting your personal data and being transparent about what we collect.

What Data We Collect

Essential Data (Always Collected)

Account information (email, password hash), purchase data, receipt uploads - required for core functionality.

Analytics Data (Optional)

Page views, time spent on pages, navigation patterns, viewport size - only collected with your consent.

Anonymized Aggregated Data (Legitimate Interest)

We collect anonymized, aggregated statistics from all users (e.g., popular product categories, common shopping patterns) to improve our AI models and platform features. This data cannot identify individual users.

How We Use Your Data

Service Provision

To provide core functionality: store your purchases, categorize products, generate insights, and manage your account.

Product Improvement & AI Training

We use anonymized, aggregated data from all users to improve the platform:

  • Improve AI category matching for products
  • Build meta analytics and usage statistics
  • Optimize features based on aggregated usage patterns

Purpose & Legal Basis

We process your personal data to provide our service (contractual necessity). For analytics tracking, we rely on your explicit consent. For anonymized, aggregated data analysis to improve our AI and platform, we rely on legitimate interest (GDPR Article 6(1)(f)) - this cannot identify you personally.

Your Rights

You have the right at any time to:

  • Obtain information about your stored data
  • Request correction of incorrect data
  • Request deletion of your data ("Right to be Forgotten"). You can delete your account in the app settings at any time. This will permanently remove all your receipts and analyses from our servers.
  • Export your data
  • Withdraw consent for analytics

Data Retention

Purchase data is retained as long as your account is active. Analytics data is retained for 90 days. You can delete your account and all associated data at any time.

Data Security

We use SSL/TLS encryption (https) to protect the transmission of your data. Your passwords are never stored in plain text. Despite state-of-the-art security measures, absolute security cannot be guaranteed during data transmission over the Internet.

Contact & Questions

For data protection inquiries, contact:

Email: info@kassenbonbon.app

Last updated: Februar 2026