Novel Romance

Novel Romance

Privacy Policy

Last Updated: December 22, 2024

1. Controller Information

Digital App Group GmbH
Ferdinand-Koch-Straße 31
26133 Oldenburg, Germany

Email: [email protected]
Commercial Register: Amtsgericht Oldenburg

2. Data Protection Officer (DPO)

Our appointed Data Protection Officer is:

Mr. Joshua van Vliet
c/o Digital App Group GmbH
Ferdinand-Koch-Straße 31
26133 Oldenburg, Germany

Email: [email protected] (Attn: DPO)

3. Scope of This Privacy Policy

This Privacy Policy explains how we (the "Company," "we," "us," "our") collect, process, and share personal data when you use the Novel Romance mobile application (the "App" or "Service"). It also describes your rights under the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable laws.

4. Categories of Personal Data We Collect

When you use the App, we may collect the following types of personal data:

1. Information Provided Voluntarily

  • Account Registration: Username, email address, age verification (if required).
  • Profile Data: Any data you choose to provide (e.g., profile picture, display name, text biography).
  • Text Comments: Content you post via our in-app comment functionality (e.g., feedback on novels, discussions).
  • Support Inquiries: Information you provide when you contact us for assistance.

2. Data Collected Automatically

  • Device Data: IP address, OS type/version, device model, unique identifiers (IDFA, GAID), mobile carrier, language, and time zone.
  • Usage Data: Pages/screens viewed, taps/clicks, session duration, and crash reports via Firebase/Google Cloud SQL.
  • Push Notification Tokens: So we can send you push notifications (if you opt in).

3. Third-Party Services and Integrations

  • Meta Ads Tracking: We may receive aggregated insights (e.g., ad campaign performance) when running ads on Meta's platforms.
  • RevenueCat: Transaction data (e.g., subscription status, purchase validation) is handled by RevenueCat on our behalf.
  • Analytics: Firebase, Google Cloud SQL, and other analytics platforms may log information about your usage of the App.

Note: We do not process or store sensitive personal data (e.g., religious or sexual orientation data). If you choose to post such information in comments, you do so voluntarily.

5. Purposes and Legal Bases of Processing

We process your personal data only where we have a legal basis under the GDPR (Art. 6 and 7) or other applicable laws. In particular:

1. App Functionality and User Accounts

  • Purpose: To enable you to access your account, create or edit a profile, leave comments, and use the App's core features.
  • Legal Basis: Performance of a contract (Art. 6(1)(b) GDPR).

2. Push Notifications

  • Purpose: To send updates on new stories, chapters, or promotional offers if you have opted in.
  • Legal Basis: Consent (Art. 6(1)(a) GDPR) or legitimate interest (Art. 6(1)(f) GDPR) for important operational notifications.

3. Analytics and Improvements

  • Purpose: To diagnose technical issues, optimize user experience, track usage trends (e.g., Firebase, Google Cloud SQL), and analyze content performance.
  • Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) in ensuring service stability and improving the App.

4. In-App Advertising and Meta Ads Tracking

  • Purpose: To show relevant ads and measure ad performance (e.g., via Meta Ads).
  • Legal Basis: Consent (Art. 6(1)(a) GDPR) if you opt in to personalized advertising; legitimate interest (Art. 6(1)(f) GDPR) for non-personalized ads.

5. Transaction Processing

  • Purpose: To process purchases/subscriptions via Apple App Store or Google Play Store; to validate transactions via RevenueCat.
  • Legal Basis: Performance of a contract (Art. 6(1)(b) GDPR).
  • Note: We do not handle your payment card data directly; Apple or Google handle billing and payment details, and RevenueCat provides subscription management.

6. Compliance and Legal Requests

  • Purpose: To comply with legal obligations, respond to court orders, and cooperate with authorities.
  • Legal Basis: Legal obligation (Art. 6(1)(c) GDPR).

6. User-Generated Content (Comments, Profiles)

Where you submit content (e.g., text comments, profile data):

  • Visibility: Comments may be visible to other users of the App. Profile information may also be publicly visible, depending on your settings.
  • Moderation: We reserve the right to remove content that violates our Terms of Use or applicable law.

7. Push Notifications

With your consent (or based on our legitimate interest, if permitted by law), we may send push notifications via the App:

  • Opt-In/Opt-Out: You can change your preferences anytime in your device settings.
  • Types of Notifications: Story updates, special promotions, new features, critical service info.

8. Meta Ads Tracking and Personalized Ads

We may use Meta Ads (formerly Facebook Ads) or similar platforms to:

  • Show relevant ads in your social media feeds.
  • Measure ad performance (aggregated metrics like impressions or installs).
  • Legal Basis: Consent (Art. 6(1)(a) GDPR) for personalized tracking; you can opt out in your device's ad preferences.

9. Purchases and RevenueCat

All subscription purchases or one-time transactions in the App are processed by Apple (iOS) or Google (Android). We also use RevenueCat to manage:

  • Subscription Validation: Checking if your payment is valid.
  • Receipts: Transaction confirmations and renewal dates.
  • Data: The specific items purchased and related timestamps, but not your full payment details.

10. Data Retention

  • Profile Data: Retained until you delete your account via the App.
  • Comments: Stored as long as you keep them visible. We may retain backup copies for a limited duration.
  • Analytics: Usually retained in aggregated or pseudonymized form to improve our services.
  • Compliance: We may retain information as required by law (e.g., tax records, dispute resolutions).

11. No Processing of Special Categories of Data

We do not intentionally collect or process special categories of data (Art. 9 GDPR), such as data related to religious beliefs or sexual orientation.

12. Data Sharing and Recipients

We will only share your personal data with:

  • Service Providers: For hosting (e.g., Google Cloud SQL), analytics (Firebase), subscription management (RevenueCat), technical support.
  • Affiliates: Within our corporate group for internal administrative purposes.
  • Public Authorities: If required by law or necessary to protect our rights or comply with judicial processes.
  • Business Transfers: In case of a merger, acquisition, or sale of assets.

13. International Data Transfers

If your personal data is transferred outside the European Economic Area:

  • We employ appropriate safeguards, such as the European Commission's Standard Contractual Clauses, to ensure adequate protection of your data.
  • You may request further information by contacting us at [email protected].

14. Your Rights Under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Access (Art. 15 GDPR): Obtain confirmation of whether we process your data and request a copy.
  • Rectification (Art. 16 GDPR): Correct inaccurate or incomplete data.
  • Erasure (Art. 17 GDPR): Ask us to delete your personal data, subject to legal exceptions.
  • Restriction of Processing (Art. 18 GDPR): Request limiting how we process your data under certain circumstances.
  • Data Portability (Art. 20 GDPR): Receive your data in a machine-readable format or request direct transmission to another controller.
  • Objection (Art. 21 GDPR): Object to processing based on our legitimate interests or for direct marketing.
  • Withdraw Consent (Art. 7(3) GDPR): Revoke any consent you have granted at any time with future effect.

To exercise any of these rights, please email us at [email protected].

15. Right to Lodge a Complaint

If you have concerns about how we process your personal data, please contact us first at [email protected] so we can address your request. You also have the right to lodge a complaint with a supervisory authority in Germany. Our business is registered in Oldenburg, so you may contact:

Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover, Germany

Phone: +49 (0) 511 120-4500
Website: https://lfd.niedersachsen.de

16. Security Measures

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures may include:

  • Encryption of data at rest or in transit (where feasible).
  • Access Controls ensuring only authorized staff can handle personal data.
  • Regular Security Assessments to identify and mitigate vulnerabilities.

Despite our efforts, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to protect your account login credentials at all times.

17. Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices or due to legal requirements. We will post the updated version within the App and indicate the date of the latest revision at the top of this page. Where material changes occur, we may notify you via email or prominent notice within the App. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Digital App Group GmbH
Ferdinand-Koch-Straße 31
26133 Oldenburg, Germany

Email: [email protected]

We appreciate your trust in Novel Romance and are committed to safeguarding your personal data in line with applicable laws and regulations.