Privacy Policy
This Privacy Policy explains how Dainamics GmbH (“Dainamics”, “we”, “us”) processes personal data when you use the Stickerradar mobile app and the website at stickerradar.app (together, the “Service”). We are committed to processing your data lawfully under the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).
1. Who is responsible (Controller)
The controller responsible for your personal data is:
Dainamics GmbH 2380 Perchtoldsdorf, Austria Email: contact@stickerradar.app
For any privacy question, or to exercise your rights, contact us at contact@stickerradar.app. We have not appointed a Data Protection Officer, as we are not legally required to; the contact above handles all data-protection requests.
2. What data we collect
We collect only what the Service needs to work. We do not run advertising, we do not track you across other apps or websites, and we do not sell your personal data.
2.1 Account & authentication
When you sign in, our authentication provider (Google Firebase Authentication) creates a unique user ID and stores the identifier from your chosen sign-in method:
- Email/password — your email address and an encrypted password (managed by Firebase; we never see your password).
- Sign in with Google — your Google account identifier and basic profile.
- Sign in with Apple — your Apple identifier (and the relay email if you use “Hide My Email”).
You may also use the app anonymously without an account; an anonymous ID is stored on your device and is upgraded in place if you later sign in.
2.2 Public profile
If you create a profile you provide a unique @handle and, optionally, a first and last name. These are visible to other users (for example in friend lists, invites, and shared trade radars). We tell you in the app, before you save, that your name is public. Your email address is never shown publicly and is never written to your public profile.
2.3 Social & trading data
To provide the core trading features we store: your friends and friend requests, the trade “Radars” (groups) you join or host, users you have blocked, your invite codes, which stickers you own and which you offer as spares, and the trade requests you send and receive. Trades are arranged in the app and completed by users in person; we do not process, escrow, or guarantee any trade.
2.4 Notifications
If you enable push notifications, we store a per-device push token so we can deliver alerts (for example a new trade request). You can turn notifications off at any time in the app or in your device settings.
2.5 Analytics & crash data
- Usage analytics — we use Firebase Analytics to understand how features are used (screens opened, actions taken) so we can improve the app. It is configured for analytics only: ad personalization and Google Signals are switched off, so it is not used to track you across other apps and triggers no advertising identifier.
- Crash reporting — we use Sentry to receive crash and error reports (device model, OS version, app version, and the technical state at the moment of a crash) so we can fix bugs. Performance tracing is disabled.
2.6 Support, requests & feedback
If you submit the newsletter sign-up, a “Request a collection” form, beta feedback, or a user report, we process the information you provide (such as an email address, a message, or the reason for a report) to handle that request.
2.7 Purchases
In-app purchases are processed by Apple or Google, not by us. We never receive your payment-card details. We store only a record that your account holds the unlocked benefit and when it expires.
3. Why we process your data and our legal basis
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Provide accounts, profiles, friends, groups, trading | Performance of a contract (Art. 6(1)(b)) |
| Deliver push notifications you enabled | Consent (Art. 6(1)(a)) |
| Send newsletter (double opt-in) | Consent (Art. 6(1)(a)) |
| Analytics to improve the app | Legitimate interest (Art. 6(1)(f)) — limited, non-tracking |
| Crash reporting and security | Legitimate interest (Art. 6(1)(f)) |
| Handle reports, blocks, and keep the Service safe | Legitimate interest (Art. 6(1)(f)) and legal obligation (Art. 6(1)(c)) |
| Process in-app purchases and keep records | Performance of a contract (Art. 6(1)(b)) and legal obligation (Art. 6(1)(c)) |
Where we rely on consent, you may withdraw it at any time without affecting processing already carried out. Where we rely on legitimate interest, you may object (see Section 7).
4. Sub-processors and recipients
We use a small number of trusted service providers who process data on our behalf under data-processing agreements. We do not sell or rent your data to anyone.
| Provider | Purpose | Location |
|---|---|---|
| Google (Firebase: Authentication, Firestore, Storage, Cloud Functions, Cloud Messaging) | App backend, accounts, data storage, push | EU / USA |
| Google (Firebase Analytics) | Product usage analytics (no ad features) | EU / USA |
| Functional Software, Inc. (Sentry) | Crash and error reporting | USA |
| Resend (Plus Five Five, Inc.) | Transactional and newsletter email | USA |
| Expo (650 Industries, Inc.) | Push-notification delivery | USA |
| Apple | Sign in with Apple, App Store purchases | EU / USA |
| Google Sign-In, Google Play purchases | EU / USA |
5. International data transfers
Some providers above process data in the United States. Where data leaves the European Economic Area, transfers are safeguarded by the European Commission’s Standard Contractual Clauses and/or the provider’s certification under the EU–U.S. Data Privacy Framework, together with additional technical safeguards. You can request a copy of the relevant safeguards at contact@stickerradar.app.
6. How long we keep your data
We keep personal data only as long as needed for the purposes above:
- Account, profile, social and inventory data — for as long as your account exists. When you delete your account, we erase this data (see our Account & Data Deletion policy), normally within 30 days.
- Crash and analytics data — retained for a limited period by the respective provider, then deleted or aggregated.
- Purchase records — retained as required by Austrian tax and commercial law (generally up to 7 years).
- Reports and safety records — retained as long as needed to keep the Service safe and to meet legal obligations.
7. Your rights
Under the GDPR you have the right to: access your data, request rectification or erasure, restrict or object to processing, data portability, and to withdraw consent at any time. To exercise any of these, email contact@stickerradar.app. You can delete your account and data yourself as described in our Account & Data Deletion policy.
You also have the right to lodge a complaint with the Austrian supervisory authority:
Österreichische Datenschutzbehörde Barichgasse 40–42, 1030 Vienna, Austria — dsb.gv.at
8. Children
The Service is intended for users aged 13 and over and is not directed to children under 13. Where local law sets a higher age of digital consent (for example 16 in Germany, 14 in Italy), users below that age must have a parent or guardian consent on their behalf. See our Children’s Privacy notice for details, including how a parent can request deletion.
9. Security
We protect your data with industry-standard measures: encrypted transport (TLS), authentication, and server-side security rules that restrict each user’s data to that user and their trusted circle. No system is perfectly secure, but we work to keep your data safe and will notify you and the authority of a breach where the law requires.
10. Changes to this policy
We may update this policy as the Service evolves. We will post the new version here with an updated “Last updated” date and, for material changes, notify you in the app. Continued use after an update means you accept the revised policy.
11. Contact
Questions about this policy or your data: contact@stickerradar.app, Dainamics GmbH, 2380 Perchtoldsdorf, Austria.