Privacy Policy

Last updated: May 11, 2026

1. Data Controller

Kim Engels
Email: kim.engels@gmail.com

2. Data We Collect

seit. is a privacy-friendly app. We collect as little data as possible:

• Event data (title, date, emoji, category, color theme): Stored locally on your device using SwiftData and optionally synced via iCloud between your devices.
• Photos: Stored locally on your device. They are never transmitted to our servers.
• Microsite data: When you publish an event as a website, the title, date, emoji, and category are sent to our Cloudflare Worker and stored in Cloudflare KV. Photos are never transmitted.
• Wallet pass data: When you generate an Apple Wallet pass, the event title, date, and (if present) the photo are sent to our Cloudflare Worker for signing. The data is not persisted.
• Unsplash search queries: When you search for stock photos, your query is forwarded through our Cloudflare Worker to the Unsplash API.
• Device ID (hashed): A SHA-256 hash of your device ID is used as an authentication token for microsites. The plain device ID never leaves your device.
• Analytics: We use TelemetryDeck for anonymous, privacy-compliant usage statistics. No personal data is collected. More information: telemetrydeck.com/privacy

3. Data We Do NOT Collect

• No names, email addresses, or contact information
• No location data
• No tracking, no cookies, no fingerprinting
• No sharing with third parties for advertising purposes

4. iCloud Sync

If you have iCloud enabled, Apple syncs your event data between your devices via CloudKit. This synchronization is subject to Apple's Privacy Policy. We have no access to your iCloud data.

5. Microsites

When you publish an event as a microsite:

• The data (title, date, emoji, color theme, category) is stored on Cloudflare Workers KV.
• The microsite is accessible via a random URL. Only people with the link can see the page.
• Microsites are not indexed by search engines (noindex, nofollow).
• You can deactivate a microsite at any time. The data is deleted immediately and permanently.

6. Wallet Passes

When you generate an Apple Wallet pass for an event, the app sends the event title, date, and (if present) the selected photo to our Cloudflare Worker. The Worker produces a signed .pkpass file and returns it immediately. The submitted data is not persisted.

7. Stock Photos (Unsplash)

When selecting a stock photo:

• Your search query is forwarded through our Cloudflare Worker to the Unsplash API. We do not send any identifiers.
• On selection, a download event (anonymous, without your IP) is reported to Unsplash — required by the Unsplash API guidelines.
• The chosen photo is stored locally on your device.
• The photographer name and an Unsplash link are shown in the app — as required by the Unsplash license terms.

8. Photo Library

When you pick a photo from your library, iOS asks for permission. We access only the photos you actively select. We never request full library access.

9. Notifications

Notifications are scheduled locally on your device. We do not use any external push service. Apple does not receive the content of your notifications.

10. In-App Purchases

Purchases are handled via Apple's StoreKit 2. We have no access to your payment information.

11. Data Deletion

You can at any time:

• Delete individual events in the app
• Deactivate microsites (immediate deletion of server data)
• Uninstall the app (deletes all local data)
• Delete iCloud data via iOS Settings

12. Your Rights (GDPR)

If you live in the EU/EEA, you have the following rights under the GDPR:

• Access (Art. 15) — what data we process about you
• Rectification (Art. 16) — have incorrect data corrected
• Erasure (Art. 17) — have your data deleted
• Restriction (Art. 18) — have processing restricted
• Portability (Art. 20) — receive your data in a machine-readable format
• Objection (Art. 21) — object to processing
• Complaint (Art. 77) — lodge a complaint with a supervisory authority (in Germany, the state data protection authority)

Because we do not store personal data tied to an identifiable person (no accounts, no email), most applicable rights are exercised through the in-app deletion features (see above).

13. Data Processors

We use the following service providers that process data on our behalf:

• Apple Inc. (USA) — iCloud/CloudKit sync, StoreKit purchases, app distribution
• Cloudflare, Inc. (USA) — microsite hosting, wallet pass signing, Unsplash proxy
• TelemetryDeck (Germany) — anonymous usage analytics
• Unsplash Inc. (Canada/USA) — stock photo search, only when you actively use the picker

For data transfers to third countries (USA, Canada) we rely on the EU Commission's Standard Contractual Clauses and/or the EU-US Data Privacy Framework.

14. Retention Periods

• Local data: as long as the app is installed
• iCloud data: until you delete it (in your iCloud account)
• Microsite data: until deactivated by you
• Wallet pass data: not stored (returned immediately)
• Unsplash search queries: not stored (proxied through)
• TelemetryDeck analytics: anonymous, per telemetrydeck.com/privacy

15. Children

seit. is not directed at children under 16 (EU) or under 13 (USA). We do not knowingly collect data from children.

16. Changes

We may occasionally update this privacy policy. The current version is always available at seit.app/privacy.

17. Contact

For privacy questions: kim.engels@gmail.com