Privacy Policy

Last updated: October 2025

1. Controller

Dominik Reif
Waldstraße 14
91091 Großenseebach
Germany
📧 E-mail: support@dreif-ai.com

2. Purpose of this Privacy Policy

This Privacy Policy explains what personal data the Mirolumo app ("App") collects, how it is used, and what rights you have under the General Data Protection Regulation (GDPR), the German Telecommunications-Telemedia Data Protection Act (TTDSG), and the EU AI Act (Regulation (EU) 2024/1689).

3. What Data We Process

a) Data Provided by Users

• Email address (when you create an account)
• App settings (e.g. language, notifications, theme selection)
• Reflections / Notes – stored exclusively locally on your device
• Support inquiries via email

b) Automatically Collected Data

• Device and system information (model, OS version, app version)
• Anonymous usage statistics (e.g. features used, session duration)
• Crash and error reports (only with your consent)

4. Purposes and Legal Bases of Processing

Purpose	Legal Basis
Provision of the app and basic functions	Art. 6(1)(b) GDPR
Error analysis (Sentry)	Art. 6(1)(a) GDPR – Consent
Usage analysis (PostHog)	Art. 6(1)(a) GDPR – Consent
Subscription management (RevenueCat)	Art. 6(1)(b) GDPR
AI-based content generation	Art. 6(1)(b) or (a) GDPR
Legal obligations (e.g. accounting)	Art. 6(1)(c) GDPR

You may withdraw your consent at any time with future effect in the app settings.

5. Third-Party Providers and Data Transfers

The app uses the following services for provision and analysis:

Service	Provider	Purpose	Legal Basis / Safeguards
Firebase	Google LLC (USA)	Data backend, content delivery	EU Standard Contractual Clauses + EU-US Data Privacy Framework
Sentry	Functional Software Inc. (USA)	Error & crash analysis	Consent (Art. 6(1)(a) GDPR), SCC
PostHog	PostHog Ltd (UK)	Anonymous usage analysis	Consent (Art. 6(1)(a) GDPR)
RevenueCat	RevenueCat Inc. (USA)	Subscription management, App Store integration	Contract performance (Art. 6(1)(b) GDPR), SCC

All providers meet GDPR requirements; data transfers are based on Standard Contractual Clauses (SCC) or the EU-US Data Privacy Framework.

6. Storage and Deletion

• Local usage data remains exclusively on your device until you delete it yourself or uninstall the app.
• Server-side stored data (e.g. subscription metadata) will be deleted once it is no longer required for its purpose or when you request deletion.
• Crash reports are anonymized after 90 days at the latest.

7. AI-Assisted Processing and Transparency (EU AI Act)

Use of AI:

Mirolumo uses AI models to generate text and image elements to inspire users.

Labeling:

AI-generated content is – where technically feasible – labeled as such or provided with machine-readable metadata.

No Automated Decision-Making:

There is no profiling or automated scoring pursuant to Art. 22 GDPR.

Data Processing:

Inputs may be processed in pseudonymized form to generate content; no permanent storage occurs without your consent.

Legal Notes:

AI content serves as inspiration and does not replace professional advice or fact-checking. Whether copyright protection exists depends on your own creative contribution.

8. Security

• We use TLS encryption, secure local data storage, and role-based access restrictions.
• All third-party providers meet current security standards (ISO 27001 or SOC 2).

9. Your Rights

You have the right to:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Object (Art. 21 GDPR)
• Lodge a complaint with a supervisory authority (Art. 77 GDPR)

The competent authority is:
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18, 91522 Ansbach – www.lda.bayern.de

10. Minors

The app is not intended for users under 16 years of age. We do not knowingly process data from minors.

11. Changes to this Privacy Policy

We may update this Privacy Policy to comply with legal requirements or changes to the app's features. The current version is available in the app and at www.mirolumo.com. Significant changes will be announced in-app or via email.

12. Contact

Questions about data protection or exercising your rights:
📧 support@dreif-ai.com

End of Privacy Policy

✅ Legal compliance verified: GDPR / TTDSG / BGB / EU AI Act
✅ Apple App Store Guidelines 5.1.1 & 5.1.2
✅ Transparency, consent, and labeling requirements fulfilled