Privacy Policy — Dam It!

Effective Date: April 12, 2026
Last Updated: April 17, 2026

This Privacy Policy applies to the Dam It! mobile application and website ("Application"), operated by Cornelius Pflüger Digital Solutions ("Service Provider", "we", "us", or "our").

This policy is designed to comply with:

  • EU General Data Protection Regulation (GDPR / DSGVO)
  • German Telecommunications-Digital Services Data Protection Act (TDDDG)
  • Applicable U.S. privacy laws (including CCPA/CPRA where relevant)
  • Google Play User Data & Accessibility API Policies

1. Accessibility Service Disclosure (Google Play Requirement)

The Application uses the Android Accessibility API to provide its core functionality.

Purpose
The Accessibility Service is used exclusively to:

  • Detect swipe gestures within short-video applications
  • Interrupt or block continuous scrolling behavior
  • Support users in reducing impulsive content consumption

Data Handling

  • No personal data is collected via the Accessibility Service
  • No screen content is recorded, stored, or transmitted
  • No keystrokes or sensitive input fields are monitored
  • All processing occurs locally on the device in real time

User Control & Consent

  • The service is disabled by default
  • Activation requires explicit user consent via Android system settings
  • Users can revoke permission at any time

2. Information We Collect

We collect only the minimum data required to operate the Application.

a) Automatically Collected Data

  • IP address (for network communication and fraud prevention)
  • Device type, operating system, and version
  • App version and basic diagnostics (crash logs, performance data)

b) Subscription & Purchase Data

Handled via RevenueCat and underlying app stores:

  • Purchase status (Pro / Subscription)
  • Transaction identifiers
  • Device identifiers (as required for entitlement validation)

We do not store full payment details. Payments are processed by Google Play or Apple App Store.

3. Legal Basis for Processing (GDPR Art. 6)

We process personal data based on the following legal grounds:

  • Art. 6(1)(b) GDPR — Performance of a contract (app functionality, subscription management)
  • Art. 6(1)(f) GDPR — Legitimate interests (app security, fraud prevention, stability)
  • Art. 6(1)(a) GDPR — Consent (Accessibility Service usage)

4. Third-Party Services

We use the following third-party providers:

  • Google Play Services (app distribution, billing, analytics infrastructure)
  • RevenueCat (subscription management)

These providers may process data on our behalf as independent controllers or processors. Links to their policies:

5. International Data Transfers

Some data may be processed outside the European Economic Area (EEA), particularly in the United States. Where this occurs, we ensure appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable

6. Data Retention

We retain personal data only as long as necessary:

  • Subscription data: retained for the duration of the subscription and legal obligations
  • Technical logs: retained for a limited period for debugging and security

Users may request deletion at any time.

7. Your Rights (EU / EEA Users)

Under GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten", Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent at any time (Art. 7(3) GDPR)

You also have the right to lodge a complaint with a supervisory authority.

8. Your Rights (California Residents)

If you are a California resident, you may have rights under the CCPA/CPRA, including:

  • Right to know what personal data is collected
  • Right to request deletion
  • Right to correct inaccurate data
  • Right to opt-out of sale or sharing (note: we do not sell personal data)

9. Data Security

We implement appropriate technical and organizational measures, including:

  • Encryption in transit (HTTPS)
  • Access controls
  • Minimal data collection principles

However, no system is completely secure.

10. Children’s Privacy

The Application is not intended for children under 13 (or under 16 in the EU where applicable). We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted within the Application and/or website.

12. Contact Information

Controller (Data Verantwortlicher):
Cornelius Pflüger Digital Solutions
Email: cornconstant@gmail.com

13. German Legal Note (Impressum Context)

If required under German law (§5 TMG / §18 MStV), a separate Legal Notice (Impressum) is provided on the website.

14. No Sale of Data

We explicitly state:

  • We do not sell personal data
  • We do not use personal data for advertising purposes
  • We do not track users across apps or services

This Privacy Policy is provided "as is" and reflects the current data processing practices of the Application.