1Controller
The controller responsible for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) is:
Maximilian Krewer
Hamburg, Germany · full postal address see Imprint
Email: [email protected]
Data protection contact: [email protected]
A data protection officer has not been appointed and is, by current assessment, not legally required (no case under Art. 37 GDPR / § 38 BDSG).
2Overview of processing
Ankaa is a personal life system (app and wall display): routines, health and habit tracking, habit reduction, an AI coach, financial overview, calendar, and optional smart home control. To provide these functions we process the data described below. The app is designed so that each user account is technically isolated from other accounts, and hosting is targeted at the EU.
3Legal bases
We process personal data on the basis of the GDPR, in particular:
- Performance of a contract and pre-contractual measures (Art. 6(1)(b) GDPR) - providing app functions, account, and paid services.
- Consent (Art. 6(1)(a) GDPR) - e.g. for the processing of health data (Art. 9(2)(a) GDPR), for optional third-party integrations (smart home, calendar, smartwatch), and for signing up to a waitlist/newsletter.
- Legitimate interests (Art. 6(1)(f) GDPR) - security, abuse prevention, technical stability, and further development; only to the extent your legitimate interests do not override ours.
- Legal obligation (Art. 6(1)(c) GDPR) - e.g. commercial and tax law retention requirements in connection with payments.
Health data (e.g. recovery values, pain/complaint information, habit/addiction tracking) are special categories of personal data under Art. 9 GDPR. We only process them with your explicit consent and exclusively for the purposes of providing the functions you have chosen.
4Categories of data processed
- Master data / account: email address, password (encrypted/hashed), account and subscription status.
- Usage data: completed routines, daily goals, notes entered, app settings, device/sync status.
- Health & habit data (sensitive): habit/reduction tracking, self-reported complaints (e.g. back pain), optionally recovery values (sleep, resting heart rate, HRV) from a connected smartwatch/health source.
- Financial data (if used): budget/portfolio information you enter yourself. This is for your personal overview only and does not constitute investment advice.
- Calendar & smart home data (optional): when actively connected: appointments and control commands/status of connected devices.
- AI coach content: your chat/voice inputs to the coach and the relevant context transmitted to the AI service provider for generating responses.
- Communication & waitlist data: email and information you provide when making enquiries or signing up to the waitlist.
- Technical data: IP address, timestamps, technical logs (e.g. for attack prevention), shortened/aggregated where possible.
- Payment data: collected by the payment service provider; we typically receive only transaction/subscription status, not full payment instrument details.
5Purposes of processing
- Providing, personalising, and synchronising the app across your devices.
- Operating the AI coach (generating responses, suggesting routines/appointments, executing actions with your confirmation).
- Health, habit, and financial overview within the modules you have chosen.
- Processing subscriptions/purchases and fulfilling legal obligations.
- Security, stability, abuse prevention, and bug fixing.
- Communication (support, service emails, optionally waitlist).
- Where carried out at all: statistical analysis exclusively on an aggregated, anonymised basis - no sale of personal data.
6Services used & recipients (processors)
To provide Ankaa we use carefully selected service providers with whom data processing agreements under Art. 28 GDPR exist or are to be concluded. The following overview must be adapted to the services actually in use:
| Service | Purpose | Data types | Note |
|---|---|---|---|
| Cloudflare (Workers, Pages, KV) | Hosting, delivery, edge storage, security | Technical data, stored app data | EU/edge processing; data processing agreement in place |
| Supabase (Auth & database) | Accounts/login, isolated storage of user data | Account, usage, and sensitive app data | Select EU region; account isolation via Row-Level-Security |
| Paddle (payment processing) | Subscription/purchase handling, invoicing, EU VAT | Payment/invoice data | Merchant of Record; provider's own privacy notices apply |
| Anthropic (AI coach) | Generating coach responses | Your coach inputs + relevant context | Transmitted only when using the coach; may involve third-country transfer (see below) |
| Google (optional: calendar, speech-to-text) | Calendar integration, optional dictation feature | Appointments, voice/audio data from dictation | Only when actively connected/consented; may involve third-country transfer |
| Email/delivery service | Service and waitlist emails | Email address | Cloudflare (stores the waitlist email); a separate delivery service is not yet finalised and will be added before the first mailing |
Data is only disclosed to authorities where legally required. We do not sell personal data and do not share it with third parties for advertising purposes.
7Transfers to third countries
Where service providers process data outside the EU/EEA (e.g. in the United States), this only occurs on the basis of appropriate safeguards under Art. 44 et seq. GDPR - in particular EU Standard Contractual Clauses and/or certification under the EU-US Data Privacy Framework, plus supplementary protective measures. We aim to process data primarily within the EU and to minimise third-country transfers. The specific services that process in third countries must be set out individually in the final text: e.g. Cloudflare (hosting), Google (calendar/mail, where connected by the user) and AI services such as Anthropic - each based on the EU Standard Contractual Clauses.
8Retention & deletion
- App and usage data are retained for as long as your account exists and deleted within a reasonable period after account deletion (suggestion: no later than 30 days after a deletion request, minus data subject to statutory retention obligations).
- Invoice/payment data is retained within the applicable statutory retention periods (commercial/tax law, generally up to 10 years).
- Waitlist/newsletter data is processed until withdrawal or the purpose ceases to apply.
- Technical logs are deleted or anonymised promptly.
9Security of processing
We implement technical and organisational measures in accordance with Art. 32 GDPR: encrypted transmission (HTTPS/TLS), account isolation at database level (Row-Level-Security), access controls, and regular review of the services used. Despite all due care, complete security cannot be guaranteed; please protect your login credentials.
10Your rights as a data subject
Under the GDPR you have, in particular, the following rights:
- Access (Art. 15) to the data processed about you.
- Rectification (Art. 16) of inaccurate data.
- Erasure (Art. 17) - the "right to be forgotten".
- Restriction of processing (Art. 18).
- Data portability (Art. 20) in a common, machine-readable format.
- Objection (Art. 21) to processing based on legitimate interests.
- Withdrawal of consent (Art. 7(3)) with effect for the future.
To exercise your rights, simply send a message to [email protected]. You can also initiate account deletion in the app settings.
11Right to lodge a complaint with a supervisory authority
Without prejudice to other remedies, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the member state of your habitual residence, place of work, or the place of the alleged infringement. In Germany, the competent authority is generally that of the federal state in which the controller is based: Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (Hamburg Commissioner for Data Protection and Freedom of Information), Ludwig-Erhard-Str. 22, 20459 Hamburg.
12Changes to this policy
We update this privacy policy when the processing or the legal framework changes. The version published here at any given time applies. Version date: 13 June 2026.