← Back to Homepage

Privacy Policy

Personal data (hereinafter mostly referred to simply as "data") is only processed by us to the extent necessary and for the purpose of providing a functional and user-friendly internet presence (Landing Page) and the app "FamWake Family Alarm", including all contents and the services offered.

According to Art. 4 No. 1. of Regulation (EU) 2016/679, the General Data Protection Regulation (hereinafter referred to simply as "GDPR"), "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

With the following privacy policy, we inform you in particular about the type, scope, purpose, duration, and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of the processing.

1. Contact and Controller

The controller within the meaning of data protection law is:

Daniel Notthoff
Rudolf-Virchow-Str. 20
58300 Wetter
Phone: +49 162 7589600
Email: daniel.notthoff@gmail.com

2. What data do we collect?

We collect and process the following data when you use the website (landing page) or app "FamWake Family Alarm":

User Data (Account Registration): In order to use the app, you must create an account or join a family. In doing so, we collect your email address and a password chosen by you (for authentication). Alternatively, logging in via Google Login is possible; in this case, we receive the email address registered with Google. Note on Double Opt-In: After registration, you will receive an email with a confirmation link. Your account is only active and your data processed for app use after you click this link.
App Usage Data (Profiles): If you create family members (profiles) within the app, we process the provided name, the earliest and latest desired wake-up time, the duration of bathroom use, whether the person wants to have breakfast, and the desired time to leave the house. This data is necessary to provide the core function of the app (calculating the optimal wake-up plan).
Server Log Files: Every time you visit the website, our web host (Contabo) automatically collects and stores information in so-called server log files. These are: browser type and browser version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, IP address. These data are not merged with other data sources. This data is collected on the basis of Art. 6 (1) lit. f GDPR (legitimate interest in the technically error-free presentation and optimization of our website).

3. Purposes of Data Processing

We process your data for the following purposes:

To create and manage your user account and your family group in the app.
To calculate and coordinate the optimal family wake-up times and resource planning (bathroom, breakfast).
To execute the core functions of the app (e.g., wake-up calls on the smartphone at the calculated time).

The legal basis for app functions and account management is the performance of a contract or prior-to-contract measures in accordance with Art. 6 (1) lit. b) GDPR, since the app cannot fulfill its advertised purposes without this data.

4. Storage and Sharing of Data (Hosting, Google Firebase, Social Media, and Analytics)

Website Hosting (Contabo)

Our website (landing page) and its static files (HTML, CSS, images) are hosted on servers provided by Contabo GmbH. The server location is Germany. As part of the hosting services, Contabo processes technical data on our behalf (see Server Log Files). We have concluded a Data Processing Agreement (DPA) with Contabo GmbH in accordance with Art. 28 GDPR.

App Data (Google Firebase)

In order to provide the functions of this app (real-time synchronization of wake-up times across multiple devices), we use the backend and database services of Google Firebase (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland).
The following Firebase services are used:

Firebase Authentication: For the secure creation and management of user accounts.
Firebase Cloud Firestore: Cloud-based NoSQL database for real-time synchronization between family devices.
Firebase Cloud Functions: For executing backend code (e.g., for automated notifications).

The collected data is stored on the servers of Google Firebase. We have restricted the server locations to data centers within the European Union (EU). However, it cannot be ruled out that data may be transferred to the USA. Google (Google Ireland Limited) is certified under the EU-US Data Privacy Framework (DPF). A matching Data Processing Agreement (DPA) has been concluded with Google.

Social Media Presence (Instagram)

We maintain a profile on the social network Instagram. The provider is Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland). We are jointly responsible with Meta for data processing (according to Art. 26 GDPR).
When you visit our profile, Meta processes personal data (e.g., through the use of cookies) to create user profiles and display advertising. We do not have full access to all data collected by Meta but use the anonymized statistics provided by Meta ("Instagram Insights") to optimize our content. Processing is based on our legitimate interest in providing up-to-date information and communication (Art. 6 (1) lit. f GDPR).
As Meta may also transfer data to the USA, we point out that Meta is certified under the EU-US Data Privacy Framework (DPF). For further information, please refer to Instagram's privacy policy: https://help.instagram.com/519522125107875.

Email Delivery (Resend)

For sending emails (e.g., for registration confirmation via Double Opt-In), we use the service Resend (Resend Inc., USA). Since data is transferred to the USA, we point out that Resend is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection. In addition, we have concluded a Data Processing Agreement (DPA) with the provider.

Analyse-Tool: TelemetryDeck (Web- & App-Analyse)

Zur Analyse der Webseitenaufrufe sowie der App-Nutzung setzen wir den datenschutzfreundlichen Analysedienst TelemetryDeck (Anbieter: TelemetryDeck GmbH, Von-der-Tann-Str. 54, 86159 Augsburg, Deutschland) ein. Die Nutzung erfolgt auf Grundlage von Art. 6 Abs. 1 lit. f DSGVO (Berechtigtes Interesse). Unser Interesse liegt in der kontinuierlichen Verbesserung und Optimierung des Angebots auf Basis anonymisierter Nutzungsdaten.

Welche Daten werden übertragen?
Die durch TelemetryDeck verarbeiteten Daten sind vollständig anonymisiert und lassen keinen Rückschluss auf personenbezogene Informationen zu. Erfasst werden u. a.:

eine anonymisierte, nicht rückverfolgbare Kennung (je Gerät/Browser-Sitzung),
aufgerufene Seiten bzw. Aktionen (z. B. „App gestartet", „Seite aufgerufen"),
ein abgerundeter Zeitstempel (auf die volle Stunde),
Gerätemetadaten (z. B. Systemversion, App-Version, Gerätetyp).

Was wird nicht gespeichert?

Keine IP-Adressen (nicht in Logs, nicht in der Datenbank),
keine Cookies oder Tracking-Technologien,
keine dauerhaften Identifikatoren, die auf Einzelpersonen rückführbar wären.

Weitere Informationen zur genauen Datenverarbeitung durch TelemetryDeck finden Sie unter: https://telemetrydeck.com/privacy und https://telemetrydeck.com/docs/guides/privacy-faq/.

5. Deletion of Data

Your data will only be stored for as long as is necessary to achieve the above-mentioned purposes (provision of app functions) or as long as legally required retention periods exist.

The profiles and family configurations (including all members) you have created can be deleted directly in the app at any time (e.g., "Leave family" or account deletion).
For the complete deletion of your app user account and the associated families, profiles, and members, please contact us via email at daniel.notthoff@gmail.com. Confirmed app users will be deleted upon request. Unconfirmed accounts (Double Opt-In during registration) will also be automatically removed after a period of 48 hours without confirmation.

6. Your Rights

You have the following rights under the statutory provisions:

Right of Access: You have the right to request confirmation as to whether data concerning you is being processed and to request access to this data (Art. 15 GDPR).
Right to Rectification: You have the right to request the completion or rectification of inaccurate data concerning you (Art. 16 GDPR).
Right to Erasure: You have the right to request that data concerning you be erased without undue delay (Art. 17 GDPR).
Right to Restriction of Processing: You have the right to request a restriction of the processing of the data (Art. 18 GDPR).
Right to Data Portability: You have the right to receive the data concerning you which you have provided to us, in a structured, commonly used and machine-readable format (Art. 20 GDPR).
Right to Object: You have the right to object to the future processing of data concerning you at any time (Art. 21 GDPR).

To assert your rights, you can contact the responsible party named in point 1 at any time. In addition, you have the right to lodge a complaint with the competent supervisory authority in the event of suspected violations of data protection law. The competent supervisory authority for us is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW).

As of: March 2026