Privacy Policy
October 2025
For Fanity GmbH, Lerchenweg 8, 73113 Ottenbach (“Fanity” or “we”), the protection of personal data is of great importance. This Privacy Policy informs user of the website https://www.fanityapp.com (hereinafter also the “Website”) and user of the Fanity App (hereinafter also the “App”) about the processing of their personal data in accordance with applicable data protection laws, in particular Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”), and about their respective rights.
1. Controller for data processing
Fanity is the controller responsible for the lawful processing of users’ data within the meaning of Art. 4(7) GDPR.
2. Processed data and purposes of processing (App)
2.1 Registration data
To use the App, users must register via one of the single sign-on (“SSO”) mechanisms offered. When an SSO is used, and after the user has granted permission, Fanity collects in particular the following personal data from the respective SSO provider:
Apple Inc., 1 Infinite Loop, Cupertino, California, USA (“Apple”): name, email address, profile photo (if available).
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”): name, email address, profile photo (if available).
When subsequently creating a user account, Fanity processes the user’s registration data, in particular the username and, where applicable, a profile photo. The aforementioned personal data (“Registration Data”) are processed to make the App available in accordance with the Terms of Use agreed with the user and otherwise to perform the Terms of Use. This includes sending messages necessary for the proper use of the App, in particular technical and/or legal notices, notifications, security alerts, and similar messages. The legal basis is Art. 6(1)(b) GDPR. Processing of this Registration Data is necessary for performance of the Terms of Use; without such processing, the App cannot be used.
2.2 Usage data
When the App is accessed, various data about the accessing system that are required for use of the App are processed automatically. These include the user’s device identifier, operating system version, date and time of access to the App, Internet Protocol (IP) address, internet service provider, as well as comparable data. Users can interact with posts shared on Fanity by liking or sharing them. When users like a news post via the App, Fanity collects the data generated by that action. Fanity uses the aforementioned personal data (“Usage Data”) to make the App accessible in accordance with the Terms of Use agreed with the user and otherwise to perform the Terms of Use. The legal basis is Art. 6(1)(b) GDPR.
Fanity also processes Usage Data to improve the functions and features of the App, to detect and remedy technical problems, and to prevent and, where appropriate, pursue misuse of Fanity’s offering. In addition, Fanity anonymizes Usage Data in order to use such data in anonymized form—i.e., without the possibility of identifying the user—for statistical purposes. The legal basis is Art. 6(1)(f) GDPR. Processing of this Usage Data is necessary for performance of the Terms of Use; without such processing, the App cannot be used.
2.3 Data processed when you contact us
Fanity offers users the option to contact us by email (support@fanityapp.com, hello@fanityapp.com and datenschutz@fanityapp.com). The data transmitted to Fanity in this context—particularly the username, email address, the content of the inquiry, and the date of the contact request—are used to process the respective inquiry. Where necessary to handle the user’s request, the user’s data will be forwarded to the respective person within Fanity. The legal basis for processing the data described above depends on the content of the respective contact: Art. 6(1)(b) GDPR for contact related to a contract, or Art. 6(1)(f) GDPR in all other cases, as we have a legitimate interest in the proper handling of inquiries.
2.4 Push notifications
If you enable notifications in your device settings, we will send you push notifications to inform you about the latest posts or to send you a daily reminder. This is intended to improve your user experience of the App by helping you not to miss the daily brief. To send push notifications, we process your Registration Data, device identifier, IP address, and the information that you have consented in your device settings to receive push notifications. This data is processed for as long as you have enabled push notifications in your device settings. The legal basis for this processing is Art. 6(1)(f) GDPR, as Fanity has a legitimate interest in improving the user experience of the App. You may object to the processing at any time by changing your device settings to disable push notifications.
2.5 Analytics
To analyze usage of the App (user interactions within the App, feedback, downloads, clicks, duration of use, etc.), Fanity uses the web analytics service “Matomo.” This service places cookies on the user’s device. Cookies are text files stored on the user’s data carrier that enable analysis of the use of the App. For this evaluation, the information generated by the cookies about the use of the App is stored exclusively on our server in Germany. The data are not disclosed to third parties. The software is configured so that IP addresses are not stored in full. In this way, it is no longer possible to attribute the truncated IP address to the accessing user. The legal basis is Art. 6(1)(f) GDPR. Fanity has a legitimate interest in continuously optimizing the App and its user-friendliness.
3. Hosting (Website)
3.1 Squarespace
Our Website is hosted by Squarespace. The provider is Squarespace, Inc., Clarkson Street, 12th Floor, New York, NY 10014, USA (“Squarespace”). When you visit our Website, Squarespace collects various log files, including your IP address.
Squarespace is a tool for creating and hosting websites. Squarespace stores cookies or other identification technologies that are necessary for the display of the Website, the provision of certain Website functions, and to ensure security (strictly necessary cookies). For details, please refer to Squarespace’s privacy policy: https://www.squarespace.com/privacy.
The use of Squarespace is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable possible presentation of our Website. Where corresponding consent has been obtained, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as the consent covers the storage of cookies or access to information on the user’s terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent may be withdrawn at any time.
Squarespace is based in the United States and thus outside the European Union and the European Economic Area (EEA), where, according to the European Commission, no adequate level of data protection is ensured. The transfer of data to the USA is based on the European Commission’s Standard Contractual Clauses. Details: https://support.squarespace.com/hc/en-us/articles/360000851908-GDPR-and-Squarespace.
3.2 Processor agreement
We have concluded a data processing agreement (Auftragsverarbeitung, “DPA”) with the provider named above. This agreement ensures that the provider processes the personal data of our Website visitors only in accordance with our instructions and in compliance with the GDPR.
3.3 SSL/TLS encryption
For security reasons and to protect the transmission of confidential content, this Website uses SSL/TLS encryption. When SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
4. Processed data on the Website and purposes of processing
4.1 Usage data
When the Website is accessed, various data about the accessing system are collected automatically. These include, for example, the browser type used, browser version, operating system used, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, the Internet Protocol (IP) address, the internet service provider, as well as comparable data in each case. If you access the service with or via a mobile device, we may automatically collect certain information including, but not limited to, the type of mobile device you use, your mobile device’s IP address, your mobile operating system, and the type of mobile internet browser you use.
Fanity uses the above personal data (“Usage Data”) to make the Website accessible. Fanity also processes Usage Data to improve the functions and features of the Website, to detect and remedy technical problems, and to prevent and, where appropriate, pursue misuse of Fanity’s offering. In addition, Fanity anonymizes Usage Data in order to use such data in anonymized form—i.e., without the possibility of identifying the user—for statistical purposes. The legal basis is Art. 6(1)(f) GDPR.
Users of the Website may contact us by email at hello@fanityapp.com. The categories of data transmitted and our use of such data correspond to Section 2.3 above.
4.2 How are cookies used?
The Website uses cookies and similar technologies, such as pixel tags and web beacons (for the purposes of this Privacy Policy, we refer to these technologies individually and collectively as “cookies”). Cookies are small text files that are stored on the user’s data carrier and exchange data with Fanity’s system. A cookie generally contains the name of the domain from which the cookie data were sent, information about the age of the cookie, and an alphanumeric identifier. Cookies enable Fanity to make the Website attractive for you and facilitate its use. They are either stored temporarily for the duration of your session (session cookies) or placed on your device for a longer period (persistent cookies). Session cookies disappear automatically as soon as you end your visit. By contrast, persistent cookies remain on your device until you remove them manually or your web browser deletes them automatically.
The information stored in cookies is not used to identify the user and is not combined with other personal data stored about the user. Cookies serve various functions. Some cookies are necessary because certain functions of the Website will not work without them. Other cookies are used to analyze information about the user’s browsing behavior and to make the Website more efficient overall.
We use the following types of cookies:
a) Strictly necessary cookies (Essential): These enable you to use our Website or certain functions on the Website and are strictly necessary for the provision of the Website. The legal basis for processing personal data in connection with strictly necessary cookies is Art. 6(1)(f) GDPR, as we have a legitimate interest in the proper provision of the Website. Our essential cookies include, for example, those necessary to display the cookie notice to you and to store your preferences regarding cookie use.
b) Performance/analytics cookies: Where you have consented, certain cookies help us understand how users use the App, e.g., by providing information on the number of visitors, which pages are viewed, and how long they are viewed. The legal basis for processing the data contained in these cookies is Art. 6(1)(a) GDPR (consent). You can withdraw your consent at any time; such withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal.
You can access the cookie notice at the bottom of each page. There you have the option to withdraw any consent you have given for the future by selecting “Essential.”
By adjusting your browser settings, you can prevent or restrict the transmission of cookies. It is also possible to delete cookies that have already been stored at any time, which can also be done automatically. If cookies are deactivated on the Website, it may not be possible to use all functions of the Website to their full extent.
4.3 Consent
Our Website uses Squarespace’s consent technology to obtain your consent to store certain cookies on your end device or to use certain technologies and to document this in compliance with data protection requirements.
The Squarespace cookie consent tool stores your consent to our cookie policies directly in your browser. This information enables our Website to remember your previous selections so that we can respect your preferences regarding the use of cookies. The data collected by the tool include your consent to or rejection of cookies, the categories of cookies to which you have consented, and the date and time of your consent.
The data collected by the Squarespace cookie consent tool remain stored locally on your device, are accessible solely for the functions of our Website, and are not shared with third parties.
We use our cookie tool to obtain the legally required consents for the use of cookies in accordance with the applicable requirements. This is based on Art. 6(1)(c) GDPR. The current Squarespace privacy policy can be found at: https://www.squarespace.com/privacy.
5. Google Fonts
This Website uses the Montserrat typeface via Google Fonts for a consistent display of text. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When you visit our Website, your browser loads the required web fonts directly from Google in order to display text and fonts correctly. In doing so, a direct connection is established between your browser and Google’s servers in the USA. Google is thereby informed that our Website has been accessed via your IP address. According to Google, no cookies are stored on your device in this process.
The use of Google Fonts is in the interest of a uniform and appealing presentation of our Website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. Where corresponding consent has been requested (e.g., consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; consent may be withdrawn at any time.
Google is based in the United States and thus outside the European Union and the European Economic Area (EEA), where, according to the European Commission, no adequate level of data protection is ensured. For data transfers to the USA, we rely on the European Commission’s Standard Contractual Clauses. Further information can be found at https://policies.google.com/privacy.
More details on Google Fonts can be found at https://policies.google.com/privacy and https://developers.google.com/fonts/faq?hl=de.
6. Recipients of users’ data
For certain technical processes of data analysis, processing, or storage, Fanity uses the support of external service providers (e.g., for generating aggregated, non-personal statistics from databases). These service providers are carefully selected and meet high standards of data protection and data security. They are obliged to strict confidentiality and process data solely on our behalf and in accordance with our instructions. The legal basis for engaging these service providers is Art. 28 GDPR.
Fanity cooperates with companies and other entities that have particular expertise in certain areas or on specific subject matters (e.g., tax auditors, attorneys, consulting firms, logistics service providers). These entities are either subject to professional duties of confidentiality or have been bound to confidentiality by Fanity. To the extent that the disclosure of personal data to these entities is necessary, the legal basis for such disclosure depends on the content of the respective cooperation and is Art. 6(1)(b) or (f) GDPR, as Fanity has a legitimate interest in obtaining the support of these entities.
Apart from the cases explained in this Privacy Policy, Fanity discloses data to third parties without the user’s express consent only if Fanity is obliged or entitled to do so by law or by an official or court order.
7. Users' rights
Users who wish to obtain information about the processing of personal data relating to them or a copy thereof may contact Fanity at any time. If users determine that personal data stored about them are incorrect or incomplete, they may request rectification or completion of such data. Users may also request deletion (erasure) or restriction of the processing of their data. Under the conditions laid down by law, users may further request to receive the data they have provided to Fanity in a structured, commonly used, and machine-readable format, or to have those data transmitted to a third party (Art. 20 GDPR). Users also have the right to lodge a complaint with the competent supervisory authority. Users may withdraw consent once given (Art. 6(1)(a) GDPR) at any time with effect for the future. Finally, under the conditions described in Art. 21 GDPR, users have the right, on grounds relating to their particular situation, to object at any time to the processing of data relating to them that is carried out on the basis of Art. 6(1)(f) GDPR.
8. Retention period
Unless specifically stated otherwise in this Privacy Policy, we store your data only for as long as necessary to fulfill the purposes for which we process it, including for the purposes of satisfying legal, accounting, or reporting requirements. In determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your data and whether we can achieve those purposes through other means, as well as applicable legal requirements. As a general rule, the longest period is ten (10) years (retention period pursuant to Section 147 of the German Fiscal Code (Abgabenordnung, AO) for tax-relevant records). Usage Data are generally stored for a period of up to 30 days. Cookies remain stored for the periods specified above. You may also delete cookies earlier on your own as described above. Data from contact inquiries are deleted once the respective inquiry has been conclusively processed.
9. Change of ownership and control
If we are acquired by or merge with another company, discontinue our business or become insolvent, or sell some or all of our assets, your data may, in the course of the ensuing transaction, be disclosed, sold, or transferred, as applicable. Should such an event occur, the legal basis for processing your data in this context is Art. 6(1)(a), (b), or (f) GDPR.
10. Contact information and miscellaneous
For any questions regarding the processing of data by Fanity, as well as for exercising the rights to which the user is entitled in relation to processing, the user may contact Fanity at any time. For this purpose, a notice to Fanity at the contact details stated at the outset or to datenschutz@fanityapp.com is sufficient. We reserve the right to update our Privacy Policy as needed. This may be necessary to adapt it to changed legal frameworks, adjustments to our services or data processing operations, as well as due to further development of our App and technology. To ensure that you are always informed of the current version, we recommend that you review our Privacy Policy regularly. Changes that require your consent or that affect components of the Privacy Policy governing the contractual relationship with you will be made only with your express consent.