Krystal Legal Pages

Privacy Policy

Our privacy notice explains what we collect, why, and how you can exercise your rights.

Last updated: December 2025

English Deutsch български čeština español français gr magyar italiano Nederlands português română svenska
Back to contact

1. Controller

The controller responsible for processing personal data within the Krystal mobile application is:

We are responsible for processing personal data within the Krystal mobile application.

Leppelmann & Ferstl GbR
Erlenweg 3
83624 Otterfing, Germany
Email: krystalhoroscope@gmail.com

2. Data We Collect

Information you provide

We collect the following information when you create or update your profile:

  • Name
  • Email address
  • Date of birth
  • Gender
  • Height
  • Eye color
  • Relationship status
  • Sexual orientation
  • Favorite food
  • Occupation
  • Hobbies
  • Language

Automatically collected data

When you use the app, we (and our service providers) may automatically collect:

  • Device identifiers (for example: device ID; and, where available/allowed, advertising identifiers such as the Google Advertising ID)
  • IP address and general network information
  • Operating system and version
  • App version
  • Approximate or precise location (only if enabled on your device and/or you grant permission)
  • App usage and interaction data (for example: screens viewed, taps, feature usage)
  • Install and campaign attribution data (for example: install source, campaign parameters, and app install referrer where supported)
  • Diagnostic and security data (for example: crash logs, performance data, fraud/abuse signals)

Account information

A user account is required to use the app.

3. Purpose of Processing

  • Create and manage user accounts
  • Generate personalized horoscope content
  • Provide customer support
  • Enable paid features and subscriptions
  • Improve app functionality, performance, and security
  • Display advertising (for example, via Google AdMob)
  • Measure and optimize marketing campaigns (including attributing installs and in-app actions to campaigns, and creating aggregated reports)

We only process sensitive data (for example, sexual orientation) with your explicit consent where required.

Important: We do not intentionally share sensitive profile fields (such as sexual orientation) with advertising networks or attribution partners.

4. Legal Basis (GDPR)

  • Performance of a contract — Art. 6(1)(b) GDPR
  • Consent — Art. 6(1)(a) GDPR (and Art. 9(2)(a) GDPR for special category data, where applicable)
  • Legitimate interests — Art. 6(1)(f) GDPR (for example, to ensure app security, prevent fraud, and improve our services)
  • Legal obligations — Art. 6(1)(c) GDPR

5. Payments & Subscriptions

In-app purchases and subscriptions are processed by:

  • Apple App Store (Apple Inc.)
  • Google Play Store (Google LLC)

We do not receive or store your full payment details. Payment information is processed directly by the respective app store provider.

6. Advertising, Analytics & Attribution

6.1 Advertising (Google AdMob)

We use Google AdMob to deliver ads within the app.

Data processed for this purpose may include:

  • Device identifiers (including advertising identifiers where available/allowed)
  • Coarse location
  • Interaction with ads (for example: impressions, clicks)

You may choose between personalized and non-personalized ads (where offered) and may withdraw your consent at any time via the app settings or your device settings, where available.

For more information about how Google processes data, please see the Google Privacy Policy.

6.2 Attribution & marketing measurement (MMPs and advertising platforms)

To measure marketing campaigns (for example: app install campaigns) and understand which campaigns lead to installs, subscriptions, or other in-app actions, we may use:

  • Mobile Measurement Partners (MMPs) (also called “attribution providers”), and/or
  • Advertising platform measurement tools (for example, TikTok measurement such as the TikTok App Events SDK or similar tools)

These tools help us attribute app installs and certain in-app events to campaigns, create aggregated reports, limit fraud, and improve ad performance.

Depending on configuration, data shared for attribution/measurement may include:

  • Device identifiers (including advertising identifiers where available/allowed)
  • IP address and general network information
  • App events relevant to measurement (for example: first app open, registration completed, subscription started, purchase completed)
  • Technical information (OS, app version, language, timestamps)
  • Install attribution data (campaign/source parameters)

We configure these tools to avoid sharing unnecessary data. We do not intentionally send your profile answers (such as sexual orientation, relationship status, or similar sensitive profile fields) to advertising networks or attribution partners.

6.3 Your choices (consent and opt-out)

Where required by law, we ask for your consent before enabling personalized advertising and/or attribution/measurement technologies that access information on your device or use advertising identifiers. You can withdraw consent at any time in the app settings, with effect for the future.

7. Data Storage, Hosting & International Transfers

We store user data in the European Union:

Some third-party service providers (for example, advertising/measurement providers) may process data outside the EU/EEA. Where this occurs, we use appropriate safeguards (for example, EU Standard Contractual Clauses) and additional measures where required.

  • Neon database hosted on AWS Frankfurt
  • Google Cloud services in Frankfurt

8. Data Sharing

We only share personal data with:

  • Contracted service providers (e.g., hosting and infrastructure) acting on our instructions
  • Apple and Google for billing and subscription management
  • Advertising and measurement partners (for example: Google AdMob; MMPs; and advertising platform measurement tools such as TikTok), depending on your settings/consent and our configuration
  • Competent authorities where we are legally required to do so

We do not sell personal data.

To keep this policy stable even if we change vendors, we maintain a current list of advertising/measurement partners (and their privacy notices) at: /privacy-partners. This list forms part of this privacy notice.

9. Push Notifications

We may send optional push notifications about horoscope updates, reminders, or new features.

You can disable notifications at any time in your device settings.

10. Retention

We store your data for as long as your user account exists.

Upon account deletion, we erase your personal data within 30 days, unless we are legally required to retain certain information for a longer period (for example, under tax or commercial law).

11. User Rights (GDPR)

Under the GDPR, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Request restriction of processing
  • Request data portability
  • Withdraw consent at any time with effect for the future
  • Object to processing based on legitimate interests

You may submit requests by emailing krystalhoroscope@gmail.com.

You also have the right to lodge a complaint with a data protection authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

12. Children’s Privacy

Krystal is not intended for users under 18 years of age without parental consent. If we become aware that we have collected personal data from a child under 16 without such consent, we will take steps to delete that information.

13. Security

We use industry-standard security measures to protect personal data, including encryption, access restrictions, and secure servers. While we strive to protect your data, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

14. Changes to this Policy

We may update this Privacy Policy from time to time. The latest version will always be available in the app and in the app store listing.

If changes are material, we may provide additional notice (for example, via in-app message or email).