EN
EN DE

Privacy policy

1. Responsible

blendz.me GbR
Schmittenstr. 92
50354 Hürth
E-Mail: support@blendz.me

2. Scope of application

This privacy policy applies to the use of the app https://blendz.me as well as all associated functions (e.g. profiles, chat, groups, events, advertising, in-app purchases).
It provides information about which personal data is processed, for what purposes, and what rights users have.
This statement applies to both the beta version and the subsequent live version of the app.

3. What data we collect

Account details

When you register, we collect your name, email address, date of birth and gender.

Profile data

Optional information: interests, hobbies, profile pictures, group and event pictures, personal description.

Communication data

Chats, group posts and interactions within the app are processed to ensure communication and security.

Location data

With your consent, we collect precise location data,to show you relevant users, groups, and events near you.
Your location will be continuously recorded as long as the app is actively used, but not in the backgroundwhen the app is closed.

Usage data

We store log data (e.g. timestamps, device information, functions used) to ensure stability, security and misuse detection.

Payment details

For in-app purchases made through the Apple App Store or Google Play Store, we store the associated transaction IDs and billing metadata in our database.
Payment processing itself is handled exclusively via the app stores.

Images / Uploads

Profile, group and event pictures are saved on AWS S3 (eu-central-1, Frankfurt) .
Content can be reported and manually moderated to prevent violations of our guidelines.

4. Purposes of processing

We process personal data in order to:

  • to provide the app and its functions,
  • Facilitating communication, groups and events,
  • Connecting users with matching interests and locations,
  • Ensuring security, stability and abuse detection,
  • Displaying advertising (reward ads) in compliance with the GDPR,
  • Enabling support and system communication,
  • Processing in-app purchases technically.

5. Legal basis for processing

  • Art. 6 Abs. 1 lit. b DSGVO – Contract fulfilment (provision of the app, location use during active use)
  • Art. 6 Abs. 1 lit. a DSGVO – Consent (e.g. push notifications, advertising)
  • Art. 6 Abs. 1 lit. f DSGVO – legitimate interest (security, system logging)

6. Disclosure of data

Hosting & Infrastructure

Our systems are operated in the Hetzner Cloud (Germany). betrieben.
Processed services: API, worker, mail server, database, Redis, private Nominatim instance (EU), sockets.
- Cloudflare (EU-Region) is connected upstream of the API as a CDN and security service provider.

Media hosting

Images are stored in AWS S3 (Frankfurt, eu-central-1) .

Geocoding

- Nominatim (OpenStreetMap) is used for address suggestions.
During the beta phase, a public EU instance is used, while the live version will use its own private instance in the EU..

Push notifications

Delivery via Expo Push API (as an intermediary between):

  • Firebase Cloud Messaging (Android)
  • Apple Push Notification Service (iOS)).
    Push notifications are only sent with the user's permission.

Advertising

We use Google AdMob (Google Ireland Ltd.) to display Reward Ads.

  • There will be no automatic advertisements displayed.
  • The user actively decides whether to view an advertisement (e.g. to unlock additional swipes).
  • Server-Side Verification (SSV) is active to securely validate rewards.
  • The Google User Messaging Platform (UMP) is used to obtain consent.
    Without consent, only non-personalised advertisements will be displayed.

Error & performance monitoring

For error and crash monitoring, Sentry (EU region Frankfurt) is used.
Pseudonymised data (e.g. UUID, device type, app version) is processed in this process.
Personal information (name, email address, etc.) will not be transmitted.

Email communication

Emails (support, password reset) are sent via our own mail server (Hetzner, Germany).

Data will only be passed on to other third parties if there is a legal obligation to do so.

7. Storage period

  • User accounts: deletion immediately after account deletion.
  • Backups: are used exclusively for emergency recovery and are deleted after no later than 30 days .
  • Protocols & Logs: maximum 90 days.
  • Contract and billing details: in accordance with statutory retention periods (Section 147 of the German Fiscal Code (AO) / Section 257 of the German Commercial Code (HGB)).

8. Minors

Only persons aged 16 and over are permitted to use the app.
Events and groups can be marked as ‘18+’ and are not accessible to persons under the age of 18.

9. Data security

We use technical and organisational measures to protect your data from loss, misuse and unauthorised access.
These include TLS encryption, access restrictions, regular backups and firewalls.

10. Rights of data subjects

Users have the right to:

  • Information about their stored data (Art. 15 GDPR)
  • Correction Incorrect data (Art. 16 GDPR)
  • Deletion (Right to be forgotten, Art. 17 GDPR)
  • Restriction processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection against certain processing operations (Art. 21 GDPR)

To exercise these rights, simply send an email to: support@blendz.me

11. Changes to this privacy policy

This privacy policy may be amended if the app is expanded.
The current version is available at any time at https://blendz.me/privacy-policy .

As of: October 2025
Version: 1.0