Privacy Policy

1. Introduction

MiniMuster ("we", "our", "us") is committed to protecting your privacy. This privacy policy explains how we collect, use, store, and protect your personal data when you use our miniature collection management platform.

2. Data Controller

MiniMuster is the data controller for your personal data. For any questions regarding this policy or your data, contact us at: privacy@minimuster.app

3. Data Collected

We collect the following types of data:

• Account data: email, username, password (hashed)

• Profile data: avatar, biography, language and theme preferences

• Collection data: armies, miniatures, images you upload

• Usage data: pages visited, features used, timestamps

• Technical data: IP address, browser type, operating system

• Social login data: if you use Google, Facebook, or others to sign in, we receive your email and public name

4. Purposes of Processing

Your data is used to:

• Provide and improve our services

• Manage your account and authentication

• Personalize your experience (theme, language)

• Analyze platform usage (anonymized statistics)

• Send you notifications related to your account

• Ensure security and prevent fraud

• Comply with our legal obligations

5. Legal Basis for Processing

We process your data on the following legal bases:

• Contract performance: to provide you with our services

• Consent: for analytics and marketing cookies (you can withdraw consent at any time)

• Legitimate interests: to improve our services and ensure security

• Legal obligations: to comply with applicable laws

6. Cookies

We use cookies to enhance your experience. You can manage your cookie preferences at any time via the "Cookie settings" link at the bottom of the page. Cookie categories are:

• Essential: necessary for site functionality (authentication, security)

• Analytics: help us understand how you use the site (Google Analytics)

• Marketing: used for targeted advertising (currently not used)

• Functional: remember your preferences (theme, language)

7. Data Sharing

We never sell your personal data. We may share it with:

• Service providers: hosting (Hetzner), analytics (Google Analytics), payments (Stripe)

• Authentication providers: if you use Google, Facebook, X to sign in

• Legal authorities: if required by law

• Other users: only the data you choose to make public (profile, public armies)

8. Data Retention

We retain your data as long as your account is active. After account deletion:

• Your personal data is deleted within 30 days

• Anonymized data may be retained for statistical purposes

• Backups are purged within 90 days

• Some data may be retained longer if required by law

9. Your Rights

Under the GDPR, you have the following rights:

• Right of access: obtain a copy of your data

• Right to rectification: correct inaccurate data

• Right to erasure: request deletion of your data

• Right to portability: receive your data in a structured format

• Right to object: object to certain processing

• Right to withdraw consent: at any time for consent-based processing

• Right to lodge a complaint with a data protection authority

10. Security

We implement technical and organizational security measures to protect your data:

• Encryption of data in transit (HTTPS/TLS)

• Password hashing (bcrypt)

• Restricted access to personal data

• Access monitoring and logging

• Regular security updates

11. International Transfers

Your data is primarily stored in Europe (Germany). If data is transferred outside the EEA, we ensure it receives adequate protection through standard contractual clauses or adequacy decisions.

12. Children's Privacy

MiniMuster is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us immediately.

13. Changes to This Policy

We may update this policy periodically. Significant changes will be notified by email or via a notification on the platform. The last update date is shown at the top of this page.

14. Contact

To exercise your rights or for any questions regarding this privacy policy, contact us at: privacy@minimuster.app. You can also write to us at the postal address indicated in our legal notices.