Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.

Effective Date: August 1, 2025 | Last Updated: August 1, 2025

Nokoridays ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy describes how we collect, use, and share your personal data when you use the Nokoridays application ("Service") in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller for the Service is:

Joel Martinez

Smaragdweg 8, 64287 Darmstadt, Germany

Email: joel@nokoridays.com

2. What Personal Data We Collect

We collect and process the following types of personal data:

Identification Data

Name, email address, and date of birth (to personalize your experience and support the "days of life" feature)

Authentication Data

Email and encrypted password

User-Generated Content

Personal reflexions submitted voluntarily in journal entries and counts, as well as the title of counters and your date of birth are encrypted.

πŸ”’ All of the above data is encrypted before it's written to our database using industry-standard AES-256-GCM via Ruby on Rails’ Active Record Encryption.

Engagement Statistics

Usage frequency and entry counts, aggregated to improve product experience

Technical Data

Cookies necessary for the operation of the application

We do not collect or process special categories of personal data unless you choose to include such data in your entries.

3. Legal Bases for Processing

We process your personal data on the following legal bases:

  • Performance of a contract (Art. 6(1)(b) GDPR): to provide and maintain the Service
  • Consent (Art. 6(1)(a) GDPR): for optional features such as email notifications
  • Legitimate interest (Art. 6(1)(f) GDPR): to analyze user engagement and improve the Service, with minimal privacy impact
  • Legal obligation (Art. 6(1)(c) GDPR): to comply with applicable laws and regulations

You can withdraw consent at any time via your profile settings for some features or by deleting your account.

4. Cookies

We use only essential cookies required to provide the Service (e.g. session management, authentication). These cookies do not track behavior for advertising or analytics purposes.

5. Data Sharing

We do not sell or share your personal data with third parties for marketing purposes.

We may share data only with:

  • Email delivery: Emails are sent using a provider with servers located in Germany.
  • Hosting: All data is stored and processed on servers located in Germany, ensuring compliance with European data protection laws.

All service providers operate under strict GDPR-compliant agreements.

6. Data Location and Retention

Data Location: All your data is stored and processed on servers located in the European Union, ensuring full compliance with European data protection standards.

Data Retention:

  • Your data is retained for as long as your account is active
  • You can delete individual entries or your entire account at any time

7. Data Security

We implement technical and organizational measures to protect your personal data, including:

  • HTTPS encryption in transit
  • Role-based access control
  • Encryption at rest (AES-256-GCM)

8. Your Rights

As a data subject, you have the following rights:

  • Right to Access (Art. 15) β€” request access to your personal data
  • Right to Rectification (Art. 16) β€” correct inaccurate or incomplete data
  • Right to Erasure (Art. 17) β€” request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing (Art. 18) β€” restrict processing under certain conditions
  • Right to Data Portability (Art. 20) β€” receive your data in a structured, commonly used format
  • Right to Object (Art. 21) β€” object to processing based on legitimate interests or direct marketing

To exercise your rights, please contact: joel@nokoridays.com

9. Children's Privacy

The Service is intended for users aged 18 and older. We do not knowingly collect data from children under 18. If you are a parent or guardian and believe your child has used the Service, please contact us to request deletion.

10. Changes to This Policy

We may update this Privacy Policy from time to time. You will be notified of significant changes via email or through the Service.

Questions About This Policy?

We're here to help. If you have any questions about this privacy policy or how we handle your data, please don't hesitate to reach out.

Contact Us