privma

Terms of Service

Last updated: April 24, 2025

1. Agreement to Terms

By accessing or using privma's services ("Services"), you agree to be bound by these Terms of Service ("Terms"). These Terms constitute a legally binding agreement between you and Agnosphere GmbH, a company registered in Germany. (Registergericht: Amtsgericht München, Registernummer: HRB 300721) If you disagree with any part of these Terms, you should not access or use the Services. Currently, our Services are available exclusively to users in the European Union due to data portability API limitations.

2. Description of Services

Agnosphere GmbH provides a service that helps you understand and manage your digital presence by aggregating and analyzing data from various platforms. Our Services currently focus on integrating with Google services (including browsing history and Maps location data), Amazon purchase history, and social media platforms like TikTok.

We use Plausible Analytics for privacy-focused website analytics and store all user data in Frankfurt, Germany through Supabase. Our Services are designed to provide meaningful insights while maintaining the highest standards of data privacy and security.

3. Data Processing and GDPR Compliance

As a data controller based in Germany, we process personal data in accordance with the General Data Protection Regulation (GDPR). All data is stored in Frankfurt, ensuring compliance with EU data protection requirements. We act as both a data controller for account-related information and a data processor for information obtained through platform integrations.

When connecting platforms, you grant us specific consent for each type of data access. These consents can be managed or revoked at any time through your account settings. We process data strictly according to these consents and our Privacy Policy.

4. Platform-Specific Terms

Google Services Integration

  • We access Google services through their official APIs with read-only permissions
  • Access is limited to specific scopes: Chrome history, Maps activity, Search history, Shopping activity, and YouTube activity
  • Our use complies with Google API Services User Data Policy and OAuth 2.0 standards
  • We maintain security measures required by Google Cloud Platform
  • You can revoke access to individual data types or all access at any time
  • All data access is explicitly authorized by you and can be reviewed in your Google Account settings

TikTok Platform Terms

  • We adhere to TikTok's Platform Terms of Service
  • Access is limited to authorized data portability endpoints
  • We implement required security measures for data protection
  • User content is processed according to TikTok's guidelines
  • We maintain transparency in data collection and usage

Amazon Services Integration

  • We comply with Amazon's API Terms of Service
  • Login with Amazon (LWA) integration follows security best practices
  • Order history access is limited to authorized scopes
  • We implement required security headers and measures
  • Data is processed in compliance with Amazon's guidelines

Meta Platform (Facebook) Integration

  • We adhere to Meta's Platform Terms and Developer Policies
  • Access is limited to authorized Data Portability API endpoints
  • We implement Meta's required security measures
  • User data is processed according to Meta's guidelines
  • We maintain compliance with Meta's data usage requirements

5. Data Usage and Legal Bases

We process your personal data based on the following legal bases under Article 6 GDPR:

  • Your explicit consent for processing platform data
  • Performance of our contract to provide the Services
  • Our legitimate interests in improving and securing our Services
  • Compliance with legal obligations

Your data will only be used for:

  • Providing insights and analytics about your digital presence
  • Improving our service functionality and user experience
  • Maintaining service security and preventing abuse
  • Complying with legal obligations and platform requirements

We explicitly DO NOT:

  • Sell or rent your data to third parties
  • Use your data for advertising purposes
  • Share your data beyond what's necessary for service operation
  • Process data beyond the scope of your explicit consent

6. Data Protection and International Transfers

We maintain compliance with:

  • The General Data Protection Regulation (GDPR)
  • Platform-specific data protection requirements
  • EU Standard Contractual Clauses for international transfers
  • Applicable EU Member State laws

For international data transfers, we implement appropriate safeguards including Standard Contractual Clauses and conduct transfer impact assessments where required. We implement appropriate technical and organizational measures in accordance with Article 32 of the GDPR, regularly reviewing and updating these as necessary.

7. Service Availability and Updates

While our Services are currently offered without charge, we reserve the right to introduce paid features in the future with appropriate notice. We may modify, suspend, or discontinue any part of the Services at any time, with or without notice.

Service availability may be affected by platform API limitations, maintenance windows, or technical requirements. We strive to maintain high availability but cannot guarantee uninterrupted access to the Services.

8. User Eligibility and Obligations

You must be at least 16 years old to use our Services, or the minimum age required by your country of residence if higher. For users under 16, parental/guardian consent is required in accordance with Article 8 of the GDPR. You are responsible for maintaining the security of your account credentials and ensuring the accuracy of any information you provide.

When connecting platform accounts, you confirm that you have the necessary rights and permissions to share the data. You agree not to misuse the Services or attempt to access them through unauthorized means. You must comply with the terms of service of all connected platforms.

9. Data Portability and Export

In accordance with GDPR Article 20, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. We provide data export functionality through your account settings, allowing you to download your data at any time.

Upon account deletion, we will provide a final export option before permanently removing your data according to our retention policies.

10. Termination

You may terminate your account at any time through your account settings. Upon termination, we will disconnect all platform integrations and delete your data according to our retention policies, except where we are required to retain certain information by law.

We may suspend or terminate your access if you violate these Terms, abuse the Services, or engage in activities that could harm other users or the platform's integrity.

11. Changes to Terms

We may update these Terms to reflect changes in our Services, legal requirements, or business practices. We will notify you of material changes through the Services or by email. Continued use of the Services after such changes constitutes acceptance of the updated Terms.

12. Contact Information

For questions about these Terms or to report violations, please contact us through the contact form on our website. We strive to respond to all inquiries promptly and professionally.