| Language: |
################################################################
# -------------------- Terms of Use ---------------------------
################################################################
**Last Updated:** 13.12.2025
These Terms of Use (“**Terms**”) govern your access to and use of the **Pengo Friendo** applications, websites, and related services (collectively, the “**Services**”) operated by **Martin Staehler, Einzelunternehmer (“Pengo Friendo,” “we,” “us,” or “our”)**.
By accessing or using the Services, you agree to be bound by these Terms.
If you do not agree to these Terms, you may not use the Services.
---
## 1. Eligibility
You must be at least **16 years old** (or the minimum age of digital consent in your jurisdiction, if higher) to use the Services.
By using the Services, you represent and warrant that:
- You meet the applicable age requirements; and
- You have the legal capacity to enter into these Terms.
The Services are **not intended for children under 16**, and we do not knowingly permit their use.
---
## 2. The Services
### 2.1 Description
Pengo Friendo provides tools for productivity, reflection, journaling, and **AI-powered guidance**, including feedback, summaries, rewards, or distraction interventions, delivered during the normal course of using the Services.
AI-powered guidance is a **core feature** of the Services.
### 2.2 No Medical, Legal, or Professional Advice
The Services are provided for **informational, organizational, and self-reflection purposes only**.
Pengo Friendo does **not** provide:
- Medical, psychological, psychiatric, or therapeutic advice;
- Legal advice; or
- Professional counseling or diagnosis.
You should not rely on the Services as a substitute for professional advice.
If you are experiencing a medical or mental health emergency, seek help from a qualified professional or emergency services immediately.
---
## 3. User Accounts
You may be required to create an account to access certain features.
You are responsible for:
- Maintaining the confidentiality of your login credentials;
- All activity that occurs under your account; and
- Ensuring that information you provide is accurate and up to date.
You must notify us promptly of any unauthorized use of your account.
---
## 4. AI-Powered Features
### 4.1 AI Processing
The Services use AI models to generate guidance and responses.
AI output is generated automatically and may be incomplete, inaccurate, or inappropriate in some cases.
You acknowledge and agree that:
- AI-generated content is provided **“as is”** and may contain errors;
- You remain responsible for how you interpret and act on AI-generated output; and
- You should independently verify information before relying on AI-generated content.
### 4.2 User-Controlled Context
When using AI features, you may **optionally choose** to provide additional context—such as journal entries, tasks, or self-descriptions—to receive more personalized responses.
You control:
- Whether such content is included; and
- Whether AI processing occurs locally on your device or via a cloud-based provider (where available).
---
## 5. Local and Cloud AI Options
### 5.1 Local AI (Ollama)
If you enable local AI processing:
- AI inference runs on your device using your locally installed Ollama service;
- Pengo Friendo does not access or receive AI input or output; and
- You are responsible for installing, maintaining, and securing your local environment.
### 5.2 Cloud AI
If you enable cloud-based AI processing:
- Selected content may be transmitted to a third-party AI provider solely to generate the requested response;
- Processing is subject to your consent and our Privacy Policy; and
- Cloud AI features may be unavailable if consent is not provided.
---
## 6. User Content
### 6.1 Ownership
You retain ownership of all content you create, upload, or store using the Services (“**User Content**”).
By using the Services, you grant Pengo Friendo a **limited, non-exclusive, non-transferable license** to process your User Content solely for the purpose of providing and operating the Services, in accordance with these Terms and our Privacy Policy.
### 6.2 Responsibility for Content
You are solely responsible for your User Content and represent that you have all necessary rights to submit it.
You agree not to submit content that:
- Violates applicable law;
- Infringes the rights of others; or
- Constitutes **Prohibited Data**, as defined in our Privacy Policy.
---
## 7. Prohibited Uses
You agree not to:
- Use the Services for unlawful purposes;
- Reverse engineer, decompile, or attempt to extract source code from the Services;
- Interfere with or disrupt the Services or servers;
- Use the Services to generate or transmit malicious, abusive, or harmful content;
- Attempt to bypass security, consent, or access controls; or
- Misrepresent AI-generated output as human-generated or professionally verified advice.
---
## 8. Data Storage and Synchronization
You may store content locally on your device or choose to enable cross-device synchronization.
If synchronization is enabled:
- Your content is stored in encrypted form on our servers;
- Access is governed by our Privacy Policy; and
- You may disable synchronization at any time.
---
## 9. Intellectual Property
The Services, including software, design, trademarks, logos, and underlying technology, are owned by or licensed to Pengo Friendo and are protected by applicable intellectual property laws.
Except as expressly permitted, you may not copy, modify, distribute, or create derivative works from the Services.
---
## 10. Termination
We may suspend or terminate your access to the Services if you:
- Violate these Terms;
- Misuse the Services; or
- Use the Services in a way that exposes us or others to legal risk.
You may stop using the Services at any time.
Termination does not affect rights or obligations that should reasonably survive termination.
---
## 11. Disclaimer of Warranties
THE SERVICES ARE PROVIDED **“AS IS”** AND **“AS AVAILABLE.”**
TO THE MAXIMUM EXTENT PERMITTED BY LAW, PENGO FRIENDO DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
WE DO NOT WARRANT THAT:
- THE SERVICES WILL BE ERROR-FREE OR UNINTERRUPTED; OR
- AI-GENERATED OUTPUT WILL BE ACCURATE OR RELIABLE.
---
## 12. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, PENGO FRIENDO SHALL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR SPECIAL DAMAGES, INCLUDING LOSS OF DATA, PROFITS, OR USE.
IN NO EVENT SHALL OUR TOTAL LIABILITY EXCEED THE AMOUNT YOU PAID TO USE THE SERVICES IN THE **12 MONTHS** PRECEDING THE CLAIM (OR €50, IF NO FEES WERE PAID).
Nothing in these Terms limits liability that cannot be excluded under applicable law.
---
## 13. Indemnification
You agree to indemnify and hold harmless Pengo Friendo from any claims, damages, losses, or expenses arising from:
- Your use of the Services;
- Your User Content; or
- Your violation of these Terms or applicable law.
---
## 14. Governing Law and Jurisdiction
These Terms are governed by the laws of the **Federal Republic of Germany**, without regard to conflict-of-law principles.
If you are a consumer residing in the EU, you may also benefit from mandatory consumer protection laws of your country of residence.
Any disputes shall be subject to the jurisdiction of the courts in **Germany**, unless otherwise required by law.
---
## 15. Changes to the Terms
We may update these Terms from time to time.
Material changes will be communicated through the Services or by other appropriate means.
Continued use of the Services after changes become effective constitutes acceptance of the updated Terms.
---
## 16. Contact Information
**Pengo Friendo**
Martin Staehler, Einzelunternehmer
Lechallee 31
86399 Bobingen
Germany
📧 **contact@pengofriendo.com**
🌐 **https://pengofriendo.com**
##############################################################
# ------------------ Privacy Policy --------------------------
##############################################################
# 1. What this Privacy Policy Covers
This Privacy Policy explains how we treat Personal Data that we gather when you access or use the Services. “Personal Data” means any information that identifies or relates to an identifiable individual and includes information referred to as “personal information” or “personally identifiable information” under applicable privacy laws.
This Privacy Policy applies to our processing of Personal Data in connection with the Pengo Friendo applications, websites, and related services (collectively, the “Services”).
It does not cover the practices of companies we do not control or people we do not manage.
---
# 2. Personal Data
## Categories of Personal Data We Collect
This chart details the categories of Personal Data that we collect and have collected over the past 12 months:
| **Category of Personal Data (and Examples)** | **Business or Commercial Purpose(s) for Collection / Processing** | **Categories of Third Parties With Whom We Disclose this Personal Data** |
|----------------------------------------------|------------------------------------------------------------------|-------------------------------------------------------------------------|
| **Profile Data** – name, email address, account identifiers (when you create an account or contact us). | Provide, customize, and operate the Services; manage user accounts; correspond with you. | Hosting providers; service providers. |
| **Consumer Demographic Data** – age or date of birth (if provided). | Verify age where required by law; enable age-appropriate features and settings. | None, except where required by law or processed by service providers acting on our behalf. |
| **Payment Data** – transaction records from Apple App Store or Steamworks (including product ID, purchase amount, and billing region). We do not store payment card numbers. | Fulfil purchases; provide customer support; comply with tax, accounting, and legal obligations. | Apple Inc.; Valve Corporation (Steamworks); tax authorities where required. |
| **Device / IP Data** – IP address, device identifier, device type, operating system, app version, language, and region. | Provide, secure, and operate the Services; prevent fraud and abuse; perform analytics **only after you have given consent**. | Unity Technologies (Unity Analytics); Google LLC (Google Analytics). |
| **Usage & Event Analytics** – session timestamps, feature usage, crash reports, and referral information. | Debugging, performance measurement, and product improvement **only after you have given consent**. | Analytics service providers (Unity Technologies; Google LLC). |
| **Sensory Data** – images or other media you upload within the app (no audio recordings at present). | Provide and improve user-requested features within the Services. | Hosting and infrastructure providers. |
| **Synced Data / User Content** – journal entries, daily tasks, or self-descriptions that you choose to synchronize across devices. | Provide user-controlled cross-device synchronization and continuity of the Services. | Unity Technologies (cloud services); hosting and infrastructure providers. |
| **AI Input & Output Data** – text you provide for AI-assisted features, including your name, journal entries, daily tasks, and self-descriptions. | Provide AI-powered guidance and tailored intervention messages as part of the core functionality of the Services. | **Cloud AI (optional):** **OpenAI OpCo, LLC (USA)** acting as a processor under the **EU Standard Contractual Clauses (SCCs)**. Prompts and outputs may be retained by OpenAI for up to **30 days** solely for abuse and misuse monitoring and are **not used for model training**. <br><br> **Local AI:** When **Local AI (Ollama)** is selected, processing occurs exclusively on the user’s device via requests to the user’s own **Ollama service on `localhost`**. We do **not** receive, access, or transmit this data, and no third party processes it. |
| **Support Communications** – emails or messages you send to us. | Respond to inquiries, provide technical support, and resolve issues. | Support service providers acting on our behalf. |
---
## Categories of Sources of Personal Data
We collect Personal Data about you from the following categories of sources:
### 1. Directly from You
We collect information that you provide directly to us, including when you:
- Create an account or use our applications and Services.
- Enter information in free-form text fields (for example, journals, self-descriptions, daily tasks, or survey responses).
- Switch between application categories such as *leisure* or *work*.
- Contact us by email or other means for support or feedback.
- Choose to synchronize your data across devices through the Services (“Synced Data,” such as journals or self-descriptions).
- Upload or share content within the app (such as images, notes, or other media).
The core functionality of **Pengo Friendo** relies on **AI-powered guidance** that generates contextual interventions and responses requested by the user.
When using these AI features, the user may **optionally choose to append additional context**—such as self-descriptions, daily tasks, or journal entries—to an individual AI guidance request in order to receive more personalized or relevant responses.
The AI processing required to generate the requested guidance is **necessary to perform our contract with you** and provide the Services you request.
The inclusion of additional contextual content is **entirely user-controlled** and limited to the specific data that the user chooses to submit for that request.
We do not intentionally request or infer sensitive (“special-category”) Personal Data. However, because users may voluntarily include such information in free-form text, this content may be processed as part of an AI guidance request.
- AI processing itself is **transient** and limited to generating the requested response.
- User content is stored **only if you choose to save it locally or enable synchronization**.
- If synchronization is enabled, journal content is stored on our servers in **end-to-end encrypted form**, and we cannot access the plaintext content.
Optional Cloud AI features involve transmitting selected AI input to our AI service provider and require your **explicit consent**, as described below. You may withdraw this consent at any time in **Settings**. Withdrawal does not affect prior lawful processing and disables cloud-based AI processing going forward.
You can choose how AI processing occurs:
#### Local AI (Ollama)
- AI inference takes place entirely on your device using your locally installed **Ollama service**, which receives requests from the app via local HTTP requests to a service running on `localhost`.
- **Pengo Friendo does not access, monitor, log, or receive** AI input or output processed locally.
- You are responsible for installing and maintaining Ollama and for the security of your local environment.
- If Ollama is not installed or becomes unavailable, local AI processing cannot function.
When Local AI is enabled, AI input and output data remain solely on your device and under your control.
#### Cloud AI (OpenAI)
- If you explicitly enable Cloud AI, selected AI input is transmitted securely to **OpenAI OpCo, LLC (USA)** for model inference.
- OpenAI processes this data as a processor under the **EU Standard Contractual Clauses (SCCs)**.
- Prompts and outputs may be retained by OpenAI for up to **30 days** solely for abuse and misuse monitoring and are **not used for model training**.
- Because AI input may include special-category Personal Data, Cloud AI processing occurs only with your **explicit consent** under **Article 9(2)(a) GDPR**.
- You may withdraw this consent at any time in **Settings**, which immediately disables cloud-based AI processing.
If neither Local AI is available nor Cloud AI consent is provided, AI-powered guidance features cannot operate and parts of the Services may be unavailable.
---
### 2. Automatically from Your Device or Browser
When you use the Services, we may collect certain data through software development kits (SDKs), cookies, or similar technologies — but any analytics or non-essential tracking occurs only after you have provided explicit opt-in consent. Data collected through software development kits (SDKs), cookies, or similar technologies, including:
- **Device and IP data** (such as device ID, OS, language, and region).
- **Usage and event analytics** (such as session timestamps, crash reports, or feature interactions).
- **Referral and attribution information** (such as how you found our app).
These data help us operate, secure, and improve our Services.
Our analytics providers include **Unity Technologies (Unity Analytics)** and **Google LLC (Google Analytics)**.
---
### 3. From Third Parties
We receive limited Personal Data from third-party sources, including:
- **Payment Platforms** – Apple App Store and Steamworks provide transaction records (product ID, billing region, purchase amount). We do not store full payment card numbers.
- **Analytics and AI Vendors** – OpenAI (for Cloud AI features), Unity Technologies, and Google LLC provide aggregated analytics and model outputs to improve Services.
## Our Commercial or Business Purposes for Collecting Personal Data
We collect and process Personal Data solely for the purposes described below and only to the extent necessary to operate and provide the Services, in accordance with applicable data protection laws, including the GDPR, UK GDPR, and applicable U.S. state privacy laws.
| **Purpose of Processing** | **Example Activities** |
|---------------------------|-------------------------|
| **Providing and Operating the Services** | Operating, maintaining, and securing the Services; creating and managing user accounts; enabling core app functionality; processing purchases; preventing fraud and abuse; debugging and ensuring system reliability. |
| **Providing AI-Powered Guidance** | Generating user-requested guidance, feedback, summaries, or interventions using AI models. Users may optionally choose to append additional context (such as journal entries, tasks, or self-descriptions) to individual AI guidance requests. AI processing may occur locally on the user’s device (via Ollama) or, if explicitly enabled by the user, through a cloud-based provider (such as OpenAI). |
| **Service Analytics and Performance Measurement** | Measuring usage patterns, diagnosing errors, and improving performance and stability using analytics tools, subject to applicable consent requirements. Analytics data is not used for third-party advertising. |
| **User-Controlled Cross-Device Synchronization** | Synchronizing journals, self-descriptions, or related user content across devices through Unity Cloud, where explicitly enabled by the user. |
| **Service Communications and Self-Promotion** | Communicating with users about service-related matters, feature updates, changes to the Services, pricing, and optional premium features related to Pengo Friendo. These communications are first-party only and do not involve behavioral profiling. |
| **User Support and Correspondence** | Responding to user inquiries, support requests, and feedback, and providing assistance related to use of the Services. |
| **Legal Compliance and Enforcement** | Complying with applicable legal and regulatory obligations; responding to lawful requests; protecting our rights, users, and systems; and enforcing our Terms of Use or resolving disputes. |
We do **not** use **journal content, AI inputs, or AI outputs** for advertising, marketing, or behavioral profiling.
We do **not** use Personal Data for purposes that are materially unrelated to the operation of the Services without providing notice and, where required by law, obtaining consent.
## AI Processing and Special-Category Data
Certain features of the Services provide **AI-powered guidance, feedback, summaries, rewards, or distraction interventions** during the normal course of using the Services, including in response to user actions, app state, or lifecycle events.
When requesting AI guidance, users may **optionally choose to include additional contextual content**—such as journal entries, self-descriptions, or task-related reflections—to receive more personalized responses.
Because this user-supplied content may reveal **special-category Personal Data** (such as information about emotional state, mental well-being, beliefs, or personal experiences), the processing of such content occurs **only when the user explicitly chooses to include it** and only for the specific purpose of generating the requested AI response.
If a user does not choose to append such content, it is **not processed by AI**.
You may choose between the following AI processing options at any time:
### 1. Local Processing (Ollama)
If you enable local processing:
- AI inference occurs **entirely on your device** using your locally installed Ollama service.
- AI input and output data are **not transmitted to us or to any third party**.
- We do **not** receive, store, or have access to content processed locally, and we have no visibility into such processing.
Local processing allows you to use AI features without transmitting your content off your device.
### 2. Cloud Processing (OpenAI API)
If you enable cloud processing, and choose to append contextual content to an AI guidance request, that content is transmitted securely to **OpenAI OpCo, LLC (USA)** **solely to generate the requested response**.
Under the GDPR:
- AI response generation is processed under **Article 6(1)(b)** (performance of a contract); and
- Where the appended content includes special-category Personal Data, processing occurs under **Article 9(2)(a)** (explicit consent).
When cloud processing is enabled:
- Processing is limited strictly to the specific guidance request and the content you choose to include.
- We do **not** use AI input or output data for advertising, profiling, analytics, or model training.
- We do **not** retain AI prompts or outputs beyond what is necessary to deliver the response, except where such content forms part of a journal entry you have chosen to save or synchronize.
OpenAI may retain prompts and outputs for up to **30 days** solely for abuse and misuse monitoring and does **not** use this data for model training.
### Disabling AI Processing
If you withdraw consent to include contextual content or disable cloud processing, that content will no longer be processed by AI, and cloud-based AI processing will cease for future requests.
---
We will not collect additional categories of Personal Data or use your data for materially different, unrelated, or incompatible purposes without providing notice and, where required by law, obtaining your consent.
---
## 3. Prohibited Data
As described in our Terms of Use, you represent, warrant, and agree that you will not submit, upload, or otherwise make available to our servers or third-party service providers any content or data that includes **Prohibited Data**, except where explicitly permitted by this Privacy Policy.
This restriction applies to **unencrypted or plaintext data transmitted off your device**.
Content processed exclusively through **Local AI (Ollama)** and data stored locally on your device are not transmitted to our servers and are not subject to this restriction.
We reserve the right to disable or restrict features that allow data transmission to our servers if this restriction is violated. Repeated or serious violations may result in suspension or termination of access to the Services.
### Definition of Prohibited Data
**“Prohibited Data”** includes any of the following:
- **Protected health information (PHI)** regulated under healthcare privacy laws (such as HIPAA), including medical records, clinical diagnoses, treatment details, or health insurance information.
- **Government-issued identification numbers or documents** (for example, Social Security numbers, driver’s license numbers, or passport details).
- **Full financial account or payment card information** (such as credit or debit card numbers or bank account numbers).
- **Personal Data of children under 13 years of age**, or of any individual below the applicable minimum age of digital consent.
In addition, Prohibited Data includes any information that:
- Constitutes **criminal conviction or offense data**; or
- Is submitted **without valid authorization or consent** from the relevant data subject.
### Special-Category Personal Data
Certain features of the Services allow users to voluntarily submit free-form text that may include **special-category Personal Data** (such as information about emotional state, mental well-being, beliefs, or personal experiences).
This does **not** include regulated medical or clinical records, which remain **Prohibited Data**.
- AI-powered guidance is provided as part of the core functionality of the Services under **Article 6(1)(b) GDPR** (performance of a contract).
- Where user-supplied content includes special-category Personal Data, such content is processed **only if the user explicitly chooses to include it** and only with the user’s **explicit consent** under **Article 9(2)(a) GDPR**.
- If explicit consent is not provided or is withdrawn, special-category content is not processed by AI, and cloud-based AI processing for such content is disabled.
Special-category Personal Data processed through AI features is:
- Used **solely to generate the requested AI response**;
- **Not** used for advertising, profiling, analytics, or model training; and
- **Not retained** by us beyond what is necessary to deliver the response or store content that the user has explicitly chosen to save or synchronize.
---
## 4. How We Disclose Your Personal Data
We disclose Personal Data only to the categories of service providers and other parties described in this section and only to the extent necessary to operate and provide the Services.
Depending on applicable U.S. state privacy laws, some of these disclosures may be considered a “sale” or “sharing” of Personal Data as those terms are legally defined. For more information and available choices, please see the **U.S. State Privacy Rights** section below.
---
## Service Providers
We engage trusted third-party service providers to help us operate, maintain, and improve the Services and to perform business functions on our behalf. These providers process Personal Data only in accordance with our instructions and for the purposes described in this Privacy Policy.
Categories of service providers include:
- **Hosting and infrastructure providers** (such as Unity Cloud Services).
- **Analytics and performance measurement providers** (such as Unity Technologies and Google LLC), used solely to understand service usage, diagnose issues, and improve performance. These providers act as service providers and are not authorized to use data for their own advertising or marketing purposes.
- **AI service providers** (such as OpenAI) that process user-submitted text solely to generate requested AI responses.
- **Payment processors and platform providers** (such as Apple Inc. and Valve Corporation) that process transactions in accordance with their own privacy policies.
We require service providers to implement appropriate safeguards and to process Personal Data only for the business purposes specified by us.
---
## Advertising and Marketing
The Services may include **first-party promotional messages** about Pengo Friendo, such as information about features, updates, pricing, or optional premium offerings.
We do **not**:
- Display third-party advertisements;
- Share Personal Data with advertising networks or data brokers; or
- Use Personal Data for cross-context behavioral advertising or third-party marketing.
**Journal content, AI inputs, and AI outputs are never used for advertising or marketing purposes.**
Any promotional communications are limited to first-party messaging and do not involve profiling based on journal content or AI-generated insights.
---
## Parties You Authorize, Access, or Authenticate
We may share your Personal Data with third parties or individuals when you explicitly authorize or direct us to do so. This may include:
- **Third-party backup or synchronization services** that you choose to connect with your account (for example, Apple iCloud, Dropbox, Google Drive, Box, or OneDrive).
- **Other users or individuals** with whom you share content (for example, when you create or send links to shared journals or notes).
You control whether to enable these sharing options, and we will only transmit data to such parties at your direction.
---
## Legal and Business Disclosures
We may also disclose Personal Data:
- To comply with applicable laws, regulations, or lawful requests by public authorities.
- To protect our rights, property, or safety, or that of our users or others.
- In connection with a merger, acquisition, or other business transfer involving **Martin Staehler, Einzelunternehmer** (you will be notified of any material changes).
We may also create and share **aggregated or de-identified data** for statistical or analytical purposes that no longer identify any individual.
# 5. Business Transfers
All of your Personal Data that we collect may be transferred to a third party in connection with a merger, acquisition, reorganization, bankruptcy, or other transaction in which that third party assumes control of all or part of our business or assets.
Should such an event occur, we will make reasonable efforts to notify you—through the Services, by email, or via our website—before your Personal Data becomes subject to a different privacy policy or data-handling practices.
# 6. Data That Is Not Personal Data
We may create aggregated, de-identified, or anonymized data derived from the Personal Data we collect by removing information that identifies, relates to, or could reasonably be linked to a particular individual.
We may use and disclose such aggregated, de-identified, or anonymized data for any lawful business purpose, including analyzing and improving the Services, developing new features, and promoting our business.
We will not disclose this type of data in a manner that could reasonably be used to identify you.
# 7. Tracking Tools, Advertising, and Opt-Out
The Services use tracking technologies such as SDKs, pixel tags, cookies, web beacons, clear GIFs, and JavaScript (collectively, “Tracking Tools”) to help us operate, improve, and personalize your experience. Tracking Tools enable our servers to recognize you, measure how and when you use our Services, analyze trends, and optimize performance.
Tracking Tools are small data files—usually text files—placed on your computer, tablet, phone, or similar device when you use that device to access our Services. We may also supplement information collected through our own Tracking Tools with information provided by third parties that place their own Tracking Tools on your device(s).
Because of how Tracking Tools operate, our Services do not currently respond to “Do Not Track” (DNT) browser signals, though we respect Global Privacy Control (GPC) signals where legally required.
When you first open the app, we ask for your consent to certain data processing activities. Analytics and performance tracking begin only after you provide that consent.
---
## Types of Tracking Tools We Use
### Essential Tracking Tools
These are necessary to provide core functionality, such as authentication, security, and enabling access to secure areas of the Services. Disabling these tools may prevent parts of the Services from functioning properly.
### Functional Tracking Tools
These remember your preferences and settings (such as language, region, and login information) and help personalize your experience when you return to the Services.
### Performance and Analytical Tracking Tools
These tools help us understand how users interact with our Services by collecting metrics such as visit frequency, pages viewed, and session duration. They also assist in measuring and improving the performance of our content and marketing campaigns.
Our analytics providers include:
- **Unity Technologies** – We use Unity Analytics to collect aggregated usage and event data.
Unity may process device identifiers, IP addresses, and gameplay events in accordance with its own privacy policy, available at:
[Unity Privacy Policy for Game Players and App Users](https://unity.com/legal/game-player-and-app-user-privacy-policy)
- **Google LLC (Google Analytics)**
Google’s use of data collected through its services is governed by the [Google Analytics Terms of Use](https://marketingplatform.google.com/about/analytics/terms/us/) and [Google Privacy Policy](https://policies.google.com/privacy).
You may opt out of Google Analytics by installing the [Google Analytics Opt-Out Browser Add-on](https://tools.google.com/dlpage/gaoptout) or visiting [www.google.com/privacy_ads.html](https://www.google.com/privacy_ads.html).
---
## Your Choices and Controls
You can switch between local (Ollama) and cloud (OpenAI) AI modes in the app settings.
Selecting local mode ensures that all AI processing stays on your device.
Local mode requires the installation of Ollama.
When you first open the app, we ask for your consent to certain data processing activities.
- **Essential Processing** – Required to provide the Services, including AI-powered features. You cannot use the core functionality without this processing.
- **Anonymous Usage Analytics** – Optional. You may choose to allow or refuse collection of anonymous usage data (for example, through Unity Analytics or Google Analytics).
Your choices are presented as checkboxes when you first start the app.
You can change or withdraw your consent for analytics at any time by visiting **Settings › Tracking** in the app.
We record your consent preferences (date, version, and selections) to demonstrate compliance with applicable privacy laws.
You can manage your Tracking Tool preferences in several ways:
- On **Desktop**, navigate to `Settings > Tracking` and toggle permissions for the Pengo Friendo application.
- On **iOS**, navigate to `Settings > Privacy & Security > Tracking` and toggle permissions for the Pengo Friendo application.
- On **Android**, use `Settings > Privacy > Ads` to reset or limit ad tracking.
You may also visit:
- [www.allaboutcookies.org](https://www.allaboutcookies.org) for general cookie management; or
- [https://ico.org.uk/for-the-public/online/cookies/](https://ico.org.uk/for-the-public/online/cookies/) if you are located in the European Union or United Kingdom.
Please note that disabling or deleting Tracking Tools may affect functionality or personalization features within the Services.
We never initialize analytics SDKs or collect non-essential data until you have expressly opted in through the consent dialog or privacy settings.
# 8. Targeted Advertising
We do **not** use your Personal Data for third-party or interest-based advertising, and we do not share any information with external advertising networks.
You may occasionally see **non-personalized in-app messages or banners** that promote new features, updates, or premium options within Pengo Friendo.
These communications are shown only by us, based on your use of the app, and never involve sharing data with advertisers or other third parties.
# 9. Data Storage
When you use our Services on your local device—such as through the downloadable Pengo Friendo applications—certain data (for example, your journals, notes, or self-descriptions) will be stored locally on your device.
You may choose to keep your data stored locally and not enable synchronization. Data stored locally remains accessible only to you, and we do not have access to or visibility into that data.
If you choose to enable synchronization or cloud-based features, the data you select to sync (“Synced Data”) will be replicated on secure servers operated by our hosting providers, including Unity Technologies (Unity Cloud Services) and other data centers located in the European Union or the United States.
By using synchronization or other cloud-connected features, you acknowledge that your Personal Data may be transmitted to, processed, and stored on servers outside your country of residence, including the United States, subject to appropriate safeguards as described in the **International Data Transfers** section below.
When using the Cloud AI option, your text is transmitted securely to OpenAI and processed transiently to generate a response. Copies are retained by OpenAI for up to 30 days solely for abuse and misuse monitoring before being automatically deleted. These retained copies are not used for model training or improvement.
When using Local AI (Ollama), your text is processed by the Ollama service running on your own device via local requests to localhost. We do not receive or access this data. To our knowledge, Ollama performs inference locally and does not transmit your content externally, though we do not operate or control that software.
# 10. Data Security and Retention
We seek to protect your Personal Data from unauthorized access, use, and disclosure through appropriate technical, organizational, administrative, and physical safeguards, taking into account the nature of the data and the risks associated with its processing.
Your Synced Journal Data is encrypted in transit and at rest when stored on our servers. No one at **Martin Staehler, Einzelunternehmer (Pengo Friendo)** can view your Synced Journal Data unless you expressly authorize access or it is necessary to comply with this Privacy Policy, our Terms of Use, or applicable legal obligations.
You also play an important role in safeguarding your data. Please help protect your account by:
- Choosing strong and unique passwords or authentication methods;
- Limiting access to your devices and browsers; and
- Signing out after using shared or public devices.
Although we work diligently to secure your Personal Data, please note that no method of data transmission or storage is completely secure, and we cannot guarantee absolute security.
---
## Data Retention
We retain Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including:
- Providing and maintaining your account and the Services;
- Meeting our business, legal, or compliance obligations; and
- Resolving disputes or enforcing our agreements.
When determining retention periods, we consider factors such as:
- The source of the Personal Data;
- The reason it was collected;
- Its sensitivity; and
- Our legal or contractual obligations.
In some cases, we may retain certain data longer if required by law, for example to comply with tax or accounting regulations, respond to legal requests, or enforce rights.
Once Personal Data is no longer needed for the purposes described, we will delete it or anonymize it so that it no longer identifies you. We may retain aggregated or de-identified information indefinitely for analytical or statistical purposes.
Analytics data is collected only when you have given consent and retained for a limited period (typically up to 13 months) or until you withdraw consent, whichever comes first.
After withdrawal, we immediately stop collecting new analytics data and anonymize or delete any remaining identifiable analytics records within a reasonable period.
** Analytics events: 13 months (EEA standard)
** Account data: life of account + 30 days
** Server Logs: 7 days
** Crash logs: 30 days
# 11. Personal Data of Children
The Children’s Online Privacy Protection Act (“COPPA”) requires that online service providers obtain verifiable parental consent before knowingly collecting personally identifiable information from children under 13 years of age in the United States.
The Services are not directed to children under 16 years of age. We do not knowingly collect or solicit Personal Data from children under sixteen (16). If you are under sixteen, please do not attempt to register for an account, use any interactive features of the Services, or send any Personal Data to us.
If we learn that we have inadvertently collected Personal Data from a child under sixteen (16), we will promptly delete that information. If you believe that a child under sixteen (16) may have provided us with Personal Data, please contact us at **contact@pengofriendo.com**.
# 12. U.S. State Privacy Rights
If you reside in certain U.S. states—such as California, Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia—you may have specific privacy rights under applicable state data protection laws (collectively, the “U.S. State Privacy Laws”).
Please review the **Exercising Your Rights** section below for instructions on how to submit a request. Note that your rights may be subject to legal conditions, verification requirements, or applicable exceptions.
If we process your Personal Data as a service provider or processor on behalf of another organization (for example, a business customer using Pengo Friendo technology), you should contact that organization directly to exercise your rights regarding such data.
If you have questions about this section or whether your state’s privacy laws apply to you, please contact us at **contact@pengofriendo.com**.
---
## Your Rights Under U.S. State Privacy Laws
### Access
You have the right to request confirmation as to whether we process your Personal Data and to access that data. You may also request a portable copy of your Personal Data that we maintain.
Residents of **Oregon** or **Minnesota** additionally have the right to request a list of specific third parties (other than natural persons) to whom we have disclosed Personal Data.
### Deletion
You have the right to request that we delete the Personal Data we have collected from or about you, subject to certain legal or operational exceptions (for example, if retention is required to complete a transaction, detect fraud, or comply with legal obligations).
### Correction
You have the right to request that we correct inaccurate Personal Data about you.
### Portability
You have the right to request a copy of your Personal Data in a structured, commonly used, and machine-readable format, to the extent technically feasible.
### Opt-Out Rights
Depending on your state of residence, you may have specific rights under applicable U.S. State Privacy Laws, including the right to:
- Opt out of the **sale** or **sharing** of your Personal Data as defined by state law;
- Opt out of the processing of your Personal Data for **targeted advertising**; and
- Opt out of certain forms of **profiling** in furtherance of decisions that produce legal or similarly significant effects.
We want to be transparent that **Pengo Friendo does not sell, share, or use Personal Data for targeted or cross-context behavioral advertising**.
We also do not disclose or make available your journals, self-descriptions, or AI-generated content to any third parties for marketing purposes.
Because these activities do not occur, there is **no need to submit an opt-out request** for sale, sharing, or targeted advertising.
If you wish to confirm or manage other privacy preferences, you can contact us at **contact@pengofriendo.com** or use the in-app privacy settings.
We will not discriminate against you for exercising your privacy rights under applicable U.S. State Privacy Laws.
# 13. “Selling,” “Sharing,” and Targeted Advertising
Certain U.S. State Privacy Laws (including the California Consumer Privacy Act as amended by the CPRA, and similar laws in other states) provide residents with the right to opt out of the “sale” or “sharing” of Personal Data, or the use of Personal Data for targeted advertising.
### No Third-Party Advertising or Data Brokerage
Pengo Friendo does **not**:
- Sell Personal Data for monetary or other valuable consideration;
- Share Personal Data with advertising networks, data brokers, or social media platforms for cross-context behavioral advertising; or
- Permit third parties to collect Personal Data through the Services for interest-based advertising purposes.
### First-Party Communications
The Services may include **first-party promotional communications** related to Pengo Friendo, such as information about features, updates, pricing, or optional premium offerings. These communications are not based on cross-context behavioral advertising and do not involve third-party marketing.
**Journal content, AI inputs, and AI-generated outputs are never used for advertising or marketing purposes**, including first-party promotions.
### Analytics and Service Providers
Any analytics or performance data collected (for example, usage statistics or crash reports) is used solely to operate, secure, and improve the Services. Analytics providers act as **service providers** under our instructions and are contractually restricted from using Personal Data for advertising or marketing purposes.
Because we do not engage in the sale or sharing of Personal Data for advertising purposes, there are **no categories of third parties to whom we sell or share Personal Data** under applicable U.S. State Privacy Laws.
---
## Categories of Third Parties to Whom We Sell or Share Personal Data
We do **not** sell or share Personal Data with third parties for advertising or marketing purposes.
All third parties that process Personal Data on our behalf (such as analytics, infrastructure, AI, or payment providers) act solely as **service providers** and are restricted from using Personal Data for their own commercial purposes.
---
## Categories of Personal Data Sold or Shared in the Past 12 Months
None. We have not sold or shared Personal Data (as defined by applicable U.S. state privacy laws) in the past 12 months.
---
We do **not** use, sell, or share your **Private User Submissions** or **Limited-Audience User Submissions** (for example, your journals, personal notes, recordings, images, or documents) for targeted advertising or any other commercial purpose.
To our knowledge, we do **not** sell or share the Personal Data of minors under sixteen (16) years of age.
# 14. Anti-Discrimination
We will not discriminate against you for exercising any of your rights under applicable privacy laws. Specifically, we will not:
- Deny you access to our Services;
- Charge you different prices or rates for the same Services; or
- Provide you with a different level or quality of goods or services.
However, as permitted by applicable data privacy laws, we may offer different tiers or versions of our Services that vary in price, rate, or quality, depending on the value of Personal Data that we receive from you or your decision to share certain information.
Such offerings will always comply with the relevant requirements under applicable law, including the **California Consumer Privacy Act (CCPA/CPRA)** and similar state privacy frameworks.
# 15. Other State-Specific Privacy Rights
## California Residents – “Shine the Light” Law
Under **California Civil Code Sections 1798.83–1798.84**, California residents are entitled to request information about the disclosure of their Personal Data to third parties for those parties’ own direct marketing purposes.
To submit such a request, please contact us at **contact@pengofriendo.com** with the subject line **“California Shine the Light Request.”**
---
## Nevada Residents
If you are a resident of Nevada, you have the right to opt out of the sale of certain Personal Data to third parties.
You may exercise this right by contacting us at **contact@pengofriendo.com** with the subject line **“Nevada Do Not Sell Request.”**
Please include your full name and the email address associated with your account so that we can process your request.
# 16. Exercising Your Rights under U.S. State Privacy Laws
To exercise the rights described in this Privacy Policy, you—or your Authorized Agent, where permitted—must send us a request that:
- Provides sufficient information for us to verify your identity (for example, details from your Profile Data such as your name or email address); and
- Describes your request in enough detail to enable us to understand, evaluate, and respond appropriately.
Each request that meets these criteria will be considered a **“Valid Request.”**
We may be unable to respond to requests that do not meet these criteria.
We will use any Personal Data provided in a Valid Request solely for the purpose of verifying your identity and fulfilling your request. You do not need an account to submit a Valid Request.
---
You may submit your request by contacting us at:
📧 **contact@pengofriendo.com**
We will respond to your Valid Request within the time period required by applicable law.
We do not charge a fee for processing Valid Requests unless such requests are excessive, repetitive, or manifestly unfounded.
If a fee is necessary, we will notify you in advance and explain our decision before completing your request.
### Opt-Out Rights
Depending on your state of residence, you may have specific rights under applicable U.S. State Privacy Laws, including the right to:
- Opt out of the **sale** of Personal Data, as defined by state law;
- Opt out of the **sharing** of Personal Data for cross-context behavioral advertising;
- Opt out of the processing of Personal Data for **targeted advertising**; and
- Opt out of certain forms of **profiling** in furtherance of decisions that produce legal or similarly significant effects.
### Our Practices
Pengo Friendo does **not**:
- Sell Personal Data;
- Share Personal Data for cross-context behavioral advertising; or
- Use Personal Data for targeted advertising by third parties.
We also do **not** disclose or make available **journal content, self-descriptions, AI inputs, or AI-generated outputs** to any third parties for advertising or marketing purposes.
Because these activities do not occur, there is generally **no need to submit an opt-out request** for the sale or sharing of Personal Data or for targeted advertising.
However, you may contact us at **contact@pengofriendo.com** or use available in-app privacy controls if you wish to:
- Confirm our data practices;
- Exercise other privacy rights available to you; or
- Ask questions about how your data is processed.
We will not discriminate against you for exercising your privacy rights under applicable U.S. State Privacy Laws.
---
## To opt out through your device settings:
- **On iOS:** Navigate to `Settings > Privacy & Security > Tracking`, then toggle off permission for the Pengo Friendo application.
- **On Android:** Go to `Settings > Privacy > Ads`, and disable or reset ad personalization.
---
You may also manage your opt-out preferences directly within our **in-app privacy settings**, or by sending a request to **contact@pengofriendo.com** with the subject line **“Opt-Out Request.”**
Once we receive your request, we will process it promptly and will not ask you to reauthorize the sale or sharing of your Personal Data for at least twelve (12) months.
# 18. Request to Access, Delete, or Correct Personal Data
You may submit a Valid Request to exercise your rights to access, delete, correct, or obtain a portable copy of your Personal Data as described in this Privacy Policy by emailing us at **contact@pengofriendo.com**.
If you are a resident of **California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, or Texas**, you may also authorize another person (an **“Authorized Agent”**) to exercise these rights on your behalf.
To do so, you must provide your Authorized Agent with written permission to act on your behalf.
When your Authorized Agent submits a request for you, we may require them to provide a copy of your written authorization and may also need to verify your identity directly to protect your privacy and security.
We will process all Valid Requests in accordance with the requirements and timelines set forth under applicable **U.S. State Privacy Laws**.
# 19. Appealing a Denial
If you are a resident of **Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, or Virginia**, and we decline to act on your privacy request, you have the right to appeal our decision.
---
## To submit an appeal, you must:
- Provide sufficient information to allow us to verify your identity and locate the original request; and
- Include a description of the basis for your appeal.
You may submit your appeal by emailing us at **contact@pengofriendo.com** with the subject line:
**“[STATE OF RESIDENCE] Appeal.”**
---
Your appeal will be handled in accordance with the procedures and timelines required under your applicable State Privacy Law.
We will respond to your appeal within the period mandated by the relevant state law.
If we deny your appeal, you may also contact the **Attorney General of your state** for further information or to lodge a complaint.
For your convenience, you can find contact information for these state Attorneys General below:
- **Colorado Attorney General**
- **Connecticut Attorney General**
- **Delaware Attorney General**
- **Iowa Attorney General**
- **Maryland Attorney General**
- **Minnesota Attorney General**
- **Montana Attorney General**
- **Nebraska Attorney General**
- **New Hampshire Attorney General**
- **New Jersey Attorney General**
- **Oregon Attorney General**
- **Tennessee Attorney General**
- **Texas Attorney General**
- **Virginia Attorney General**
# 20. European Union and United Kingdom Data Subject Rights
If you are a resident of the **European Union (“EU”)**, **United Kingdom (“UK”)**, **Liechtenstein**, **Norway**, or **Iceland**, you may have additional rights regarding your Personal Data under the **EU General Data Protection Regulation (“EU GDPR”)** or the **UK GDPR**.
In this section, the terms **“Personal Data”** and **“processing”** have the meanings given to them in the GDPR.
Generally, “Personal Data” means any information relating to an identified or identifiable natural person, and “processing” refers to any operation performed on such data (such as collection, use, storage, disclosure, or deletion).
**Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** is the controller of your Personal Data processed in connection with the Services.
If any part of this section conflicts with other provisions of this Privacy Policy, the portion that provides greater protection for your Personal Data shall prevail.
If you have questions about this section or whether it applies to you, please contact us at **contact@pengofriendo.com**.
If we process your Personal Data on behalf of another organization (for example, as a service provider or processor for one of our business customers), please contact that organization directly to exercise your GDPR rights.
---
## Personal Data We Collect
The **Categories of Personal Data We Collect** section above describes the categories of Personal Data we collect from you.
---
## How We Use and Process Your Personal Data
The **Our Commercial or Business Purposes for Collecting Personal Data** section above explains the purposes for which we use your Personal Data.
We process your Personal Data only when we have a **lawful basis** to do so under the GDPR or UK GDPR.
These lawful bases include **Contractual Necessity**, **Consent**, **Legal Obligation**, and **Legitimate Interests**.
In limited cases, processing may also be based on **Vital Interests** or **Public Interest**.
---
### Lawful Bases for Processing (EEA / UK)
| **Purpose of Processing** | **Examples of Personal Data** | **Lawful Basis** |
|----------------------------|-------------------------------|------------------|
| **Provide and operate the Services**, including essential AI-powered guidance features | Profile Data, AI Input & Output Data, Sensory Data (if core to a feature) | **Contractual Necessity** – required to perform the Services you request. |
| **Account creation, authentication, and user support** | Profile Data, Contact Data | **Contractual Necessity** |
| **Payments, taxes, and regulatory compliance** | Payment Data, Billing Region | **Legal Obligation** |
| **Age verification** (where legally required) | Consumer Demographic Data (date of birth, country) | **Legal Obligation** |
| **Language and demographic customization** (for example, replying in your preferred language or adjusting tone by age group) | Language, Age (if provided) | **Legitimate Interests** – to deliver responses and content appropriate to your language and context. You may object to this processing at any time by contacting us or disabling personalization features. |
| **Anonymous usage analytics and performance measurement** | Device/IP Data, Usage & Event Data | **Consent** (Art. 6(1)(a) GDPR; required under ePrivacy Directive) |
| **Responding to user inquiries and support requests** | Support Communications, Profile Data | **Legitimate Interests** – to respond to requests and improve service quality. |
| **Security, fraud prevention, and debugging** | Device/IP Data, Log Data | **Legitimate Interests** – to maintain the security and integrity of the Services. |
| **Optional AI features or enhancements** (for example, cloud vs local model selection, sticker generation) | AI Input & Output Data | **Consent** – when the feature is not essential to core functionality. |
---
### Notes on Processing
- **Language and Age Data**
Where you choose to provide language or age information, we use it to improve clarity and relevance of responses (for example, to reply in your language or adopt an age-appropriate tone).
This personalization is limited to in-app functionality and never used for advertising or profiling beyond that context.
You may disable personalization or object to this processing at any time.
- **Special-Category Data**
If you voluntarily include sensitive or “special-category” data (for example, information about your health, beliefs, or personal experiences) in your journals or self-descriptions, it is processed only to generate AI responses and not stored afterward.
By using these features, you **consent** to this limited processing. You also have to explicitly **consent** during `Onboarding` or in `Settings` to enable cloud processing of such data. Conset can be withdrawn at any time, which immediately disables Cloud AI for such content. Local AI (Ollama) remains available without transmitting data off-device.
- **Analytics Consent**
In the EEA and UK, we activate analytics SDKs only after you have given consent through our in-app privacy settings.
You can withdraw that consent at any time in **Settings › Privacy**.
- **Aggregated or De-identified Data**
We may de-identify or aggregate Personal Data for product improvement or statistical purposes. Such data can no longer identify any individual.
---
### International Processing
When transferring Personal Data outside the EEA or UK, we rely on appropriate safeguards such as the **EU Standard Contractual Clauses**, the **UK Addendum**, or other approved mechanisms described in the **International Data Transfers** section.
---
### Contractual Necessity
We process the following categories of Personal Data because it is necessary to perform our contract with you (for example, to provide the Services under our Terms of Use).
Failure to provide this data may prevent you from using certain features of the Services.
- Profile Data
- Payment Data
- Consumer Demographic Data
- Sensory Data
- Other Identifying Information You Voluntarily Provide
---
### Legitimate Interests
We process the following categories of Personal Data when it furthers the legitimate interests of **Pengo Friendo** or a third party:
- Profile Data
- Device/IP Data
- Web Analytics
- Geolocation Data
Our legitimate interests include, as described in more detail above:
- Providing, customizing, and improving the Services;
- Performing research, and product development (including analytics only after opt-in consent);
- Offering customer and technical support;
- Marketing the Services (including use of Tracking Tools, where permitted);
- Corresponding with you and responding to inquiries;
- Meeting legal obligations and enforcing terms;
- Completing corporate transactions; and
- Maintaining information, system, and network security.
We may also de-identify or anonymize Personal Data when pursuing these legitimate interests.
---
### Consent
In some cases, we process your Personal Data based on your explicit consent, which we will request at the time of collection.
For example, this may apply when enabling AI-powered features or analytics.
To withdraw consent for Tracking Tools, you can navigate to your device settings:
- **Desktop:** `Settings > Tracking` -> toggle off permission for Tracking
- **iOS:** `Settings > Privacy & Security > Tracking` → toggle off permission for the Pengo Friendo app.
- **Android:** `Settings > Privacy > Ads` → limit or reset ad tracking.
You may also withdraw consent at any time by contacting us at **contact@pengofriendo.com**.
---
### Other Processing Grounds
We may also process Personal Data when necessary to:
- Comply with a legal obligation;
- Protect the vital interests of you or another person; or
- Carry out a task in the public interest.
---
## Disclosing Personal Data
Please refer to the **How We Disclose Your Personal Data** section above for details on how we share information with our service providers, business partners, and other recipients, as well as the safeguards we apply to such disclosures.
# 21. EU, UK, and Swiss Data Subject Rights
If you are located in the **European Union**, **United Kingdom**, **Liechtenstein**, **Norway**, **Iceland**, or **Switzerland**, you have certain rights regarding your Personal Data under applicable data protection laws, including the **EU GDPR**, **UK GDPR**, and **Swiss Federal Data Protection Act**.
For more information about these rights—or to submit a request—please contact us at **contact@pengofriendo.com**.
Please note that in certain cases we may not be able to fully comply with your request (for example, if doing so would be frivolous, manifestly unfounded, excessively repetitive, jeopardize the rights of others, or is not required by law).
In such cases, we will explain the reason for our decision.
We may also need to request additional information—including limited Personal Data—to verify your identity and the nature of your request.
---
## Your Rights
### Access
You may request confirmation of whether we process your Personal Data and, if so, obtain a copy of that data.
You can also access certain Personal Data directly by logging into your account.
### Rectification
If you believe that any Personal Data we hold about you is inaccurate or incomplete, you can request that we correct or update it.
You can also edit some information directly within your account settings.
### Erasure (“Right to be Forgotten”)
You may request that we delete some or all of your Personal Data from our systems, subject to certain legal exceptions (for example, if retention is required to meet legal obligations).
### Withdrawal of Consent
Where processing is based on your consent (as indicated at the time of collection), you have the right to withdraw that consent at any time.
Please note that withdrawal may affect your ability to use certain features that rely on that consent. You may later re-consent if you wish to reactivate those features.
Cloud AI Consent: You may withdraw your explicit consent for Cloud AI processing of special-category Personal Data at any time in Settings → Privacy by turning off “Use Cloud AI.” Once withdrawn, no further text will be transmitted to the cloud.
### Portability
You may request a copy of your Personal Data in a structured, commonly used, and machine-readable format and, where technically feasible, request that we transmit it directly to another controller.
### Objection
You may object to our processing of your Personal Data where we rely on legitimate interests as the legal basis, including for direct marketing.
If you object to processing for direct marketing, we will stop such processing immediately.
### Restriction of Processing
You may request that we restrict further processing of your Personal Data in certain situations (for example, while we verify the accuracy of the data or handle an objection).
### Right to File a Complaint
You have the right to lodge a complaint about **Pengo Friendo’s** data-processing practices with your local data protection authority.
- A list of EU and EEA supervisory authorities is available here: [https://edpb.europa.eu/about-edpb/board/members_en](https://edpb.europa.eu/about-edpb/board/members_en)
- For UK residents, please contact the **Information Commissioner’s Office (ICO)** at [https://ico.org.uk/](https://ico.org.uk/)
- For Swiss residents, contact the **Federal Data Protection and Information Commissioner (FDPIC)** at [https://www.edoeb.admin.ch/](https://www.edoeb.admin.ch/)
# 22. Transfers of Personal Data
The Services are hosted and operated primarily in the **United States (“U.S.”)** through **Pengo Friendo** and its service providers.
If you access the Services from outside the U.S., please note that the data protection laws in the U.S. may differ from those in your country of residence.
By using the Services, you acknowledge and agree that any Personal Data about you—whether provided directly by you or obtained from third parties—may be transferred to, stored, and processed by **Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** and our service providers in the United States and other countries where we or our vendors operate.
We implement appropriate safeguards to ensure that such transfers comply with applicable data protection laws, including the **EU General Data Protection Regulation (GDPR)** and the **UK GDPR**.
Where required, these safeguards include the use of:
- **European Commission Standard Contractual Clauses (“SCCs”)** for transfers of Personal Data from the EEA to countries not deemed to provide adequate protection; and
- **UK Addendum to the SCCs**, where applicable for UK transfers.
Certain of our third-party service providers (such as **OpenAI**, **Unity Technologies**, or **Google LLC**) may also rely on their own **Data Privacy Framework (DPF)** certifications or equivalent transfer mechanisms to ensure an adequate level of protection for cross-border data processing.
By continuing to use our Services, you authorize the transfer, storage, and processing of your Personal Data to and within the United States and any other jurisdiction where our service providers maintain operations, consistent with this Privacy Policy and applicable law.
# 23. International Data Transfers and Data Privacy Framework(s)
The Services are hosted and operated primarily in the **United States (“U.S.”)** through **Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** and its service providers.
If you access the Services from outside the U.S., please be aware that the data protection laws in the U.S. may differ from those in your country of residence.
By using the Services, you acknowledge and agree that any Personal Data about you—whether provided directly by you or obtained from third parties—may be transferred to, stored, and processed by **Pengo Friendo** and our service providers in the United States and other jurisdictions where we or our vendors operate.
Such transfers are necessary to provide the Services, operate core infrastructure, and deliver AI-powered features and analytics functionality.
We take steps to ensure that such transfers comply with applicable data protection laws, including the **EU General Data Protection Regulation (GDPR)** and the **UK GDPR**.
Where required, these safeguards include:
- The **European Commission’s Standard Contractual Clauses (“SCCs”)** for transfers from the EEA to non-adequate countries;
- The **UK Addendum to the SCCs** for transfers from the United Kingdom; and
- **Supplementary technical and organizational measures** (such as encryption and access controls) to protect transferred Personal Data.
Some of our service providers (for example, **OpenAI**, **Unity Technologies**, and **Google LLC**) may rely on their own **Data Privacy Framework (DPF)** certifications or other approved transfer mechanisms to ensure adequate protection for cross-border data transfers.
We use service providers based in the United States, including **OpenAI, Inc.** and **Unity Technologies**, to operate certain features of the Services.
- **OpenAI, Inc.** – Personal Data processed through our cloud-based AI features is transferred to OpenAI under the **EU Standard Contractual Clauses (2021/914/EU)** and covered by OpenAI’s certification under the **EU–U.S. Data Privacy Framework**.
We have executed a Data Processing Agreement with OpenAI that incorporates these safeguards.
- **Unity Technologies** – Analytics and cloud services may involve transfers to the United States.
Unity’s **Data Processing Agreement** (available at [https://unity.com/legal/dpa](https://unity.com/legal/dpa)) and its included **Standard Contractual Clauses** apply automatically when using Unity Services, providing adequate safeguards for cross-border transfers.
Unity implements encryption, access controls, and regional data centers to protect transferred data.
All such transfers are supported by appropriate **technical and organizational measures**, including encryption in transit and at rest, strict access control, and data minimization, consistent with our **Transfer Impact Assessments**.
At this time, **Pengo Friendo** is **not self-certified** under the Data Privacy Framework.
# 24. Changes to This Privacy Policy
We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other operational reasons.
If we make material changes, we will notify you in advance by:
- Posting a notice within the **Pengo Friendo** app or on our website;
- Sending you an email notification (if you have provided your email address); or
- Using another appropriate communication method required by applicable law.
Please note that if you have opted not to receive legal or service-related emails from us (or have not provided an email address), you are still responsible for reviewing updates posted within the Services or on our website, as those notices will govern your continued use of the Services.
Your continued use of the Services after the updated Privacy Policy becomes effective constitutes your acceptance of the revised terms.
The use of information we collect is governed by the Privacy Policy in effect at the time that information is collected.
# 25. Contact Information
If you have any questions, concerns, or comments about this Privacy Policy, how we collect and use your Personal Data, or your choices and rights regarding such collection and use, please contact us at:
**Controller:**
**Martin Staehler, Einzelunternehmer (“Pengo Friendo”)**
**Business Address:** Lechallee 31, 86399 Bobingen, Germany
**Website:** [https://pengofriendo.com](https://pengofriendo.com)
**Email:** [contact@pengofriendo.com](mailto:contact@pengofriendo.com)
At this time, **Pengo Friendo** has not appointed an EU or UK representative, as the controller is established within the European Union and the GDPR applies directly.
If required in the future (for example, if our operations expand into the UK market), we will update this section accordingly.
# -------------------- Terms of Use ---------------------------
################################################################
**Last Updated:** 13.12.2025
These Terms of Use (“**Terms**”) govern your access to and use of the **Pengo Friendo** applications, websites, and related services (collectively, the “**Services**”) operated by **Martin Staehler, Einzelunternehmer (“Pengo Friendo,” “we,” “us,” or “our”)**.
By accessing or using the Services, you agree to be bound by these Terms.
If you do not agree to these Terms, you may not use the Services.
---
## 1. Eligibility
You must be at least **16 years old** (or the minimum age of digital consent in your jurisdiction, if higher) to use the Services.
By using the Services, you represent and warrant that:
- You meet the applicable age requirements; and
- You have the legal capacity to enter into these Terms.
The Services are **not intended for children under 16**, and we do not knowingly permit their use.
---
## 2. The Services
### 2.1 Description
Pengo Friendo provides tools for productivity, reflection, journaling, and **AI-powered guidance**, including feedback, summaries, rewards, or distraction interventions, delivered during the normal course of using the Services.
AI-powered guidance is a **core feature** of the Services.
### 2.2 No Medical, Legal, or Professional Advice
The Services are provided for **informational, organizational, and self-reflection purposes only**.
Pengo Friendo does **not** provide:
- Medical, psychological, psychiatric, or therapeutic advice;
- Legal advice; or
- Professional counseling or diagnosis.
You should not rely on the Services as a substitute for professional advice.
If you are experiencing a medical or mental health emergency, seek help from a qualified professional or emergency services immediately.
---
## 3. User Accounts
You may be required to create an account to access certain features.
You are responsible for:
- Maintaining the confidentiality of your login credentials;
- All activity that occurs under your account; and
- Ensuring that information you provide is accurate and up to date.
You must notify us promptly of any unauthorized use of your account.
---
## 4. AI-Powered Features
### 4.1 AI Processing
The Services use AI models to generate guidance and responses.
AI output is generated automatically and may be incomplete, inaccurate, or inappropriate in some cases.
You acknowledge and agree that:
- AI-generated content is provided **“as is”** and may contain errors;
- You remain responsible for how you interpret and act on AI-generated output; and
- You should independently verify information before relying on AI-generated content.
### 4.2 User-Controlled Context
When using AI features, you may **optionally choose** to provide additional context—such as journal entries, tasks, or self-descriptions—to receive more personalized responses.
You control:
- Whether such content is included; and
- Whether AI processing occurs locally on your device or via a cloud-based provider (where available).
---
## 5. Local and Cloud AI Options
### 5.1 Local AI (Ollama)
If you enable local AI processing:
- AI inference runs on your device using your locally installed Ollama service;
- Pengo Friendo does not access or receive AI input or output; and
- You are responsible for installing, maintaining, and securing your local environment.
### 5.2 Cloud AI
If you enable cloud-based AI processing:
- Selected content may be transmitted to a third-party AI provider solely to generate the requested response;
- Processing is subject to your consent and our Privacy Policy; and
- Cloud AI features may be unavailable if consent is not provided.
---
## 6. User Content
### 6.1 Ownership
You retain ownership of all content you create, upload, or store using the Services (“**User Content**”).
By using the Services, you grant Pengo Friendo a **limited, non-exclusive, non-transferable license** to process your User Content solely for the purpose of providing and operating the Services, in accordance with these Terms and our Privacy Policy.
### 6.2 Responsibility for Content
You are solely responsible for your User Content and represent that you have all necessary rights to submit it.
You agree not to submit content that:
- Violates applicable law;
- Infringes the rights of others; or
- Constitutes **Prohibited Data**, as defined in our Privacy Policy.
---
## 7. Prohibited Uses
You agree not to:
- Use the Services for unlawful purposes;
- Reverse engineer, decompile, or attempt to extract source code from the Services;
- Interfere with or disrupt the Services or servers;
- Use the Services to generate or transmit malicious, abusive, or harmful content;
- Attempt to bypass security, consent, or access controls; or
- Misrepresent AI-generated output as human-generated or professionally verified advice.
---
## 8. Data Storage and Synchronization
You may store content locally on your device or choose to enable cross-device synchronization.
If synchronization is enabled:
- Your content is stored in encrypted form on our servers;
- Access is governed by our Privacy Policy; and
- You may disable synchronization at any time.
---
## 9. Intellectual Property
The Services, including software, design, trademarks, logos, and underlying technology, are owned by or licensed to Pengo Friendo and are protected by applicable intellectual property laws.
Except as expressly permitted, you may not copy, modify, distribute, or create derivative works from the Services.
---
## 10. Termination
We may suspend or terminate your access to the Services if you:
- Violate these Terms;
- Misuse the Services; or
- Use the Services in a way that exposes us or others to legal risk.
You may stop using the Services at any time.
Termination does not affect rights or obligations that should reasonably survive termination.
---
## 11. Disclaimer of Warranties
THE SERVICES ARE PROVIDED **“AS IS”** AND **“AS AVAILABLE.”**
TO THE MAXIMUM EXTENT PERMITTED BY LAW, PENGO FRIENDO DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
WE DO NOT WARRANT THAT:
- THE SERVICES WILL BE ERROR-FREE OR UNINTERRUPTED; OR
- AI-GENERATED OUTPUT WILL BE ACCURATE OR RELIABLE.
---
## 12. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, PENGO FRIENDO SHALL NOT BE LIABLE FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR SPECIAL DAMAGES, INCLUDING LOSS OF DATA, PROFITS, OR USE.
IN NO EVENT SHALL OUR TOTAL LIABILITY EXCEED THE AMOUNT YOU PAID TO USE THE SERVICES IN THE **12 MONTHS** PRECEDING THE CLAIM (OR €50, IF NO FEES WERE PAID).
Nothing in these Terms limits liability that cannot be excluded under applicable law.
---
## 13. Indemnification
You agree to indemnify and hold harmless Pengo Friendo from any claims, damages, losses, or expenses arising from:
- Your use of the Services;
- Your User Content; or
- Your violation of these Terms or applicable law.
---
## 14. Governing Law and Jurisdiction
These Terms are governed by the laws of the **Federal Republic of Germany**, without regard to conflict-of-law principles.
If you are a consumer residing in the EU, you may also benefit from mandatory consumer protection laws of your country of residence.
Any disputes shall be subject to the jurisdiction of the courts in **Germany**, unless otherwise required by law.
---
## 15. Changes to the Terms
We may update these Terms from time to time.
Material changes will be communicated through the Services or by other appropriate means.
Continued use of the Services after changes become effective constitutes acceptance of the updated Terms.
---
## 16. Contact Information
**Pengo Friendo**
Martin Staehler, Einzelunternehmer
Lechallee 31
86399 Bobingen
Germany
📧 **contact@pengofriendo.com**
🌐 **https://pengofriendo.com**
##############################################################
# ------------------ Privacy Policy --------------------------
##############################################################
# 1. What this Privacy Policy Covers
This Privacy Policy explains how we treat Personal Data that we gather when you access or use the Services. “Personal Data” means any information that identifies or relates to an identifiable individual and includes information referred to as “personal information” or “personally identifiable information” under applicable privacy laws.
This Privacy Policy applies to our processing of Personal Data in connection with the Pengo Friendo applications, websites, and related services (collectively, the “Services”).
It does not cover the practices of companies we do not control or people we do not manage.
---
# 2. Personal Data
## Categories of Personal Data We Collect
This chart details the categories of Personal Data that we collect and have collected over the past 12 months:
| **Category of Personal Data (and Examples)** | **Business or Commercial Purpose(s) for Collection / Processing** | **Categories of Third Parties With Whom We Disclose this Personal Data** |
|----------------------------------------------|------------------------------------------------------------------|-------------------------------------------------------------------------|
| **Profile Data** – name, email address, account identifiers (when you create an account or contact us). | Provide, customize, and operate the Services; manage user accounts; correspond with you. | Hosting providers; service providers. |
| **Consumer Demographic Data** – age or date of birth (if provided). | Verify age where required by law; enable age-appropriate features and settings. | None, except where required by law or processed by service providers acting on our behalf. |
| **Payment Data** – transaction records from Apple App Store or Steamworks (including product ID, purchase amount, and billing region). We do not store payment card numbers. | Fulfil purchases; provide customer support; comply with tax, accounting, and legal obligations. | Apple Inc.; Valve Corporation (Steamworks); tax authorities where required. |
| **Device / IP Data** – IP address, device identifier, device type, operating system, app version, language, and region. | Provide, secure, and operate the Services; prevent fraud and abuse; perform analytics **only after you have given consent**. | Unity Technologies (Unity Analytics); Google LLC (Google Analytics). |
| **Usage & Event Analytics** – session timestamps, feature usage, crash reports, and referral information. | Debugging, performance measurement, and product improvement **only after you have given consent**. | Analytics service providers (Unity Technologies; Google LLC). |
| **Sensory Data** – images or other media you upload within the app (no audio recordings at present). | Provide and improve user-requested features within the Services. | Hosting and infrastructure providers. |
| **Synced Data / User Content** – journal entries, daily tasks, or self-descriptions that you choose to synchronize across devices. | Provide user-controlled cross-device synchronization and continuity of the Services. | Unity Technologies (cloud services); hosting and infrastructure providers. |
| **AI Input & Output Data** – text you provide for AI-assisted features, including your name, journal entries, daily tasks, and self-descriptions. | Provide AI-powered guidance and tailored intervention messages as part of the core functionality of the Services. | **Cloud AI (optional):** **OpenAI OpCo, LLC (USA)** acting as a processor under the **EU Standard Contractual Clauses (SCCs)**. Prompts and outputs may be retained by OpenAI for up to **30 days** solely for abuse and misuse monitoring and are **not used for model training**. <br><br> **Local AI:** When **Local AI (Ollama)** is selected, processing occurs exclusively on the user’s device via requests to the user’s own **Ollama service on `localhost`**. We do **not** receive, access, or transmit this data, and no third party processes it. |
| **Support Communications** – emails or messages you send to us. | Respond to inquiries, provide technical support, and resolve issues. | Support service providers acting on our behalf. |
---
## Categories of Sources of Personal Data
We collect Personal Data about you from the following categories of sources:
### 1. Directly from You
We collect information that you provide directly to us, including when you:
- Create an account or use our applications and Services.
- Enter information in free-form text fields (for example, journals, self-descriptions, daily tasks, or survey responses).
- Switch between application categories such as *leisure* or *work*.
- Contact us by email or other means for support or feedback.
- Choose to synchronize your data across devices through the Services (“Synced Data,” such as journals or self-descriptions).
- Upload or share content within the app (such as images, notes, or other media).
The core functionality of **Pengo Friendo** relies on **AI-powered guidance** that generates contextual interventions and responses requested by the user.
When using these AI features, the user may **optionally choose to append additional context**—such as self-descriptions, daily tasks, or journal entries—to an individual AI guidance request in order to receive more personalized or relevant responses.
The AI processing required to generate the requested guidance is **necessary to perform our contract with you** and provide the Services you request.
The inclusion of additional contextual content is **entirely user-controlled** and limited to the specific data that the user chooses to submit for that request.
We do not intentionally request or infer sensitive (“special-category”) Personal Data. However, because users may voluntarily include such information in free-form text, this content may be processed as part of an AI guidance request.
- AI processing itself is **transient** and limited to generating the requested response.
- User content is stored **only if you choose to save it locally or enable synchronization**.
- If synchronization is enabled, journal content is stored on our servers in **end-to-end encrypted form**, and we cannot access the plaintext content.
Optional Cloud AI features involve transmitting selected AI input to our AI service provider and require your **explicit consent**, as described below. You may withdraw this consent at any time in **Settings**. Withdrawal does not affect prior lawful processing and disables cloud-based AI processing going forward.
You can choose how AI processing occurs:
#### Local AI (Ollama)
- AI inference takes place entirely on your device using your locally installed **Ollama service**, which receives requests from the app via local HTTP requests to a service running on `localhost`.
- **Pengo Friendo does not access, monitor, log, or receive** AI input or output processed locally.
- You are responsible for installing and maintaining Ollama and for the security of your local environment.
- If Ollama is not installed or becomes unavailable, local AI processing cannot function.
When Local AI is enabled, AI input and output data remain solely on your device and under your control.
#### Cloud AI (OpenAI)
- If you explicitly enable Cloud AI, selected AI input is transmitted securely to **OpenAI OpCo, LLC (USA)** for model inference.
- OpenAI processes this data as a processor under the **EU Standard Contractual Clauses (SCCs)**.
- Prompts and outputs may be retained by OpenAI for up to **30 days** solely for abuse and misuse monitoring and are **not used for model training**.
- Because AI input may include special-category Personal Data, Cloud AI processing occurs only with your **explicit consent** under **Article 9(2)(a) GDPR**.
- You may withdraw this consent at any time in **Settings**, which immediately disables cloud-based AI processing.
If neither Local AI is available nor Cloud AI consent is provided, AI-powered guidance features cannot operate and parts of the Services may be unavailable.
---
### 2. Automatically from Your Device or Browser
When you use the Services, we may collect certain data through software development kits (SDKs), cookies, or similar technologies — but any analytics or non-essential tracking occurs only after you have provided explicit opt-in consent. Data collected through software development kits (SDKs), cookies, or similar technologies, including:
- **Device and IP data** (such as device ID, OS, language, and region).
- **Usage and event analytics** (such as session timestamps, crash reports, or feature interactions).
- **Referral and attribution information** (such as how you found our app).
These data help us operate, secure, and improve our Services.
Our analytics providers include **Unity Technologies (Unity Analytics)** and **Google LLC (Google Analytics)**.
---
### 3. From Third Parties
We receive limited Personal Data from third-party sources, including:
- **Payment Platforms** – Apple App Store and Steamworks provide transaction records (product ID, billing region, purchase amount). We do not store full payment card numbers.
- **Analytics and AI Vendors** – OpenAI (for Cloud AI features), Unity Technologies, and Google LLC provide aggregated analytics and model outputs to improve Services.
## Our Commercial or Business Purposes for Collecting Personal Data
We collect and process Personal Data solely for the purposes described below and only to the extent necessary to operate and provide the Services, in accordance with applicable data protection laws, including the GDPR, UK GDPR, and applicable U.S. state privacy laws.
| **Purpose of Processing** | **Example Activities** |
|---------------------------|-------------------------|
| **Providing and Operating the Services** | Operating, maintaining, and securing the Services; creating and managing user accounts; enabling core app functionality; processing purchases; preventing fraud and abuse; debugging and ensuring system reliability. |
| **Providing AI-Powered Guidance** | Generating user-requested guidance, feedback, summaries, or interventions using AI models. Users may optionally choose to append additional context (such as journal entries, tasks, or self-descriptions) to individual AI guidance requests. AI processing may occur locally on the user’s device (via Ollama) or, if explicitly enabled by the user, through a cloud-based provider (such as OpenAI). |
| **Service Analytics and Performance Measurement** | Measuring usage patterns, diagnosing errors, and improving performance and stability using analytics tools, subject to applicable consent requirements. Analytics data is not used for third-party advertising. |
| **User-Controlled Cross-Device Synchronization** | Synchronizing journals, self-descriptions, or related user content across devices through Unity Cloud, where explicitly enabled by the user. |
| **Service Communications and Self-Promotion** | Communicating with users about service-related matters, feature updates, changes to the Services, pricing, and optional premium features related to Pengo Friendo. These communications are first-party only and do not involve behavioral profiling. |
| **User Support and Correspondence** | Responding to user inquiries, support requests, and feedback, and providing assistance related to use of the Services. |
| **Legal Compliance and Enforcement** | Complying with applicable legal and regulatory obligations; responding to lawful requests; protecting our rights, users, and systems; and enforcing our Terms of Use or resolving disputes. |
We do **not** use **journal content, AI inputs, or AI outputs** for advertising, marketing, or behavioral profiling.
We do **not** use Personal Data for purposes that are materially unrelated to the operation of the Services without providing notice and, where required by law, obtaining consent.
## AI Processing and Special-Category Data
Certain features of the Services provide **AI-powered guidance, feedback, summaries, rewards, or distraction interventions** during the normal course of using the Services, including in response to user actions, app state, or lifecycle events.
When requesting AI guidance, users may **optionally choose to include additional contextual content**—such as journal entries, self-descriptions, or task-related reflections—to receive more personalized responses.
Because this user-supplied content may reveal **special-category Personal Data** (such as information about emotional state, mental well-being, beliefs, or personal experiences), the processing of such content occurs **only when the user explicitly chooses to include it** and only for the specific purpose of generating the requested AI response.
If a user does not choose to append such content, it is **not processed by AI**.
You may choose between the following AI processing options at any time:
### 1. Local Processing (Ollama)
If you enable local processing:
- AI inference occurs **entirely on your device** using your locally installed Ollama service.
- AI input and output data are **not transmitted to us or to any third party**.
- We do **not** receive, store, or have access to content processed locally, and we have no visibility into such processing.
Local processing allows you to use AI features without transmitting your content off your device.
### 2. Cloud Processing (OpenAI API)
If you enable cloud processing, and choose to append contextual content to an AI guidance request, that content is transmitted securely to **OpenAI OpCo, LLC (USA)** **solely to generate the requested response**.
Under the GDPR:
- AI response generation is processed under **Article 6(1)(b)** (performance of a contract); and
- Where the appended content includes special-category Personal Data, processing occurs under **Article 9(2)(a)** (explicit consent).
When cloud processing is enabled:
- Processing is limited strictly to the specific guidance request and the content you choose to include.
- We do **not** use AI input or output data for advertising, profiling, analytics, or model training.
- We do **not** retain AI prompts or outputs beyond what is necessary to deliver the response, except where such content forms part of a journal entry you have chosen to save or synchronize.
OpenAI may retain prompts and outputs for up to **30 days** solely for abuse and misuse monitoring and does **not** use this data for model training.
### Disabling AI Processing
If you withdraw consent to include contextual content or disable cloud processing, that content will no longer be processed by AI, and cloud-based AI processing will cease for future requests.
---
We will not collect additional categories of Personal Data or use your data for materially different, unrelated, or incompatible purposes without providing notice and, where required by law, obtaining your consent.
---
## 3. Prohibited Data
As described in our Terms of Use, you represent, warrant, and agree that you will not submit, upload, or otherwise make available to our servers or third-party service providers any content or data that includes **Prohibited Data**, except where explicitly permitted by this Privacy Policy.
This restriction applies to **unencrypted or plaintext data transmitted off your device**.
Content processed exclusively through **Local AI (Ollama)** and data stored locally on your device are not transmitted to our servers and are not subject to this restriction.
We reserve the right to disable or restrict features that allow data transmission to our servers if this restriction is violated. Repeated or serious violations may result in suspension or termination of access to the Services.
### Definition of Prohibited Data
**“Prohibited Data”** includes any of the following:
- **Protected health information (PHI)** regulated under healthcare privacy laws (such as HIPAA), including medical records, clinical diagnoses, treatment details, or health insurance information.
- **Government-issued identification numbers or documents** (for example, Social Security numbers, driver’s license numbers, or passport details).
- **Full financial account or payment card information** (such as credit or debit card numbers or bank account numbers).
- **Personal Data of children under 13 years of age**, or of any individual below the applicable minimum age of digital consent.
In addition, Prohibited Data includes any information that:
- Constitutes **criminal conviction or offense data**; or
- Is submitted **without valid authorization or consent** from the relevant data subject.
### Special-Category Personal Data
Certain features of the Services allow users to voluntarily submit free-form text that may include **special-category Personal Data** (such as information about emotional state, mental well-being, beliefs, or personal experiences).
This does **not** include regulated medical or clinical records, which remain **Prohibited Data**.
- AI-powered guidance is provided as part of the core functionality of the Services under **Article 6(1)(b) GDPR** (performance of a contract).
- Where user-supplied content includes special-category Personal Data, such content is processed **only if the user explicitly chooses to include it** and only with the user’s **explicit consent** under **Article 9(2)(a) GDPR**.
- If explicit consent is not provided or is withdrawn, special-category content is not processed by AI, and cloud-based AI processing for such content is disabled.
Special-category Personal Data processed through AI features is:
- Used **solely to generate the requested AI response**;
- **Not** used for advertising, profiling, analytics, or model training; and
- **Not retained** by us beyond what is necessary to deliver the response or store content that the user has explicitly chosen to save or synchronize.
---
## 4. How We Disclose Your Personal Data
We disclose Personal Data only to the categories of service providers and other parties described in this section and only to the extent necessary to operate and provide the Services.
Depending on applicable U.S. state privacy laws, some of these disclosures may be considered a “sale” or “sharing” of Personal Data as those terms are legally defined. For more information and available choices, please see the **U.S. State Privacy Rights** section below.
---
## Service Providers
We engage trusted third-party service providers to help us operate, maintain, and improve the Services and to perform business functions on our behalf. These providers process Personal Data only in accordance with our instructions and for the purposes described in this Privacy Policy.
Categories of service providers include:
- **Hosting and infrastructure providers** (such as Unity Cloud Services).
- **Analytics and performance measurement providers** (such as Unity Technologies and Google LLC), used solely to understand service usage, diagnose issues, and improve performance. These providers act as service providers and are not authorized to use data for their own advertising or marketing purposes.
- **AI service providers** (such as OpenAI) that process user-submitted text solely to generate requested AI responses.
- **Payment processors and platform providers** (such as Apple Inc. and Valve Corporation) that process transactions in accordance with their own privacy policies.
We require service providers to implement appropriate safeguards and to process Personal Data only for the business purposes specified by us.
---
## Advertising and Marketing
The Services may include **first-party promotional messages** about Pengo Friendo, such as information about features, updates, pricing, or optional premium offerings.
We do **not**:
- Display third-party advertisements;
- Share Personal Data with advertising networks or data brokers; or
- Use Personal Data for cross-context behavioral advertising or third-party marketing.
**Journal content, AI inputs, and AI outputs are never used for advertising or marketing purposes.**
Any promotional communications are limited to first-party messaging and do not involve profiling based on journal content or AI-generated insights.
---
## Parties You Authorize, Access, or Authenticate
We may share your Personal Data with third parties or individuals when you explicitly authorize or direct us to do so. This may include:
- **Third-party backup or synchronization services** that you choose to connect with your account (for example, Apple iCloud, Dropbox, Google Drive, Box, or OneDrive).
- **Other users or individuals** with whom you share content (for example, when you create or send links to shared journals or notes).
You control whether to enable these sharing options, and we will only transmit data to such parties at your direction.
---
## Legal and Business Disclosures
We may also disclose Personal Data:
- To comply with applicable laws, regulations, or lawful requests by public authorities.
- To protect our rights, property, or safety, or that of our users or others.
- In connection with a merger, acquisition, or other business transfer involving **Martin Staehler, Einzelunternehmer** (you will be notified of any material changes).
We may also create and share **aggregated or de-identified data** for statistical or analytical purposes that no longer identify any individual.
# 5. Business Transfers
All of your Personal Data that we collect may be transferred to a third party in connection with a merger, acquisition, reorganization, bankruptcy, or other transaction in which that third party assumes control of all or part of our business or assets.
Should such an event occur, we will make reasonable efforts to notify you—through the Services, by email, or via our website—before your Personal Data becomes subject to a different privacy policy or data-handling practices.
# 6. Data That Is Not Personal Data
We may create aggregated, de-identified, or anonymized data derived from the Personal Data we collect by removing information that identifies, relates to, or could reasonably be linked to a particular individual.
We may use and disclose such aggregated, de-identified, or anonymized data for any lawful business purpose, including analyzing and improving the Services, developing new features, and promoting our business.
We will not disclose this type of data in a manner that could reasonably be used to identify you.
# 7. Tracking Tools, Advertising, and Opt-Out
The Services use tracking technologies such as SDKs, pixel tags, cookies, web beacons, clear GIFs, and JavaScript (collectively, “Tracking Tools”) to help us operate, improve, and personalize your experience. Tracking Tools enable our servers to recognize you, measure how and when you use our Services, analyze trends, and optimize performance.
Tracking Tools are small data files—usually text files—placed on your computer, tablet, phone, or similar device when you use that device to access our Services. We may also supplement information collected through our own Tracking Tools with information provided by third parties that place their own Tracking Tools on your device(s).
Because of how Tracking Tools operate, our Services do not currently respond to “Do Not Track” (DNT) browser signals, though we respect Global Privacy Control (GPC) signals where legally required.
When you first open the app, we ask for your consent to certain data processing activities. Analytics and performance tracking begin only after you provide that consent.
---
## Types of Tracking Tools We Use
### Essential Tracking Tools
These are necessary to provide core functionality, such as authentication, security, and enabling access to secure areas of the Services. Disabling these tools may prevent parts of the Services from functioning properly.
### Functional Tracking Tools
These remember your preferences and settings (such as language, region, and login information) and help personalize your experience when you return to the Services.
### Performance and Analytical Tracking Tools
These tools help us understand how users interact with our Services by collecting metrics such as visit frequency, pages viewed, and session duration. They also assist in measuring and improving the performance of our content and marketing campaigns.
Our analytics providers include:
- **Unity Technologies** – We use Unity Analytics to collect aggregated usage and event data.
Unity may process device identifiers, IP addresses, and gameplay events in accordance with its own privacy policy, available at:
[Unity Privacy Policy for Game Players and App Users](https://unity.com/legal/game-player-and-app-user-privacy-policy)
- **Google LLC (Google Analytics)**
Google’s use of data collected through its services is governed by the [Google Analytics Terms of Use](https://marketingplatform.google.com/about/analytics/terms/us/) and [Google Privacy Policy](https://policies.google.com/privacy).
You may opt out of Google Analytics by installing the [Google Analytics Opt-Out Browser Add-on](https://tools.google.com/dlpage/gaoptout) or visiting [www.google.com/privacy_ads.html](https://www.google.com/privacy_ads.html).
---
## Your Choices and Controls
You can switch between local (Ollama) and cloud (OpenAI) AI modes in the app settings.
Selecting local mode ensures that all AI processing stays on your device.
Local mode requires the installation of Ollama.
When you first open the app, we ask for your consent to certain data processing activities.
- **Essential Processing** – Required to provide the Services, including AI-powered features. You cannot use the core functionality without this processing.
- **Anonymous Usage Analytics** – Optional. You may choose to allow or refuse collection of anonymous usage data (for example, through Unity Analytics or Google Analytics).
Your choices are presented as checkboxes when you first start the app.
You can change or withdraw your consent for analytics at any time by visiting **Settings › Tracking** in the app.
We record your consent preferences (date, version, and selections) to demonstrate compliance with applicable privacy laws.
You can manage your Tracking Tool preferences in several ways:
- On **Desktop**, navigate to `Settings > Tracking` and toggle permissions for the Pengo Friendo application.
- On **iOS**, navigate to `Settings > Privacy & Security > Tracking` and toggle permissions for the Pengo Friendo application.
- On **Android**, use `Settings > Privacy > Ads` to reset or limit ad tracking.
You may also visit:
- [www.allaboutcookies.org](https://www.allaboutcookies.org) for general cookie management; or
- [https://ico.org.uk/for-the-public/online/cookies/](https://ico.org.uk/for-the-public/online/cookies/) if you are located in the European Union or United Kingdom.
Please note that disabling or deleting Tracking Tools may affect functionality or personalization features within the Services.
We never initialize analytics SDKs or collect non-essential data until you have expressly opted in through the consent dialog or privacy settings.
# 8. Targeted Advertising
We do **not** use your Personal Data for third-party or interest-based advertising, and we do not share any information with external advertising networks.
You may occasionally see **non-personalized in-app messages or banners** that promote new features, updates, or premium options within Pengo Friendo.
These communications are shown only by us, based on your use of the app, and never involve sharing data with advertisers or other third parties.
# 9. Data Storage
When you use our Services on your local device—such as through the downloadable Pengo Friendo applications—certain data (for example, your journals, notes, or self-descriptions) will be stored locally on your device.
You may choose to keep your data stored locally and not enable synchronization. Data stored locally remains accessible only to you, and we do not have access to or visibility into that data.
If you choose to enable synchronization or cloud-based features, the data you select to sync (“Synced Data”) will be replicated on secure servers operated by our hosting providers, including Unity Technologies (Unity Cloud Services) and other data centers located in the European Union or the United States.
By using synchronization or other cloud-connected features, you acknowledge that your Personal Data may be transmitted to, processed, and stored on servers outside your country of residence, including the United States, subject to appropriate safeguards as described in the **International Data Transfers** section below.
When using the Cloud AI option, your text is transmitted securely to OpenAI and processed transiently to generate a response. Copies are retained by OpenAI for up to 30 days solely for abuse and misuse monitoring before being automatically deleted. These retained copies are not used for model training or improvement.
When using Local AI (Ollama), your text is processed by the Ollama service running on your own device via local requests to localhost. We do not receive or access this data. To our knowledge, Ollama performs inference locally and does not transmit your content externally, though we do not operate or control that software.
# 10. Data Security and Retention
We seek to protect your Personal Data from unauthorized access, use, and disclosure through appropriate technical, organizational, administrative, and physical safeguards, taking into account the nature of the data and the risks associated with its processing.
Your Synced Journal Data is encrypted in transit and at rest when stored on our servers. No one at **Martin Staehler, Einzelunternehmer (Pengo Friendo)** can view your Synced Journal Data unless you expressly authorize access or it is necessary to comply with this Privacy Policy, our Terms of Use, or applicable legal obligations.
You also play an important role in safeguarding your data. Please help protect your account by:
- Choosing strong and unique passwords or authentication methods;
- Limiting access to your devices and browsers; and
- Signing out after using shared or public devices.
Although we work diligently to secure your Personal Data, please note that no method of data transmission or storage is completely secure, and we cannot guarantee absolute security.
---
## Data Retention
We retain Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including:
- Providing and maintaining your account and the Services;
- Meeting our business, legal, or compliance obligations; and
- Resolving disputes or enforcing our agreements.
When determining retention periods, we consider factors such as:
- The source of the Personal Data;
- The reason it was collected;
- Its sensitivity; and
- Our legal or contractual obligations.
In some cases, we may retain certain data longer if required by law, for example to comply with tax or accounting regulations, respond to legal requests, or enforce rights.
Once Personal Data is no longer needed for the purposes described, we will delete it or anonymize it so that it no longer identifies you. We may retain aggregated or de-identified information indefinitely for analytical or statistical purposes.
Analytics data is collected only when you have given consent and retained for a limited period (typically up to 13 months) or until you withdraw consent, whichever comes first.
After withdrawal, we immediately stop collecting new analytics data and anonymize or delete any remaining identifiable analytics records within a reasonable period.
** Analytics events: 13 months (EEA standard)
** Account data: life of account + 30 days
** Server Logs: 7 days
** Crash logs: 30 days
# 11. Personal Data of Children
The Children’s Online Privacy Protection Act (“COPPA”) requires that online service providers obtain verifiable parental consent before knowingly collecting personally identifiable information from children under 13 years of age in the United States.
The Services are not directed to children under 16 years of age. We do not knowingly collect or solicit Personal Data from children under sixteen (16). If you are under sixteen, please do not attempt to register for an account, use any interactive features of the Services, or send any Personal Data to us.
If we learn that we have inadvertently collected Personal Data from a child under sixteen (16), we will promptly delete that information. If you believe that a child under sixteen (16) may have provided us with Personal Data, please contact us at **contact@pengofriendo.com**.
# 12. U.S. State Privacy Rights
If you reside in certain U.S. states—such as California, Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia—you may have specific privacy rights under applicable state data protection laws (collectively, the “U.S. State Privacy Laws”).
Please review the **Exercising Your Rights** section below for instructions on how to submit a request. Note that your rights may be subject to legal conditions, verification requirements, or applicable exceptions.
If we process your Personal Data as a service provider or processor on behalf of another organization (for example, a business customer using Pengo Friendo technology), you should contact that organization directly to exercise your rights regarding such data.
If you have questions about this section or whether your state’s privacy laws apply to you, please contact us at **contact@pengofriendo.com**.
---
## Your Rights Under U.S. State Privacy Laws
### Access
You have the right to request confirmation as to whether we process your Personal Data and to access that data. You may also request a portable copy of your Personal Data that we maintain.
Residents of **Oregon** or **Minnesota** additionally have the right to request a list of specific third parties (other than natural persons) to whom we have disclosed Personal Data.
### Deletion
You have the right to request that we delete the Personal Data we have collected from or about you, subject to certain legal or operational exceptions (for example, if retention is required to complete a transaction, detect fraud, or comply with legal obligations).
### Correction
You have the right to request that we correct inaccurate Personal Data about you.
### Portability
You have the right to request a copy of your Personal Data in a structured, commonly used, and machine-readable format, to the extent technically feasible.
### Opt-Out Rights
Depending on your state of residence, you may have specific rights under applicable U.S. State Privacy Laws, including the right to:
- Opt out of the **sale** or **sharing** of your Personal Data as defined by state law;
- Opt out of the processing of your Personal Data for **targeted advertising**; and
- Opt out of certain forms of **profiling** in furtherance of decisions that produce legal or similarly significant effects.
We want to be transparent that **Pengo Friendo does not sell, share, or use Personal Data for targeted or cross-context behavioral advertising**.
We also do not disclose or make available your journals, self-descriptions, or AI-generated content to any third parties for marketing purposes.
Because these activities do not occur, there is **no need to submit an opt-out request** for sale, sharing, or targeted advertising.
If you wish to confirm or manage other privacy preferences, you can contact us at **contact@pengofriendo.com** or use the in-app privacy settings.
We will not discriminate against you for exercising your privacy rights under applicable U.S. State Privacy Laws.
# 13. “Selling,” “Sharing,” and Targeted Advertising
Certain U.S. State Privacy Laws (including the California Consumer Privacy Act as amended by the CPRA, and similar laws in other states) provide residents with the right to opt out of the “sale” or “sharing” of Personal Data, or the use of Personal Data for targeted advertising.
### No Third-Party Advertising or Data Brokerage
Pengo Friendo does **not**:
- Sell Personal Data for monetary or other valuable consideration;
- Share Personal Data with advertising networks, data brokers, or social media platforms for cross-context behavioral advertising; or
- Permit third parties to collect Personal Data through the Services for interest-based advertising purposes.
### First-Party Communications
The Services may include **first-party promotional communications** related to Pengo Friendo, such as information about features, updates, pricing, or optional premium offerings. These communications are not based on cross-context behavioral advertising and do not involve third-party marketing.
**Journal content, AI inputs, and AI-generated outputs are never used for advertising or marketing purposes**, including first-party promotions.
### Analytics and Service Providers
Any analytics or performance data collected (for example, usage statistics or crash reports) is used solely to operate, secure, and improve the Services. Analytics providers act as **service providers** under our instructions and are contractually restricted from using Personal Data for advertising or marketing purposes.
Because we do not engage in the sale or sharing of Personal Data for advertising purposes, there are **no categories of third parties to whom we sell or share Personal Data** under applicable U.S. State Privacy Laws.
---
## Categories of Third Parties to Whom We Sell or Share Personal Data
We do **not** sell or share Personal Data with third parties for advertising or marketing purposes.
All third parties that process Personal Data on our behalf (such as analytics, infrastructure, AI, or payment providers) act solely as **service providers** and are restricted from using Personal Data for their own commercial purposes.
---
## Categories of Personal Data Sold or Shared in the Past 12 Months
None. We have not sold or shared Personal Data (as defined by applicable U.S. state privacy laws) in the past 12 months.
---
We do **not** use, sell, or share your **Private User Submissions** or **Limited-Audience User Submissions** (for example, your journals, personal notes, recordings, images, or documents) for targeted advertising or any other commercial purpose.
To our knowledge, we do **not** sell or share the Personal Data of minors under sixteen (16) years of age.
# 14. Anti-Discrimination
We will not discriminate against you for exercising any of your rights under applicable privacy laws. Specifically, we will not:
- Deny you access to our Services;
- Charge you different prices or rates for the same Services; or
- Provide you with a different level or quality of goods or services.
However, as permitted by applicable data privacy laws, we may offer different tiers or versions of our Services that vary in price, rate, or quality, depending on the value of Personal Data that we receive from you or your decision to share certain information.
Such offerings will always comply with the relevant requirements under applicable law, including the **California Consumer Privacy Act (CCPA/CPRA)** and similar state privacy frameworks.
# 15. Other State-Specific Privacy Rights
## California Residents – “Shine the Light” Law
Under **California Civil Code Sections 1798.83–1798.84**, California residents are entitled to request information about the disclosure of their Personal Data to third parties for those parties’ own direct marketing purposes.
To submit such a request, please contact us at **contact@pengofriendo.com** with the subject line **“California Shine the Light Request.”**
---
## Nevada Residents
If you are a resident of Nevada, you have the right to opt out of the sale of certain Personal Data to third parties.
You may exercise this right by contacting us at **contact@pengofriendo.com** with the subject line **“Nevada Do Not Sell Request.”**
Please include your full name and the email address associated with your account so that we can process your request.
# 16. Exercising Your Rights under U.S. State Privacy Laws
To exercise the rights described in this Privacy Policy, you—or your Authorized Agent, where permitted—must send us a request that:
- Provides sufficient information for us to verify your identity (for example, details from your Profile Data such as your name or email address); and
- Describes your request in enough detail to enable us to understand, evaluate, and respond appropriately.
Each request that meets these criteria will be considered a **“Valid Request.”**
We may be unable to respond to requests that do not meet these criteria.
We will use any Personal Data provided in a Valid Request solely for the purpose of verifying your identity and fulfilling your request. You do not need an account to submit a Valid Request.
---
You may submit your request by contacting us at:
📧 **contact@pengofriendo.com**
We will respond to your Valid Request within the time period required by applicable law.
We do not charge a fee for processing Valid Requests unless such requests are excessive, repetitive, or manifestly unfounded.
If a fee is necessary, we will notify you in advance and explain our decision before completing your request.
### Opt-Out Rights
Depending on your state of residence, you may have specific rights under applicable U.S. State Privacy Laws, including the right to:
- Opt out of the **sale** of Personal Data, as defined by state law;
- Opt out of the **sharing** of Personal Data for cross-context behavioral advertising;
- Opt out of the processing of Personal Data for **targeted advertising**; and
- Opt out of certain forms of **profiling** in furtherance of decisions that produce legal or similarly significant effects.
### Our Practices
Pengo Friendo does **not**:
- Sell Personal Data;
- Share Personal Data for cross-context behavioral advertising; or
- Use Personal Data for targeted advertising by third parties.
We also do **not** disclose or make available **journal content, self-descriptions, AI inputs, or AI-generated outputs** to any third parties for advertising or marketing purposes.
Because these activities do not occur, there is generally **no need to submit an opt-out request** for the sale or sharing of Personal Data or for targeted advertising.
However, you may contact us at **contact@pengofriendo.com** or use available in-app privacy controls if you wish to:
- Confirm our data practices;
- Exercise other privacy rights available to you; or
- Ask questions about how your data is processed.
We will not discriminate against you for exercising your privacy rights under applicable U.S. State Privacy Laws.
---
## To opt out through your device settings:
- **On iOS:** Navigate to `Settings > Privacy & Security > Tracking`, then toggle off permission for the Pengo Friendo application.
- **On Android:** Go to `Settings > Privacy > Ads`, and disable or reset ad personalization.
---
You may also manage your opt-out preferences directly within our **in-app privacy settings**, or by sending a request to **contact@pengofriendo.com** with the subject line **“Opt-Out Request.”**
Once we receive your request, we will process it promptly and will not ask you to reauthorize the sale or sharing of your Personal Data for at least twelve (12) months.
# 18. Request to Access, Delete, or Correct Personal Data
You may submit a Valid Request to exercise your rights to access, delete, correct, or obtain a portable copy of your Personal Data as described in this Privacy Policy by emailing us at **contact@pengofriendo.com**.
If you are a resident of **California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, or Texas**, you may also authorize another person (an **“Authorized Agent”**) to exercise these rights on your behalf.
To do so, you must provide your Authorized Agent with written permission to act on your behalf.
When your Authorized Agent submits a request for you, we may require them to provide a copy of your written authorization and may also need to verify your identity directly to protect your privacy and security.
We will process all Valid Requests in accordance with the requirements and timelines set forth under applicable **U.S. State Privacy Laws**.
# 19. Appealing a Denial
If you are a resident of **Colorado, Connecticut, Delaware, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, or Virginia**, and we decline to act on your privacy request, you have the right to appeal our decision.
---
## To submit an appeal, you must:
- Provide sufficient information to allow us to verify your identity and locate the original request; and
- Include a description of the basis for your appeal.
You may submit your appeal by emailing us at **contact@pengofriendo.com** with the subject line:
**“[STATE OF RESIDENCE] Appeal.”**
---
Your appeal will be handled in accordance with the procedures and timelines required under your applicable State Privacy Law.
We will respond to your appeal within the period mandated by the relevant state law.
If we deny your appeal, you may also contact the **Attorney General of your state** for further information or to lodge a complaint.
For your convenience, you can find contact information for these state Attorneys General below:
- **Colorado Attorney General**
- **Connecticut Attorney General**
- **Delaware Attorney General**
- **Iowa Attorney General**
- **Maryland Attorney General**
- **Minnesota Attorney General**
- **Montana Attorney General**
- **Nebraska Attorney General**
- **New Hampshire Attorney General**
- **New Jersey Attorney General**
- **Oregon Attorney General**
- **Tennessee Attorney General**
- **Texas Attorney General**
- **Virginia Attorney General**
# 20. European Union and United Kingdom Data Subject Rights
If you are a resident of the **European Union (“EU”)**, **United Kingdom (“UK”)**, **Liechtenstein**, **Norway**, or **Iceland**, you may have additional rights regarding your Personal Data under the **EU General Data Protection Regulation (“EU GDPR”)** or the **UK GDPR**.
In this section, the terms **“Personal Data”** and **“processing”** have the meanings given to them in the GDPR.
Generally, “Personal Data” means any information relating to an identified or identifiable natural person, and “processing” refers to any operation performed on such data (such as collection, use, storage, disclosure, or deletion).
**Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** is the controller of your Personal Data processed in connection with the Services.
If any part of this section conflicts with other provisions of this Privacy Policy, the portion that provides greater protection for your Personal Data shall prevail.
If you have questions about this section or whether it applies to you, please contact us at **contact@pengofriendo.com**.
If we process your Personal Data on behalf of another organization (for example, as a service provider or processor for one of our business customers), please contact that organization directly to exercise your GDPR rights.
---
## Personal Data We Collect
The **Categories of Personal Data We Collect** section above describes the categories of Personal Data we collect from you.
---
## How We Use and Process Your Personal Data
The **Our Commercial or Business Purposes for Collecting Personal Data** section above explains the purposes for which we use your Personal Data.
We process your Personal Data only when we have a **lawful basis** to do so under the GDPR or UK GDPR.
These lawful bases include **Contractual Necessity**, **Consent**, **Legal Obligation**, and **Legitimate Interests**.
In limited cases, processing may also be based on **Vital Interests** or **Public Interest**.
---
### Lawful Bases for Processing (EEA / UK)
| **Purpose of Processing** | **Examples of Personal Data** | **Lawful Basis** |
|----------------------------|-------------------------------|------------------|
| **Provide and operate the Services**, including essential AI-powered guidance features | Profile Data, AI Input & Output Data, Sensory Data (if core to a feature) | **Contractual Necessity** – required to perform the Services you request. |
| **Account creation, authentication, and user support** | Profile Data, Contact Data | **Contractual Necessity** |
| **Payments, taxes, and regulatory compliance** | Payment Data, Billing Region | **Legal Obligation** |
| **Age verification** (where legally required) | Consumer Demographic Data (date of birth, country) | **Legal Obligation** |
| **Language and demographic customization** (for example, replying in your preferred language or adjusting tone by age group) | Language, Age (if provided) | **Legitimate Interests** – to deliver responses and content appropriate to your language and context. You may object to this processing at any time by contacting us or disabling personalization features. |
| **Anonymous usage analytics and performance measurement** | Device/IP Data, Usage & Event Data | **Consent** (Art. 6(1)(a) GDPR; required under ePrivacy Directive) |
| **Responding to user inquiries and support requests** | Support Communications, Profile Data | **Legitimate Interests** – to respond to requests and improve service quality. |
| **Security, fraud prevention, and debugging** | Device/IP Data, Log Data | **Legitimate Interests** – to maintain the security and integrity of the Services. |
| **Optional AI features or enhancements** (for example, cloud vs local model selection, sticker generation) | AI Input & Output Data | **Consent** – when the feature is not essential to core functionality. |
---
### Notes on Processing
- **Language and Age Data**
Where you choose to provide language or age information, we use it to improve clarity and relevance of responses (for example, to reply in your language or adopt an age-appropriate tone).
This personalization is limited to in-app functionality and never used for advertising or profiling beyond that context.
You may disable personalization or object to this processing at any time.
- **Special-Category Data**
If you voluntarily include sensitive or “special-category” data (for example, information about your health, beliefs, or personal experiences) in your journals or self-descriptions, it is processed only to generate AI responses and not stored afterward.
By using these features, you **consent** to this limited processing. You also have to explicitly **consent** during `Onboarding` or in `Settings` to enable cloud processing of such data. Conset can be withdrawn at any time, which immediately disables Cloud AI for such content. Local AI (Ollama) remains available without transmitting data off-device.
- **Analytics Consent**
In the EEA and UK, we activate analytics SDKs only after you have given consent through our in-app privacy settings.
You can withdraw that consent at any time in **Settings › Privacy**.
- **Aggregated or De-identified Data**
We may de-identify or aggregate Personal Data for product improvement or statistical purposes. Such data can no longer identify any individual.
---
### International Processing
When transferring Personal Data outside the EEA or UK, we rely on appropriate safeguards such as the **EU Standard Contractual Clauses**, the **UK Addendum**, or other approved mechanisms described in the **International Data Transfers** section.
---
### Contractual Necessity
We process the following categories of Personal Data because it is necessary to perform our contract with you (for example, to provide the Services under our Terms of Use).
Failure to provide this data may prevent you from using certain features of the Services.
- Profile Data
- Payment Data
- Consumer Demographic Data
- Sensory Data
- Other Identifying Information You Voluntarily Provide
---
### Legitimate Interests
We process the following categories of Personal Data when it furthers the legitimate interests of **Pengo Friendo** or a third party:
- Profile Data
- Device/IP Data
- Web Analytics
- Geolocation Data
Our legitimate interests include, as described in more detail above:
- Providing, customizing, and improving the Services;
- Performing research, and product development (including analytics only after opt-in consent);
- Offering customer and technical support;
- Marketing the Services (including use of Tracking Tools, where permitted);
- Corresponding with you and responding to inquiries;
- Meeting legal obligations and enforcing terms;
- Completing corporate transactions; and
- Maintaining information, system, and network security.
We may also de-identify or anonymize Personal Data when pursuing these legitimate interests.
---
### Consent
In some cases, we process your Personal Data based on your explicit consent, which we will request at the time of collection.
For example, this may apply when enabling AI-powered features or analytics.
To withdraw consent for Tracking Tools, you can navigate to your device settings:
- **Desktop:** `Settings > Tracking` -> toggle off permission for Tracking
- **iOS:** `Settings > Privacy & Security > Tracking` → toggle off permission for the Pengo Friendo app.
- **Android:** `Settings > Privacy > Ads` → limit or reset ad tracking.
You may also withdraw consent at any time by contacting us at **contact@pengofriendo.com**.
---
### Other Processing Grounds
We may also process Personal Data when necessary to:
- Comply with a legal obligation;
- Protect the vital interests of you or another person; or
- Carry out a task in the public interest.
---
## Disclosing Personal Data
Please refer to the **How We Disclose Your Personal Data** section above for details on how we share information with our service providers, business partners, and other recipients, as well as the safeguards we apply to such disclosures.
# 21. EU, UK, and Swiss Data Subject Rights
If you are located in the **European Union**, **United Kingdom**, **Liechtenstein**, **Norway**, **Iceland**, or **Switzerland**, you have certain rights regarding your Personal Data under applicable data protection laws, including the **EU GDPR**, **UK GDPR**, and **Swiss Federal Data Protection Act**.
For more information about these rights—or to submit a request—please contact us at **contact@pengofriendo.com**.
Please note that in certain cases we may not be able to fully comply with your request (for example, if doing so would be frivolous, manifestly unfounded, excessively repetitive, jeopardize the rights of others, or is not required by law).
In such cases, we will explain the reason for our decision.
We may also need to request additional information—including limited Personal Data—to verify your identity and the nature of your request.
---
## Your Rights
### Access
You may request confirmation of whether we process your Personal Data and, if so, obtain a copy of that data.
You can also access certain Personal Data directly by logging into your account.
### Rectification
If you believe that any Personal Data we hold about you is inaccurate or incomplete, you can request that we correct or update it.
You can also edit some information directly within your account settings.
### Erasure (“Right to be Forgotten”)
You may request that we delete some or all of your Personal Data from our systems, subject to certain legal exceptions (for example, if retention is required to meet legal obligations).
### Withdrawal of Consent
Where processing is based on your consent (as indicated at the time of collection), you have the right to withdraw that consent at any time.
Please note that withdrawal may affect your ability to use certain features that rely on that consent. You may later re-consent if you wish to reactivate those features.
Cloud AI Consent: You may withdraw your explicit consent for Cloud AI processing of special-category Personal Data at any time in Settings → Privacy by turning off “Use Cloud AI.” Once withdrawn, no further text will be transmitted to the cloud.
### Portability
You may request a copy of your Personal Data in a structured, commonly used, and machine-readable format and, where technically feasible, request that we transmit it directly to another controller.
### Objection
You may object to our processing of your Personal Data where we rely on legitimate interests as the legal basis, including for direct marketing.
If you object to processing for direct marketing, we will stop such processing immediately.
### Restriction of Processing
You may request that we restrict further processing of your Personal Data in certain situations (for example, while we verify the accuracy of the data or handle an objection).
### Right to File a Complaint
You have the right to lodge a complaint about **Pengo Friendo’s** data-processing practices with your local data protection authority.
- A list of EU and EEA supervisory authorities is available here: [https://edpb.europa.eu/about-edpb/board/members_en](https://edpb.europa.eu/about-edpb/board/members_en)
- For UK residents, please contact the **Information Commissioner’s Office (ICO)** at [https://ico.org.uk/](https://ico.org.uk/)
- For Swiss residents, contact the **Federal Data Protection and Information Commissioner (FDPIC)** at [https://www.edoeb.admin.ch/](https://www.edoeb.admin.ch/)
# 22. Transfers of Personal Data
The Services are hosted and operated primarily in the **United States (“U.S.”)** through **Pengo Friendo** and its service providers.
If you access the Services from outside the U.S., please note that the data protection laws in the U.S. may differ from those in your country of residence.
By using the Services, you acknowledge and agree that any Personal Data about you—whether provided directly by you or obtained from third parties—may be transferred to, stored, and processed by **Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** and our service providers in the United States and other countries where we or our vendors operate.
We implement appropriate safeguards to ensure that such transfers comply with applicable data protection laws, including the **EU General Data Protection Regulation (GDPR)** and the **UK GDPR**.
Where required, these safeguards include the use of:
- **European Commission Standard Contractual Clauses (“SCCs”)** for transfers of Personal Data from the EEA to countries not deemed to provide adequate protection; and
- **UK Addendum to the SCCs**, where applicable for UK transfers.
Certain of our third-party service providers (such as **OpenAI**, **Unity Technologies**, or **Google LLC**) may also rely on their own **Data Privacy Framework (DPF)** certifications or equivalent transfer mechanisms to ensure an adequate level of protection for cross-border data processing.
By continuing to use our Services, you authorize the transfer, storage, and processing of your Personal Data to and within the United States and any other jurisdiction where our service providers maintain operations, consistent with this Privacy Policy and applicable law.
# 23. International Data Transfers and Data Privacy Framework(s)
The Services are hosted and operated primarily in the **United States (“U.S.”)** through **Martin Staehler, Einzelunternehmer (“Pengo Friendo”)** and its service providers.
If you access the Services from outside the U.S., please be aware that the data protection laws in the U.S. may differ from those in your country of residence.
By using the Services, you acknowledge and agree that any Personal Data about you—whether provided directly by you or obtained from third parties—may be transferred to, stored, and processed by **Pengo Friendo** and our service providers in the United States and other jurisdictions where we or our vendors operate.
Such transfers are necessary to provide the Services, operate core infrastructure, and deliver AI-powered features and analytics functionality.
We take steps to ensure that such transfers comply with applicable data protection laws, including the **EU General Data Protection Regulation (GDPR)** and the **UK GDPR**.
Where required, these safeguards include:
- The **European Commission’s Standard Contractual Clauses (“SCCs”)** for transfers from the EEA to non-adequate countries;
- The **UK Addendum to the SCCs** for transfers from the United Kingdom; and
- **Supplementary technical and organizational measures** (such as encryption and access controls) to protect transferred Personal Data.
Some of our service providers (for example, **OpenAI**, **Unity Technologies**, and **Google LLC**) may rely on their own **Data Privacy Framework (DPF)** certifications or other approved transfer mechanisms to ensure adequate protection for cross-border data transfers.
We use service providers based in the United States, including **OpenAI, Inc.** and **Unity Technologies**, to operate certain features of the Services.
- **OpenAI, Inc.** – Personal Data processed through our cloud-based AI features is transferred to OpenAI under the **EU Standard Contractual Clauses (2021/914/EU)** and covered by OpenAI’s certification under the **EU–U.S. Data Privacy Framework**.
We have executed a Data Processing Agreement with OpenAI that incorporates these safeguards.
- **Unity Technologies** – Analytics and cloud services may involve transfers to the United States.
Unity’s **Data Processing Agreement** (available at [https://unity.com/legal/dpa](https://unity.com/legal/dpa)) and its included **Standard Contractual Clauses** apply automatically when using Unity Services, providing adequate safeguards for cross-border transfers.
Unity implements encryption, access controls, and regional data centers to protect transferred data.
All such transfers are supported by appropriate **technical and organizational measures**, including encryption in transit and at rest, strict access control, and data minimization, consistent with our **Transfer Impact Assessments**.
At this time, **Pengo Friendo** is **not self-certified** under the Data Privacy Framework.
# 24. Changes to This Privacy Policy
We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other operational reasons.
If we make material changes, we will notify you in advance by:
- Posting a notice within the **Pengo Friendo** app or on our website;
- Sending you an email notification (if you have provided your email address); or
- Using another appropriate communication method required by applicable law.
Please note that if you have opted not to receive legal or service-related emails from us (or have not provided an email address), you are still responsible for reviewing updates posted within the Services or on our website, as those notices will govern your continued use of the Services.
Your continued use of the Services after the updated Privacy Policy becomes effective constitutes your acceptance of the revised terms.
The use of information we collect is governed by the Privacy Policy in effect at the time that information is collected.
# 25. Contact Information
If you have any questions, concerns, or comments about this Privacy Policy, how we collect and use your Personal Data, or your choices and rights regarding such collection and use, please contact us at:
**Controller:**
**Martin Staehler, Einzelunternehmer (“Pengo Friendo”)**
**Business Address:** Lechallee 31, 86399 Bobingen, Germany
**Website:** [https://pengofriendo.com](https://pengofriendo.com)
**Email:** [contact@pengofriendo.com](mailto:contact@pengofriendo.com)
At this time, **Pengo Friendo** has not appointed an EU or UK representative, as the controller is established within the European Union and the GDPR applies directly.
If required in the future (for example, if our operations expand into the UK market), we will update this section accordingly.