App Privacy Policy

Status: May 2026

Language and Binding Versions

This English version of the Privacy Policy is a legally binding document for all users who register for or use the Alma App in a language other than German.

A German version is available at alma-app.eu/datenschutz. For users whose App language is set to German, the German version applies.

Where the Alma App displays this Privacy Policy in any other language, this is a machine translation provided for convenience only. In the event of any inconsistency, the applicable binding version (German or English) shall prevail.

Key Facts at a Glance

Who I am: Bastian Matzen / Alma Softwareentwicklung (Sole Proprietorship), Kienitzer Str. 113, 12049 Berlin, Germany. Contact: privacy@alma-app.eu | www.alma-app.eu

Your data with me:

✅ Secure: Encrypted storage exclusively within the EU (Frankfurt am Main).

✅ Private: No data transfer to third parties (except to your emergency contacts in an emergency).

✅ Voluntary: Health data and many other details are completely optional.

✅ Controlled: You can view, modify, or delete everything at any time.

✅ Transparent: No hidden data usage, no selling of your data, no advertising.

✅ No movement trail: Location data overwrites the single last-known entry; no historical movement history is stored.

Your Rights: Access, rectification, deletion, data portability, objection, withdrawal of consent – all possible at any time.

Complaints can be lodged with: Berlin Commissioner for Data Protection and Freedom of Information (datenschutz-berlin.de). Users in the EEA may also contact the supervisory authority in their country of habitual residence. Users in the United Kingdom may contact the Information Commissioner’s Office (ico.org.uk). Users in Switzerland may contact the Federal Data Protection and Information Commissioner (FDPIC).

1. Controller and Contact

I am the controller responsible for data processing in the context of the Alma App, within the meaning of the General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), the Swiss Federal Act on Data Protection (FADP/DSG), and other applicable data protection laws:

Bastian Matzen Alma Softwareentwicklung (Sole Proprietorship) Kienitzer Str. 113 12049 Berlin Germany

Contact Options

For privacy questions (preferred): privacy@alma-app.eu

For technical support: support@alma-app.eu

Website: www.alma-app.eu

1a. UK Representative

In accordance with Article 27 of the UK GDPR, we have appointed the following representative in the United Kingdom for data protection matters:

Aron Harris Flat 7 324 Lewisham High Street SE13 6JZ London United Kingdom

Email: privacy@alma-app.eu

2. Overview of the App and its Functions

Alma is a personal safety and communication app operating in two interconnected modes:

2.1 Safety Net Subscription (Paid)

Automatic safety check-ins at up to three time windows per day (Morning 07:00–11:00, Afternoon 12:00–16:00, Evening 17:00–21:00), configurable per weekday.
Automatic notification of up to five emergency contacts via the Alarm Chain (staggered 15-minute intervals) if a check-in is missed; acknowledgment by any contact stops the chain.
Optional transmission of last known location and emergency health information during a triggered alarm.
Vacation Mode (scheduled pause with automatic reactivation) and Simple Mode (reduced user interface).
After a triggered alarm, Safety Net automatically pauses and requires manual reactivation.

2.2 Emergency Contact Mode (Free)

Helper Dashboard displaying live check-in status and 90-day history of assigned Safety Net users.
Receipt of high-priority alerts via the chosen channel (In-App, Email, WhatsApp, or Telegram).
Access to the Alma Moments social feed with up to 30 mutually confirmed connections; ability to share one standalone Moment per day.
No personal safety schedule; missed check-ins are never posted to the social feed.

2.3 No Advertising

The Alma Moments feed contains no advertising. Emergency contact data and emergency contact information are never exposed to the Alma Moments social network.

2.4 Minimum Age

The use of the Alma App is permitted for persons aged 16 and over. Persons under 16 years of age may not use the App. By registering, you confirm that you are at least 16 years old.

3. What Data is Processed?

3.1 Mandatory Data upon Registration

To use the App, I require the following data (Legal basis: Art. 6(1)(b) GDPR – Performance of a contract):

Email address – for account creation, communication, and password reset.

Password – stored in encrypted form and used for account security.

First name – for personalization and display to your contacts.

Last name – for full identification.

3.2 Optional Profile Data

You may voluntarily provide the following data (Legal basis: Art. 6(1)(a) GDPR – Consent):

Profile picture – for personalization and social functions.

Date of birth – for age verification.

Phone number – as an alternative contact method.

Address – for emergency information.

Bio – for social functions.

City – for social functions and search.

3.3 Emergency Health Data (Safety Net only, completely optional)

These special categories of data pursuant to Art. 9 GDPR are processed only with your explicit consent.

Collected data: Blood type, allergies, medications, pre-existing medical conditions, medical notes, pets, house key information, and other emergency information you choose to provide.

Legal basis: Art. 9(2)(a) GDPR (Explicit consent).

Security: This data is stored using AES-256 encryption and is transmitted to your confirmed emergency contacts only during a triggered alarm.

Retention: Health data is automatically deleted after 12 months of total account inactivity (see Section 6.2). You may withdraw consent and delete this data yourself at any time in the App.

3.4 Location Data (Optional)

Location processing is completely optional and can be operated in three modes (Legal basis: Art. 6(1)(a) GDPR – Consent):

Save on Check-in – Location is captured only at the moment of check-in.

Continuous (background) – Location is updated continuously in the background while the App is running. Important: Only a single last-known location is stored; each update overwrites the previous entry. No historical movement trail, breadcrumb data, or movement history is retained at any point.

Disabled – No location is captured or shared.

You can switch between these modes or withdraw consent at any time in the App settings. Because location is stored as a single overwriting entry, there is no historical location dataset to delete; turning the function off and clearing the latest entry removes all stored location data.

3.5 Check-in Data

During check-ins, the following data is captured:

Check-in time – for safety monitoring and Helper Dashboard history (Retention: 90 days).

Device information – for error analysis (Retention: 90 days).

Last known location – for emergency notifications, if you have enabled location sharing (stored as a single overwriting entry; see Section 3.4).

When using social functions, the following data is processed: Posts (text, images, videos, mood emojis), comments, likes, and connections (limited to a maximum of 30 mutual connections).

Legal basis: Art. 6(1)(b) GDPR (Performance of a contract to provide social functions) and Art. 6(1)(a) GDPR (for voluntary content).

Check-in data, monitoring data, emergency health data, and emergency events are never visible in Alma Moments.

3.7 Technical Data

The following technical data is processed for the operation of the App:

Device type & OS – for app optimization and error analysis (Legal basis: Art. 6(1)(f) GDPR).

App version – for support and updates (Legal basis: Art. 6(1)(f) GDPR).

FCM Token – for push notifications (Legal basis: Art. 6(1)(b) GDPR).

Time zone – for correct check-in times (Legal basis: Art. 6(1)(b) GDPR).

Server Logfiles – for infrastructure security and defense against attacks (Legal basis: Art. 6(1)(f) GDPR).

3.8 Marketing Communication (Optional)

Only if you have consented during registration or later in the settings by checking the box, will I process your email address and name to send tips, app news, and updates (Newsletter).

Legal basis: Art. 6(1)(a) GDPR (Consent).

Unsubscribe: You can unsubscribe at any time via the unsubscribe link in every email or in the App’s notification settings. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

4. Purposes of Data Processing

I process your data for the following purposes:

Contract Performance (Art. 6(1)(b) GDPR): Provision of the App, check-ins, alerting, subscription management, Helper Dashboard.

Consent (Art. 6(1)(a) GDPR): Health data, location sharing, optional profile info, marketing.

Legitimate Interests (Art. 6(1)(f) GDPR): Fraud prevention, technical security, troubleshooting.

Legal Obligations (Art. 6(1)(c) GDPR): Retention obligations, requests from authorities.

Vital Interests (Art. 6(1)(d) / Art. 9(2)(c) GDPR): Transmission of emergency information during a triggered alarm to protect physical integrity.

Note on Automated Decision-Making: No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place that produces legal effects concerning you. The triggering of alarms is based exclusively on the time windows and rules (If-Then logic) defined by you personally. The Alarm Chain itself (staggered 15-minute notifications, automatic pause after acknowledgment or triggered alarm) is a rule-based escalation, not a profiling decision.

5. Data Recipients and Processors

5.1 Service Providers

I work with the following service providers to operate the App:

Google Firebase (Google Ireland Ltd.) – for hosting, database, and authentication. Location: Frankfurt am Main (europe-west3). Data protection guarantee: EU-US Data Privacy Framework (DPF), Google Cloud DPA.

RevenueCat – for subscription management (processed data: subscription status, purchase time, pseudonymous App User ID, transaction metadata). Location: USA (AWS). Data protection guarantee: EU Standard Contractual Clauses (SCCs), DPA. For transfers from the United Kingdom: UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs. For transfers from Switzerland: compliance with the requirements of the FADP/DSG.

Mailgun (Sinch) – for email delivery. Location: EU. Data protection guarantee: DPA, GDPR compliant.

Algolia – for user search. Location: EU. Data protection guarantee: DPA, GDPR compliant.

5.2 Conditional Data Transfer (Notification Channels)

Transfer to these services only occurs if your emergency contact explicitly chooses these channels:

Meta (WhatsApp Cloud API) – only if WhatsApp is selected by the contact. Meta is certified under the EU-US Data Privacy Framework. For transfers from the United Kingdom, the UK Extension to the EU-US DPF additionally applies.

Telegram – Use of Telegram only occurs if your emergency contact actively selects this channel themselves. In this case, your contact consents directly to data processing by Telegram (potentially on servers outside the EU).

5.3 Emergency Contacts as Recipients

Persons you assign as emergency contacts receive your data only during a triggered alarm and only to the extent you have released this data (e.g., location, emergency health information). Emergency contacts are private individuals chosen by you; they are not employed or vetted by me and are not professional monitoring services.

Where you assign a professional emergency contact (e.g., a care service provider, professional caregiver, or other party acting in a professional or institutional capacity): such a party becomes an independent controller within the meaning of Art. 4 No. 7 GDPR for any data they process within their own systems and obligations after receiving the alert. I do not act as a processor (Art. 28 GDPR) for such a party. Further details on this distinction are set out in § 3 (6) of the Terms of Service.

5.4 No Data Transfer to Third Parties

Your data is not sold.

No transfer for third-party advertising purposes.

No transfer to data brokers.

No advertising network has access to your data.

Exception: Your emergency contacts receive the information you have released during a triggered alarm.

6. Data Storage and Deletion

6.1 Storage Location

All data is primarily stored in the European Union (Frankfurt am Main, Google Cloud region europe-west3).

6.2 Storage Duration & Automatic Deletion

Check-in History: Automatically deleted after 90 days.

Location Data: Stored as a single overwriting entry only; no historical movement trail is kept. The latest entry is overwritten with each update and cleared when location sharing is disabled.

Server Logfiles: Automatically deleted after 90 days (for error analysis/defense against attacks).

Invitation Links: Automatically expire after 7 days.

Emergency Health Data: Automatically deleted after 12 months of total account inactivity.

Account Data: Deletion after 24 months of inactivity.

Reminders before Inactivity Deletion:

After 12 months without login: Automatic deletion of emergency health data; reminder email sent.

After 13 months without response: Further reminder.

After 23 months of inactivity: Final warning email.

After 24 months without response: Complete account deletion.

Exception for Active Subscriptions: As long as a paid Safety Net subscription is active, no automatic inactivity deletion takes place.

Billing Data: Billing data (name, address, transaction information) is stored for 10 years in accordance with tax retention obligations (§ 147 AO). This data is kept separate from usage data.

Deleted Accounts are permanently and irrevocably removed after a grace period of 30 days.

Important: Upon account deletion request, usage ends immediately. From this point on, no check-in reminders, alarms, or other notifications will be triggered – neither to you nor to your emergency contacts. Additionally, your profile in Alma Moments will no longer be visible. The final physical deletion of all data occurs after the grace period of 30 days.

7. Data Security

I employ modern security standards:

Encryption: TLS 1.2+ for data transmission (Transit) and storage on AES-256 encrypted servers (At Rest) for sensitive data, including emergency health data.

Access Control: Firebase Security Rules, strict authentication.

App Security: Firebase App Check, optional biometric protection, separate settings lock.

8. Your Rights

You have the following rights at any time (pursuant to Art. 15-21 GDPR):

Access & Data Export: In the app under Settings → Privacy.

Rectification: You can edit all profile and health data yourself in the app.

Erasure: You can delete individual data or your entire account directly in the app.

Restriction of Processing (Art. 18 GDPR): You can request the restriction of processing, e.g. if you contest the accuracy of your data or if the processing is unlawful.

Withdrawal of Consent: You can withdraw consent (e.g. location, health data, marketing) at any time in the settings. Withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.

Right to Object (Art. 21 GDPR): If data processing is based on legitimate interests (Art. 6(1)(f) GDPR), you have the right to object at any time for reasons arising from your particular situation.

Right to Lodge a Complaint: You may contact the competent data protection supervisory authority. For users in Germany, this is the Berlin Commissioner for Data Protection and Freedom of Information (datenschutz-berlin.de). Users in the European Economic Area (EEA) may contact the supervisory authority in their country of habitual residence, place of work, or place of the alleged infringement. A list of supervisory authorities is available at edpb.europa.eu. Users in the United Kingdom may contact the Information Commissioner’s Office (ICO): ico.org.uk. Users in Switzerland may contact the Federal Data Protection and Information Commissioner (FDPIC): edoeb.admin.ch.

9. Special Processing Situations

9.1 Emergency Notification (Safety Net only)

In the event of a missed check-in, your emergency contacts are notified via the Alarm Chain (staggered 15-minute intervals). Only the data you have stored in your profile and authorized for release (e.g., location, emergency health information) is transmitted. Acknowledgment by any contact stops further escalation, and Safety Net automatically pauses once the alarm chain has been triggered, until you manually reactivate it.

Detection of missed check-ins occurs on the server side, independently of whether your device is online at the moment of escalation.

Legal basis:

Art. 6(1)(b) GDPR (Performance of a contract)
Art. 9(2)(a) GDPR (Explicit consent for health data)
Supplementarily Art. 6(1)(d) / Art. 9(2)(c) GDPR (Protection of vital interests), to ensure physical integrity in an emergency.

9.2 Inviting Emergency Contacts

To protect the privacy of third parties, you do not enter the contact details of other persons directly into the App.

Link Creation: You generate a personal invitation link in the App.

Sending: You send this link to your trusted person via a channel of your choice (e.g., WhatsApp, Email).

Registration: Your trusted person opens the link and independently enters their contact details and desired notification channel (Double-Opt-In). As long as the link is not used, no data of your contacts is stored. Unused links expire after 7 days.

9.3 You as an Emergency Contact

If you accept an invitation, you consent to your provided contact details (Name, Email/Phone/Handle) being stored for emergency notification purposes. You can unsubscribe at any time via an opt-out link in the messages or, for in-app notifications, via the App settings. You may be assigned as an emergency contact by an unlimited number of Safety Net users.

9.4 Remote Setup

You can temporarily grant a trusted person access (via a generated code) to set up the App for you and manage settings, including the reactivation of Safety Net after a triggered alarm. Once successfully connected, this access remains until you revoke it in the App. For your security, all changes made by the trusted person are logged (Audit Log).

Legal basis: Art. 6(1)(b) GDPR (Performance of a contract, function initiated by user).

9.5 Professional Emergency Contacts

Where you assign a professional party (e.g., a care service provider, professional caregiver, security service) as an emergency contact, alerts are delivered on a best-effort basis only. The assigned professional party is independently responsible as a data controller (Art. 4 No. 7 GDPR) for the further processing of any data received through the alert within its own systems and professional obligations. I do not act as a data processor for such a party. Alma does not replace any professional emergency call, monitoring, or care system. Further details are set out in § 3 (6) of the Terms of Service.

10. Third-Party Authentication

Google Sign-In: Transmitted data includes email, name, profile picture. (Privacy: policies.google.com/privacy)

Apple Sign-In: Transmitted data includes email (or relay address) and name. (Privacy: apple.com/legal/privacy)

11. Push Notifications

I use push notifications for check-in reminders, alarms, and social interactions.

Legal basis: Art. 6(1)(b) GDPR (for contractual functions like alarms) and Art. 6(1)(f) GDPR (for social notices).

Control: You can manage most notification types in the App settings. Critical safety notifications are part of the core service.

Note for Emergency Contacts: To ensure that critical alerts are reliably received, you may be advised to grant the App permission to bypass Do Not Disturb (DND) and similar OS-level notification restrictions. Granting such permissions is your decision and remains under your control via your device settings.

12. Analysis and Troubleshooting

12.1 Firebase Analytics

I use Firebase Analytics in a data-minimized configuration to ensure App stability and fix errors.

Privacy Measures: No advertising IDs (IDFA/AAID) are collected. IP anonymization is enabled.

Purpose: Anonymized crash and usage statistics for technical optimization.

Legal basis: Art. 6(1)(f) GDPR (Legitimate interest in the error-free operation and security of the App).

12.2 Firebase Crashlytics

In the event of App crashes, technical details (stack trace, device info) are sent to fix the error. No directly identifying data is stored in the crash report.

12.3 ePrivacy and Electronic Communications

Access to certain device functions and the storage of technical information on the device (e.g., FCM tokens) may be subject to national laws implementing the ePrivacy Directive (2002/58/EC). In the United Kingdom, the Privacy and Electronic Communications Regulations 2003 (PECR) apply. In Switzerland, the provisions of the Telecommunications Act (TCA/FMG) apply. Where consent is required under the respectively applicable law, it is obtained prior to the relevant access.

13. Changes to this Privacy Policy

I reserve the right to amend this Privacy Policy. In the event of significant changes – in particular changes affecting the categories of personal data processed, the purposes of processing, or the legal bases for processing – you will be informed via the App or email and, where required by law, asked to provide renewed consent. The current version is always available in the App and on the website.

14. International Data Transfers

Primary data storage takes place in the European Union (Frankfurt am Main). Where data is transferred to service providers outside the EEA (see Section 5), I rely on the following safeguards:

EU-US Data Privacy Framework (DPF): For transfers to US-based companies certified under the DPF (e.g., Google, Meta).

EU Standard Contractual Clauses (SCCs): For transfers to companies not certified under the DPF (e.g., RevenueCat).

For transfers from the United Kingdom: I use the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, as well as the UK Extension to the EU-US DPF, where applicable.

For transfers involving Switzerland: I comply with the requirements of the Swiss Federal Act on Data Protection (FADP/DSG), including recognition of adequacy decisions by the Federal Council and the use of standard contractual clauses where required.

For further details on individual service providers, see Section 5.

15. Users Outside the EU/EEA, United Kingdom, and Switzerland

For users in countries not covered by the GDPR, UK GDPR, or Swiss FADP, the Provider applies the same technical and organisational measures as for users within the GDPR’s scope. Mandatory data protection provisions of the user’s country of habitual residence remain unaffected.

16. Contact

Bastian Matzen Alma Softwareentwicklung Kienitzer Str. 113 12049 Berlin