Doop سیاسەتی پاراستنی نهێنی اپلیکیشن

لاپەڕەی سەرەکی

Privacy Policy – DoopApps

Last updated: 24 November 2025

This Privacy Policy explains how DoopApps (“we”, “us”, “our”) collects and processes personal data when you use our mobile application and our website doopapps.com (together, the “Service”).

We are established in Germany and are committed to protecting your privacy and handling your data in a transparent and lawful way.

1. Controller and Contact

Controller:
DoopApps
Pfaffenweg 13
53227 Bonn
Germany

Contact for privacy questions:
📧 [email protected]
📞 +49 1573 4850913

We do not currently have a separate Data Protection Officer. For all privacy-related questions, please contact us using the details above.

2. Applicability of GDPR

Because we are established in Germany and provide a service to users in the EU/EEA, the EU General Data Protection Regulation (GDPR) applies to our processing of personal data.

3. What Data We Collect

We only collect the data necessary to provide and improve our Service and to keep it secure.

3.1 Account data

When you create an account, we process:

  • Email address (also used as username)
  • Password (stored in hashed form)
  • Birthdate

We use this data to create and manage your account and to verify that you meet our minimum age requirement (16+).

3.2 Usage and technical data

When you use the app or website, we may collect:

  • IP address
  • Device information (e.g. device model, operating system version, language)
  • App version
  • Basic server logs (e.g. date and time of access, request URL, error messages)

This data is collected automatically by our systems and by our crash reporting provider (see section 5).

3.3 Events and external links

In the app, we show links to Persian events that we collect from public sources on the internet. These events are created and hosted by third parties, not by us.

When you open such a link, you leave our Service and the privacy policy of the external website applies.

We do not store personal data specifically about which individual event pages you visited, beyond what may appear in standard technical logs (see 3.2).

3.4 No user-generated content, chat, or media uploads

Our Service currently does not allow:

  • Public posts
  • Comments or replies
  • Private messages or direct messages (DMs)
  • Uploading photos or videos
  • Access to your contacts, camera, or microphone

We also do not ask you to provide sensitive personal data such as health information, religion, or political opinions.

4. Purposes and Legal Bases (GDPR Art. 6)

We process your personal data for the following purposes and on the following legal bases:

4.1 Providing the Service and your account

  • Creating and managing your user account
  • Enabling you to log in and use the app
  • Enforcing our terms and preventing misuse of the Service

Legal basis:
Performance of a contract (Art. 6(1)(b) GDPR)

4.2 Ensuring security and preventing abuse

  • Protecting the Service against attacks and misuse
  • Detecting and fixing technical problems
  • Maintaining service availability and stability

Data involved: IP address, technical logs, device and app info.

Legal basis:
Legitimate interest (Art. 6(1)(f) GDPR)
Our legitimate interest is to operate a secure, stable, and reliable Service.

4.3 Crash reporting and app improvement

We use crash logs and technical data to:

  • Analyse crashes and errors
  • Improve app stability and performance

Legal basis:
Legitimate interest (Art. 6(1)(f) GDPR)
Our legitimate interest is to improve the quality and reliability of our Service. We do not use this data for advertising or behavioural profiling.

4.4 Legal obligations

We may process and store certain data to comply with legal requirements (e.g. tax, accounting, regulatory obligations) or to respond to lawful requests from authorities.

Legal basis:
Legal obligation (Art. 6(1)(c) GDPR)

5. Third-Party Services and Processors

We use third-party providers as processors to help us run the Service. They process personal data on our behalf and under our instructions.

5.1 Hosting – Amazon Web Services (AWS)

We host our backend and database on Amazon Web Services (AWS), with servers located in or around Frankfurt, Germany (EU).

AWS may process:

  • Account data (email, birthdate, hashed password)
  • Technical data and server logs

We have appropriate contractual arrangements with AWS to protect your data.

5.2 Crash reporting – Firebase Crashlytics

We use Firebase Crashlytics, a service provided by Google, for crash reporting. Firebase Crashlytics collects information such as:

  • App version
  • Device model and operating system version
  • Time and context of the crash

This helps us understand and fix bugs. We do not use Firebase Crashlytics for advertising or user profiling.

Because Firebase is provided by Google, using this service may involve processing or transferring data outside the EU/EEA (for example, to the United States). In such cases, Google relies on appropriate safeguards, such as Standard Contractual Clauses (SCCs) and additional technical and organisational measures, to protect your data.

6. International Data Transfers

Our primary storage location is within the EU (AWS in Frankfurt, Germany).

However, when we use services like Firebase Crashlytics, certain data may be processed in countries outside the EU/EEA, including the USA.

In such cases, we rely on:

  • Standard Contractual Clauses (Art. 46 GDPR), and
  • Additional safeguards implemented by the service provider

to ensure an adequate level of data protection.

7. Cookies and Website

Our website doopapps.com may use cookies or similar technologies.

  • We currently only use essential cookies or similar technologies that are necessary for providing the website (e.g. basic functionality, security).
  • We do not use cookies for advertising or for third-party tracking.

If we introduce analytics or additional cookies in the future, we will update this Privacy Policy and, where required, obtain your consent.

8. Retention Periods

We store your personal data only as long as it is necessary for the purposes described in this Policy, or as required by law.

In particular:

  • Account data (email, birthdate, hashed password):
    Stored as long as you maintain an active account. If you delete your account, we will delete or anonymise this data, unless we are obligated to keep certain information for a longer period (e.g. for legal or tax reasons).
  • Technical logs and crash data:
    Stored only as long as needed to ensure security, diagnose problems, and improve the Service. Typically, this will not exceed 12 months, unless a longer period is necessary for security or legal reasons.

Where we need to keep data for longer (e.g. for legal claims), we will restrict its processing to that specific purpose.

9. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights (subject to legal conditions):

  • Right of access (Art. 15 GDPR):
    To obtain confirmation as to whether we process your personal data and to receive a copy of that data.
  • Right to rectification (Art. 16 GDPR):
    To request correction of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”, Art. 17 GDPR):
    To request deletion of your personal data, for example when it is no longer needed for the purposes for which it was collected.
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR):
    To receive the personal data you have provided to us in a structured, commonly used, machine-readable format and to transmit it to another controller, where technically feasible.
  • Right to object (Art. 21 GDPR):
    To object to processing based on our legitimate interests. We will then stop processing your data unless we can demonstrate compelling legitimate grounds.
  • Right to lodge a complaint (Art. 77 GDPR):
    You have the right to lodge a complaint with a supervisory authority, in particular in the EU/EEA member state of your habitual residence, your place of work, or the place of the alleged infringement.

To exercise any of these rights, please contact us at:
📧 [email protected]

10. Account Deletion

You can:

  • Delete your account directly within the app, or
  • Request account deletion by emailing [email protected]

When your account is deleted, we will delete or anonymise your personal data, unless we are legally required to retain certain data for a longer period.

11. Children’s Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16.

If you believe a child has provided personal data to us, please contact us at [email protected], and we will take appropriate steps to delete the data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, for example when we add new features or use new service providers.

We will always indicate the date of the latest update at the top of this page. In case of significant changes, we may also notify you within the app or by email.

Your continued use of the Service after the updated Privacy Policy becomes effective means that you accept the changes.

13. Contact

If you have any questions or concerns about this Privacy Policy or about how we process your personal data, please contact:

DoopApps
Pfaffenweg 13
53227 Bonn
Germany

📧 [email protected]
📞 +49 1573 4850913

Scroll to Top