Privacy Policy for PDFreflow

Last updated: 2026-04-14

1. Controller

Mark Eggenstein
Alemannenstr. 96
79117 Freiburg im Breisgau
Germany
Email: privacy.policy.reader@eggnstone.com

(hereinafter "we", "us", or "our")

2. Overview

PDFreflow ("the App") is a PDF reader application. We take the protection of your personal data seriously and process it in accordance with the EU General Data Protection Regulation (GDPR/DSGVO), the ePrivacy Directive, and applicable national data protection laws.

3. Data We Collect

3.1 Data Stored Locally on Your Device

The App stores the following data exclusively on your device. This data is never transmitted to us or any third party:

• Your reading preferences (font size, brightness, text scale, dark mode, color palette)
• Your reading position in opened books
• PDF files you open with the App
• A local cache of processed book data

This local data processing is necessary for the App to function and does not require consent under GDPR, as no personal data leaves your device.

3.2 Crash Reports (Firebase Crashlytics)

We collect crash reports via Google Firebase Crashlytics to maintain app stability. This is enabled by default and can be turned off in Settings. This includes:

• Crash traces and stack traces
• Device model and manufacturer
• Operating system and version
• App version
• Available RAM and disk space
• Firebase Installation ID (pseudonymous device identifier)
• A pseudonymous app-install identifier (random UUID) that we generate on first launch and store locally on your device. It is used solely to correlate multiple crash reports from the same install. The identifier may persist across uninstall/reinstall if your device's operating system restores app data from its own backup service (Android Auto Backup via Google Drive, or iCloud/iTunes backup on iOS); we have no access to those backups. Clearing the App's storage removes it.
• Timestamp of the crash

Purpose: Identifying and fixing bugs to improve app stability.
Legal basis: Legitimate interest in maintaining a functioning, stable app (Art. 6(1)(f) GDPR). You may object at any time by disabling crash reports in Settings.
Data processor: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data may be transferred to the USA under the EU-US Data Privacy Framework. See Google's privacy policy.
Retention: Crash data is retained for 90 days in Firebase, after which it is automatically deleted.

3.3 Usage Analytics (Firebase Analytics)

Only with your explicit consent, we collect anonymous usage data via Google Firebase Analytics. This includes:

• Screens visited within the App
• Features used and interaction events
• Session duration
• Device model, OS version, and language setting
• Firebase Installation ID (pseudonymous device identifier)
• The same pseudonymous app-install identifier described in Section 3.2, used to attribute events to the same install

Purpose: Understanding how the App is used to prioritize improvements.
Legal basis: Your consent (Art. 6(1)(a) GDPR).
Data processor: Google Ireland Limited (see above). Same transfer mechanism applies.
Retention: Event-level data is retained for 2 months; aggregated reporting data is retained for 14 months. You can request earlier deletion by contacting us.

3.4 Subscription and Purchase Processing (RevenueCat)

If you purchase a subscription or in-app product, we use RevenueCat to manage and validate your purchase. The following data is processed:

• An anonymous RevenueCat App User ID (pseudonymous identifier; not linked to your name or email)
• Purchase and subscription status, product identifiers, transaction history
• Platform (iOS/Android), country, app version, and device type
• The store transaction receipt provided by Apple App Store or Google Play

We do not receive your payment details (credit card, bank account). Payment is handled exclusively by Apple or Google.

Purpose: Processing purchases, validating receipts, granting and restoring entitlements, preventing fraud.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
Data processor: RevenueCat, Inc., 633 Taraval St #100, San Francisco, CA 94116, USA. Data is transferred to the USA on the basis of the EU-US Data Privacy Framework and Standard Contractual Clauses. See RevenueCat's privacy policy.
Retention: For the duration of your subscription and as long as required by tax and accounting law (typically up to 10 years for transaction records).

3.5 PDF Uploads for Error Reports

If you encounter a rendering mistake or other error and choose to upload a PDF to us via the App's report function, we receive and store that PDF for the purpose of diagnosing and fixing the issue. This is entirely voluntary and only happens when you actively trigger an upload.

• The uploaded PDF and any accompanying error context (app version, device model, the page or section where the issue occurred)
• An optional message you provide describing the problem

Visibility: Uploaded PDFs are accessible only to us. They are not shared, published, or made visible to other users or third parties.
Purpose: Reproducing and fixing rendering bugs and other defects you report.
Legal basis: Your consent (Art. 6(1)(a) GDPR), given by initiating the upload.
Important: Please do not upload PDFs containing sensitive personal data, confidential information, or material whose copyright does not permit you to share it. By uploading, you confirm that you are entitled to share the file with us for debugging purposes.
Retention: Uploaded PDFs are deleted once the related issue has been resolved, and in any case no later than 12 months after upload. You may request earlier deletion at any time by contacting us.

4. Data We Do NOT Collect

• We do not collect or transmit the content of your PDF files, except for files you voluntarily upload via the error report function (see Section 3.5).
• We do not receive your payment details — purchases are handled by Apple App Store or Google Play (see Section 3.4).
• We do not use advertising IDs or serve ads.
• We do not sell, rent, or share your personal data with third parties for their own purposes.
• We do not create user profiles for advertising or marketing purposes.

5. Consent and Opt-In

On first launch, the App presents a consent dialog. Crash reporting (Firebase Crashlytics) is enabled by default on the basis of legitimate interest and can be turned off. Usage analytics (Firebase Analytics) requires your explicit opt-in and is not enabled until you actively allow it. You may:

• Grant or deny consent for each service independently
• Change your consent at any time in the App's Settings screen
• Withdrawing consent stops future data collection but does not affect the lawfulness of data processed before withdrawal

6. Your Rights Under GDPR

You have the right to:

• Access (Art. 15 GDPR) — request a copy of any personal data we hold about you
• Rectification (Art. 16 GDPR) — correct inaccurate data
• Erasure (Art. 17 GDPR) — request deletion of your data ("right to be forgotten")
• Restrict processing (Art. 18 GDPR) — limit how we process your data
• Data portability (Art. 20 GDPR) — receive your data in a structured, machine-readable format
• Object (Art. 21 GDPR) — object to processing based on legitimate interest
• Withdraw consent (Art. 7(3) GDPR) — withdraw consent at any time without affecting lawfulness of prior processing
• Lodge a complaint with your local data protection authority (Art. 77 GDPR)

To exercise any of these rights, contact us at privacy.policy.reader@eggnstone.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

• All data transmitted to Firebase is encrypted in transit (TLS)
• Local data is stored in the App's sandboxed storage, protected by your device's OS security
• We limit data collection to what is strictly necessary for the stated purposes

8. Children's Privacy

The App is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by displaying a notice within the App. The "Last updated" date at the top indicates the most recent revision.

10. Contact

If you have questions about this Privacy Policy or our data practices, please contact:

Mark Eggenstein
Alemannenstr. 96
79117 Freiburg im Breisgau
Germany

Supervisory authority:
If you are unsatisfied with our response, you may lodge a complaint with
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
https://www.baden-wuerttemberg.datenschutz.de
or any EU/EEA data protection authority.