1. Controller (who we are)
The controller responsible for data processing within the meaning of Art. 4(7) GDPR (DSGVO) is Orhan Olgar, Tellstr 9, 12045 Berlin, Germany (see Impressum). Contact: hi@healmen.app. This policy explains what data we collect, why, on what legal basis, and how it is protected.
2. Data we collect
We collect only what is necessary to run the service:
- Account data: email address and optional display name, used for login and personalisation.
- Progress data: lessons completed, streak, assessment results — stored to track your growth inside the app.
- Journal & reflection entries: private to you. We do not read, sell, or analyse these.
- Payment data: handled entirely by Stripe. We never see or store card numbers.
3. How we use your data
- To provide and improve the HealMen service.
- To send transactional emails (password reset, subscription receipts).
- We do not send marketing emails without explicit consent.
- We do not sell, share, or trade your data with third parties.
4. Legal bases for processing
We process personal data on the following legal bases under Art. 6(1) GDPR:
- Art. 6(1)(b) — performance of a contract: creating and operating your account, providing lessons and the AI scan feature, processing your subscription and payments.
- Art. 6(1)(f) — legitimate interests: ensuring the security and stability of the service, preventing abuse and fraud, and basic, privacy-friendly analytics. Our legitimate interest is to operate and protect a functioning service.
- Art. 6(1)(a) — consent: non-essential cookies and detailed analytics (Google Analytics in its non-anonymous mode). You give consent via our cookie banner and may withdraw it at any time with effect for the future.
- Art. 6(1)(c) — legal obligation: retention of billing and tax records as required by German law.
5. Processors & third-party services
We use carefully selected service providers who process data on our behalf under data processing agreements (Art. 28 GDPR):
- Stripe (payment processing): Stripe Payments Europe, Ltd. (Ireland) and Stripe, Inc. (USA). Processes your payment and billing data to handle subscriptions. Transfers to the USA are safeguarded by the EU Standard Contractual Clauses (SCC) and Stripe’s EU–US Data Privacy Framework (DPF) certification.
- Resend (transactional email): Resend (USA). Sends service emails such as password resets and subscription receipts. Receives your email address. Transfers to the USA are safeguarded by the EU Standard Contractual Clauses (SCC).
- Anthropic (in-app AI “scan” feature): Anthropic PBC (USA). When you use the optional scan feature, the image you submit (e.g. of nails, skin or eyes) is sent to Anthropic’s Claude API for analysis and the result is returned to you. Transfers to the USA are safeguarded by the EU Standard Contractual Clauses (SCC). Do not upload images you are not comfortable processing; the feature is optional.
- Hosting provider (VPS): our application and database are hosted on a virtual private server located in the EU. The hosting provider processes the data needed to operate the servers (e.g. server log data).
- Google Analytics 4 (analytics): Google Ireland Ltd. / Google LLC (USA). Used for website usage statistics — see section 8. Transfers to the USA are safeguarded by the EU Standard Contractual Clauses (SCC) and Google’s EU–US Data Privacy Framework (DPF) certification.
International transfers: some of the providers above are located in the USA. Where data is transferred outside the EU/EEA, we rely on the EU Standard Contractual Clauses and, where applicable, the providers’ EU–US Data Privacy Framework certification as an appropriate safeguard under Art. 46 GDPR. You may request a copy of these safeguards from us.
6. Retention periods
- Account & progress data: kept for as long as your account is active. When you delete your account, this data is deleted without undue delay, unless a longer retention period is required by law.
- Billing & tax records: retained for the statutory retention periods under German law (generally up to 10 years under § 147 AO / § 257 HGB), even after account deletion.
- Scan images: processed transiently to generate your result and not stored by us beyond what is needed to return the analysis.
- Analytics data: retained according to our Google Analytics configuration (data retention set in GA), after which it is automatically deleted or aggregated.
- Server log data: kept only as long as necessary for security and then deleted or anonymised.
7. Data storage & security
Your account and progress data are stored on servers located in the EU. We use industry-standard encryption (HTTPS/TLS) for all data in transit. Passwords are hashed with bcrypt and never stored in plain text.
8. Your rights (GDPR / DSGVO)
Under the GDPR you have the right to:
- Access (Art. 15) — obtain confirmation and a copy of the personal data we hold about you.
- Rectification (Art. 16) — correct inaccurate or incomplete data.
- Erasure (Art. 17) — request deletion of your account and all associated data.
- Restriction (Art. 18) — request that we restrict processing in certain cases.
- Data portability (Art. 20) — receive your data in a structured, commonly used, machine-readable format.
- Objection (Art. 21) — object to processing based on our legitimate interests (Art. 6(1)(f)).
- Withdraw consent (Art. 7(3)) — withdraw any consent you have given, at any time, with effect for the future.
To exercise any of these rights, email hi@healmen.app.
Right to complain: you also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority competent for us is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit). You may also contact the supervisory authority of your habitual residence.
9. Cookies & Analytics
We use the following cookies and similar technologies:
- Session cookie: required for login (set by NextAuth). Strictly necessary — no consent needed.
- Language preference: remembers your chosen language. Strictly necessary.
- Google Analytics (GA4): we use Google Analytics to understand how the site is used (page views, traffic sources). GA4 loads only after you accept via our consent banner — if you decline, or have not yet made a choice, no Google Analytics scripts or cookies are loaded at all. You can withdraw consent at any time by clearing your browser storage or contacting us.
No advertising cookies. No data is sold or shared with advertisers. You can withdraw your cookie consent at any time by clearing your browser storage or contacting us.