Loading...
Zurück / Back

Privacy Policy

Last updated: March 2026

1. Data Controller

[FIRMENNAME]
[VOLLSTÄNDIGER NAME]
[STRASSE HAUSNUMMER]
[PLZ ORT]
Email: [E-MAIL-ADRESSE]
Phone: [TELEFONNUMMER]

2. Data We Collect

2.1 Account Data

When you register, we collect your email address and chosen username. Your password is stored exclusively as a cryptographic hash – we never have access to your plaintext password.

2.2 Payment Data

Payment processing is handled by Stripe. We do not store any credit card or bank details on our servers. Stripe processes your payment data in accordance with the Stripe Privacy Policy.

2.3 Usage Statistics (Analytics)

We collect anonymous usage statistics to improve rechoice. No personal data is transmitted to third-party providers or sold.

What is collected: Page views, stories read, choices made, feature usage (e.g. editor actions), aggregated session duration. To distinguish sessions, a randomly generated session ID is stored in your browser's localStorage. This ID is not linked to your account and is not a personal identifier.

Legal basis: Our legitimate interest in improving and securing a functional service (Art. 6(1)(f) GDPR). We do not set any cookies for advertising or tracking purposes.

Retention: Individual events are stored for a maximum of 90 days, after which they are aggregated anonymously or deleted.

Your choice: You can opt out at any time in Account settings → Privacy. We also respect your browser's „Do Not Track" header and automatically disable statistics when it is set. You can remove the stored session ID at any time by clearing your localStorage.

2.4 Email

For transactional emails (e.g., registration confirmation, password reset, purchase confirmations), we use Amazon Web Services Simple Email Service (AWS SES). Processing is carried out under our data processing agreement with AWS.

2.5 Newsletter (optional)

You can voluntarily sign up for our newsletter — either through the footer form (no account required) or via the toggle in your account settings.

Procedure: We use a double opt-in. After signup we send you a confirmation email with a verification link. Your address is only added to the newsletter list once you click that link.

What we store: Your email address, the timestamps of signup and confirmation, and — to prevent abuse — your IP address and browser user-agent at the time of signup.

Legal basis: Your explicit consent (Art. 6(1)(a) GDPR), given by clicking the confirmation link.

Retention: As long as your subscription is active. Unconfirmed signups are automatically deleted after 14 days. After you unsubscribe, we keep the email address only to the extent necessary to document the withdrawal and prevent re-adding the address.

Withdrawal: You can withdraw your consent at any time, either via the unsubscribe link in any newsletter email or — if you have an account — directly in your account settings.

3. Hosting

Our application is hosted on Amazon Web Services (AWS). Data processing takes place in data centers within the EU. AWS processes data in accordance with the AWS Privacy Policy.

4. Cookies and localStorage

We only use technically necessary cookies for authentication. No tracking cookies and no third-party advertising cookies are set.

4.1 Cookies

  • Session cookie (Auth): Keeps you logged in. HttpOnly, 14-day lifetime. Legal basis: strictly necessary for the service (§25(2)(2) TTDSG).
  • Consent cookie (rc-consent, only if consent banner is active): Stores your analytics-tracking decision so we don't ask again. 1-year lifetime.

4.2 localStorage (settings stored in your browser)

This data stays in your browser only. It is not transmitted to our server or to third parties — except where you actively use a cloud-sync feature (e.g. cross-device save states as a Reader Premium feature).

Reader preferences (legal basis: strictly necessary for the display format you chose, §25(2)(2) TTDSG):

  • rc:theme — global color scheme (light, dark, system)
  • rc:reader:prefs — reader preferences (font size, font family, line height, theme, custom colors, background, language)
  • rc:library:view — library view mode (grid/list)

Story progress and bookmarks (essential for continuous use):

  • rc:game:{storyId} — save state per story (variables, inventory, current path)
  • rc:read:{storyId} — reading progress per story
  • rc:bookmarks:{storyId} — bookmarks within a story
  • rc:achievements:{storyId} — achievements earned per story

Editor preferences (only for signed-in authors, essential for the editor):

  • rc:editor:settings — editor preferences (zoom, minimap, snap settings, layout options)
  • rc:demo-project — local demo-project buffer (only for non-signed-in editor users; can be migrated to your account on registration if you choose)
  • rc:editor:history — editor history (undo/redo) during your active session

Analytics (only with your consent, if the consent banner is active):

  • rc:analytics:sid — random session ID for unique-visitor detection. No personal reference, no link to your account, no sharing with third parties. Omitted if you reject or your browser sends a "Do Not Track" signal.

You can delete all of this data at any time by clearing the site storage in your browser (Settings → Privacy → Site data).

5. Third-Party Data Sharing

Personal data is only shared with third parties for payment processing via Stripe. Beyond that, we do not share personal data with any third parties.

6. Data Retention

Account data is stored as long as your account is active. After account deletion, your personal data will be removed within 30 days, unless legal retention obligations apply. Invoices and billing records are retained for 10 years in accordance with German tax law (§ 147 AO).

In case of violations of our Terms of Service, we retain pseudonymized violation data (hashed email/username, type and date of the action) for up to 3 years. This serves to identify repeat offenders and to defend against legal claims (Art. 17(3)(e) GDPR). After account deletion, no direct personal reference remains.

7. Your Rights

You have the right to:

  • Access the data we store about you (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)

To exercise your rights, please contact: [E-MAIL-ADRESSE]

You also have the right to lodge a complaint with a data protection supervisory authority.

8. Contact

For privacy-related questions, please reach out to:
[E-MAIL-ADRESSE]