Privacy Policy

Effective date: 17.01.2026

This Privacy Policy explains how NeonRank  (“Company”, “we”, “us”) collects, uses, and shares information when you use our iOS application NeonRank  (the “App”) and any related services (collectively, the “Services”).

1) Who is responsible (Controller)

For purposes of the EU General Data Protection Regulation (“GDPR”) and other applicable privacy laws, Kevin Müller is the data controller for personal data processed through the Services.​

Contact:
Kevin Müller​
Postheide 23​
33659 Bielefeld​
Deutschland
Email: support@neon-rank.com

If you have questions or want to exercise your privacy rights, contact us at the email address above.

2) What data we collect

We collect the following categories of information:

A. Account and authentication data
When you create an account or sign in, we process identifiers such as email address and/or other authentication identifiers depending on the sign-in method you choose. Authentication is provided using Firebase Authentication (Google).​

B. App data you provide (stored in our database)
We process and store the content you submit in the App (for example, profile data, settings, or other user-generated content you enter), together with a user identifier (such as a Firebase Auth UID). This data is stored using Firebase database services (e.g., Firestore or Realtime Database).​

C. Technical and usage data (service/metadata)
When you use the Services, our service providers may process technical information such as IP address and device/app identifiers to provide and secure the services. Firebase may process and store data globally depending on the service.​

3) How we use data (purposes)

We use personal data to:

• Provide the Services (including sign-in, maintaining your account, and storing your app data).​
• Secure and protect the Services (fraud prevention, abuse detection, access control, and troubleshooting).​
• Comply with legal obligations and enforce our terms where necessary.​

4) Legal bases (GDPR)

Where GDPR applies, we rely on the following legal bases:

• Contract (Art. 6(1)(b) GDPR): to provide core app functions you request (e.g., account creation/login and storing your content).
• Legitimate interests (Art. 6(1)(f) GDPR): to secure, maintain, and improve our Services (e.g., preventing abuse, ensuring reliability), balanced against your rights.​
• Legal obligation (Art. 6(1)(c) GDPR): to meet applicable legal requirements.
• Consent (Art. 6(1)(a) GDPR): only where we explicitly ask for it (for example, optional features), and you can withdraw consent at any time.

5) Sharing of data (processors/service providers)

We do not sell your personal data.

We share personal data with service providers that process data on our behalf, in particular:

• Google Firebase (Authentication and database hosting/operation). Firebase customers generally control the customer data they provide, while Google generally operates as a processor/service provider under relevant privacy laws.​

We may also disclose information if required by law or to protect rights, safety, and security, consistent with applicable legal requirements.

6) International transfers

Firebase may process and store data in countries where Google or its agents maintain facilities, unless a product feature offers region/data-location selection.​
Firebase Authentication is run only from US data centers, which means authentication data is processed in the United States.​
Where required, transfers are intended to rely on recognized transfer mechanisms (such as Standard Contractual Clauses and/or other applicable frameworks used by Google for relevant transfers).​

7) Data retention

We keep personal data only as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

Typical retention approach (customize):

• Account data: retained while your account is active.
• Database content: retained until you delete it or delete your account, unless we must retain it longer for legal reasons.
• Backup/deletion timing: deletion may take time due to technical and legal reasons, including recovery periods and deletion workflows used by providers.​

8) Security

We implement reasonable technical and organizational measures designed to protect personal data. Firebase encrypts data in transit (HTTPS) and provides encryption at rest for core services including Firebase Authentication and Firebase Realtime Database.​
No method of transmission or storage is 100% secure, so absolute security cannot be guaranteed.

9) Your rights (GDPR/EEA/UK/Switzerland)

Depending on where you live, you may have rights to:

• Access your personal data.
• Correct inaccurate data.
• Delete your data.
• Object to or restrict processing.
• Data portability.
• Withdraw consent (where processing is based on consent).

How to exercise rights: contact us at [support@neon-rank.com]. Firebase provides functionality enabling customers to access, rectify, restrict processing, export, and delete customer data in a manner consistent with the service functionality.​

10) Account deletion

You can request deletion of your account and associated data by:

• Using the in-app deletion feature (if available), or
• Emailing us at [support@neon-rank.com].

After deletion, some data may remain for a limited time in backups/logs as required for security, legal compliance, or technical reasons.

11) Children’s privacy

The Services are not directed to children under 13, and we do not knowingly collect personal data from children. If you believe a child provided personal data, contact us and it will be removed.

12) Changes to this policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website and/or within the App with a new “Effective date.”