Privacy Policy

Last updated: February 8, 2026

1. Information on the processing of personal data

This privacy notice explains the nature, scope and purposes of processing personal data within the application (the “App”). Personal data means any information relating to an identified or identifiable natural person.

2. Controller for data processing

The controller for data processing regarding this App within the meaning of the General Data Protection Regulation (GDPR) is:

Luna Schnepf
c/o Impressumservice Dein-Impressum
Stettiner Straße 41
35410 Hungen
Germany
Email: info@matchflicks.app

The controller for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

3. Security of processing

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. Communication between the App and the server is TLS‑encrypted (HTTPS).

4. Sign‑in and authentication

Use of the App requires sign‑in via email code (magic code) or optionally via Google/Apple (OAuth). In the context of OAuth, we receive from the respective provider the basic data required for sign‑in (e.g., email address, display name). No further profile data is used.

5. Categories of data processed

We process in particular the following categories of data:

  • Email address
  • Display name
  • Content preferences (likes/dislikes, provider selection)
  • Group memberships
  • Basic usage data (e.g., login time)

We do not process special categories of personal data or device identifiers such as IMEI/IMSI.

6. Purposes of processing

Data are processed for the following purposes:

  • Provision, operation and improvement of the App
  • Personalization of recommendations
  • Provision of group features
  • Communication with users
  • Support and error analysis

7. Legal bases

Processing is based in particular on:

  • Art. 6(1)(b) GDPR (performance of the user contract)
  • Art. 6(1)(f) GDPR (legitimate interests in a secure and functional App)
  • Art. 6(1)(a) GDPR (consent for optional features)

8. Recipients and third parties

No personal data are disclosed to TMDB; TMDB is used solely as a content source without personal reference. Possible recipients of personal data are limited to Google/Apple (when using OAuth). Emails are sent via our own infrastructure (no third‑party provider).

9. Retention

Account data are retained until the account is deleted. Email codes are stored for approximately 10 minutes. Local cache data remain until manually cleared in the App.

10. Rights of data subjects

You have the rights set out in Art. 15–21 GDPR (access, rectification, erasure, restriction of processing, data portability, objection), the right to withdraw consent (Art. 7(3) GDPR) and the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). You may object to processing based on legitimate interests on grounds relating to your particular situation.

11. Cookies and tracking

No cookies and no tracking services for advertising purposes are used.

© 2026 MatchFlicks. All rights reserved.