Privacy Policy

1. Data Controller

Rafael Alexander
Email: events@rafaelalex.de

2. Collection and Processing of Personal Data

We collect and process personal data only to the extent necessary to provide our services.

2.1 During Registration

• Name
• Email address
• Password (stored encrypted)

2.2 When Using as a Guest

• Name (voluntary)
• Email address (optional, for reminders)
• RSVP status

2.3 Social Login

When signing in via Google or Facebook, we receive: name, email address, and profile picture URL. We do not store access tokens permanently.

3. Cookies

We only use technically necessary cookies (session cookie, CSRF token, guest token for recognition).

4. Data Sharing

Personal data is not shared with third parties unless necessary for providing our services (e.g., email delivery via Resend).

5. Data Deletion

Registered users can delete their account and all associated data at any time. Event data is permanently removed 90 days after deletion.

6. Your Rights

You have the right to access, correct, delete, and restrict the processing of your data. Contact us at events@rafaelalex.de.

7. Web Analytics (Rybbit Analytics)

This application uses Rybbit Analytics, a privacy-friendly web analytics service. Rybbit is completely cookieless and GDPR-compliant. No personal data is collected and no cookies are set. The analysis is fully anonymized without tracking individual users.

According to § 25 TDDDG (Telecommunications Digital Services Data Protection Act), no consent is required for this type of analysis.

Legal basis: Art. 6 (1) lit. f GDPR (Legitimate interest in analyzing user behavior to optimize the application). More information: rybbit.com

8. Hosting

This website is hosted in the EU. Data transmission is encrypted via HTTPS.