Privacy Policy (Christmas Countdown)

Zur deutschen Version, a la versión en español

# Privacy Policy — AdventTotal (Christmas Countdown)

**Last updated:** publication date, May 11, 2026

—

## 1. Controller

The controller responsible under the EU General Data Protection Regulation (GDPR) is:

Marco Bosse — HIVVEN

Ahornring 69

15749 Mittenwalde

Germany

Email: support@hivven.com

Web: <https://www.hivven.com/>

—

## 2. Overview and Principle of Data Minimisation

AdventTotal (“Christmas Countdown”) is a mobile application that displays a countdown to an event chosen by the user, accompanied by background images, animated figures, a snowfall effect, and a small music library.

The app is designed with data minimisation in mind:

– It performs **no analytics** of user behaviour.

– It uses **no tracking, advertising, or profiling services**.

– It transmits **personal data only when** the user actively triggers transmission (e.g. by submitting feedback).

This Privacy Policy describes which data are processed under which circumstances, and what rights users have as data subjects.

—

## 3. Data Stored Locally on the Device

The app stores the following data exclusively on the user’s device, using the system mechanisms `SharedPreferences` and the application-private file directory:

– Settings such as target event, target date and time, time zone, selected background image, selected figure, display options, language, and theme.

– Position and scale of the animated figure on the background.

– Snowfall settings (enabled/disabled, intensity).

– List of downloaded music tracks and tracks marked as “liked”.

– Music player state (current track, repeat and shuffle options, volume).

– Downloaded music files (MP3) in the application-private file directory.

– Internal state of the rating prompt (e.g. number of active usage days).

These data do not leave the device. They are deleted in full when the app is uninstalled.

—

## 4. Server-Side Data Processing When Retrieving Content

The app retrieves certain content from our server `hivven.com`:

– List of available music tracks (playlist)

– Individual music files on user request (manual download)

– List of “idea” suggestions for the event name

When this content is retrieved, the following technically unavoidable data are processed by the web server at the moment of the HTTP request:

– IP address of the accessing device

– Date and time of the request

– User-Agent (HTTP client identifier, app version, operating system)

– Requested URL and amount of data transferred

– HTTP status code of the response

**Storage by the controller:** The generation of own log files is disabled in our web server configuration. The request data listed above are processed only transiently to answer the individual request and are not persisted in any permanent log files. No own access statistics are kept.

**Processing by the hosting provider:** For reasons of system security and abuse prevention, the hosting provider may keep short-term technical records at the provider level which are outside of our configuration. Such processing is the responsibility of the hosting provider and is governed by its own privacy policy: <https://all-inkl.com/datenschutzinformationen/>.

**Purpose:** Delivering the requested content, ensuring uninterrupted operation, detecting and preventing abusive access.

**Legal basis:** Art. 6(1)(f) GDPR (legitimate interest in the technical functionality of content delivery).

**Hosting provider (processor):** ALL-INKL.COM – Neue Medien Münnich, owner René Münnich, Hauptstrasse 68, 02742 Friedersdorf, Germany. The server infrastructure is operated exclusively in data centres located in Dresden, Germany; no processing takes place outside the Federal Republic of Germany. A data processing agreement (DPA) under Art. 28 GDPR is in place with the hosting provider.

—

## 5. Submission of User Feedback

If users actively open the in-app feedback dialog and submit data, the following information is transmitted to our server `hivven.com` and forwarded exclusively by email to our internal processing address. The data are not stored in a database.

### 5.1 Negative Review Feedback

Offered after the user selects “Not really” in the in-app rating dialog. The following are transmitted:

– the free-text message entered by the user (max. 500 characters)

– a short device description (e.g. “Android 14 (Pixel 7)”)

– the app version

– timestamp of submission

### 5.2 General Bug or Feature Feedback

Triggered via the feedback section of the app. The following are transmitted:

– type of request (bug or feature)

– the free-text description entered by the user

– optionally: an email address voluntarily provided by the user if a response is requested

– system information (manufacturer, model, OS version, SDK level, app version and build number)

– timestamp of submission

**Purpose:** Handling the request, fixing bugs, improving the app.

**Legal basis:** Art. 6(1)(f) GDPR (legitimate interest in handling user requests and improving our own product). Where a user voluntarily provides an email address for response, additionally Art. 6(1)(a) GDPR (consent to contact).

**Storage period:** Content received by email is retained in the controller’s mailbox until the request has been processed in full, but no longer than six months after receipt. After this period, data are deleted unless statutory retention obligations apply.

—

## 6. In-App Rating

The app uses the official “In-App Review” API by Google Play (on Android) and the equivalent Apple StoreKit API (where available on iOS). After the user actively confirms in a preliminary in-app dialog, the platform’s own rating dialog is presented.

We receive **no personal data** through this process. Any rating submitted is processed by the respective app store; the privacy policies of Google and Apple apply exclusively to that processing.

—

## 7. Share Function

When the share function is activated, the app locally generates a screenshot of the countdown view (with embedded date stamp and HIVVEN watermark) and hands it over to the system’s own sharing menu. The choice of recipient app is made by the user. The temporary image file is automatically deleted from the device after 60 seconds.

We receive no information about the recipients or the apps through which content is shared.

—

## 8. No Analytics or Tracking Services

The app uses **none** of the following services:

– No Firebase Analytics, no Google Analytics, no comparable analytics tool

– No Crashlytics or comparable crash reporting

– No advertising networks and no advertising identifiers (IDFA, AAID)

– No third-party SDKs for user analytics or profiling

– No cookies

– No cross-app tracking

There is **no** transfer of personal data to entities located in third countries (outside the EU/EEA). The servers used for retrieving content are also located exclusively in Germany.

—

## 9. App Permissions

On Android, the app requests the following permissions, which are used exclusively for the purposes stated:

– `INTERNET`: retrieving music and content lists from hivven.com and submitting user feedback (only when actively triggered by the user).

– `WAKE_LOCK`, `SCHEDULE_EXACT_ALARM`, `RECEIVE_BOOT_COMPLETED`, `SET_ALARM`: updating the home-screen widget.

In particular, **no** permissions for location, contacts, photos, microphone, or camera are requested.

—

## 10. Rights of Data Subjects

To the extent that personal data are processed, you have the following rights:

– **Right of access** (Art. 15 GDPR) regarding the data stored about you.

– **Right to rectification** (Art. 16 GDPR) of inaccurate data.

– **Right to erasure** (Art. 17 GDPR), where no retention obligations apply.

– **Right to restriction of processing** (Art. 18 GDPR).

– **Right to data portability** (Art. 20 GDPR), where applicable.

– **Right to object** to processing based on legitimate interests (Art. 21 GDPR).

– **Right to withdraw consent** with effect for the future (Art. 7(3) GDPR).

To exercise these rights, an informal message to the contact address given in Section 1 is sufficient.

—

## 11. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data infringes the GDPR.

The competent supervisory authority for us is:

Die Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht Brandenburg, Stahnsdorfer Damm 77, 14532 Kleinmachnow, Germany”

—

## 12. Changes to This Privacy Policy

This Privacy Policy will be updated as necessary to reflect changes in legal or functional circumstances. The current version is always available at:

<https://www.hivven.com/christmas-countdown/privacy/>

The version applicable at the time of use of the app is the binding one.

This Privacy Policy applies exclusively to the **AdventTotal — Christmas Countdown** mobile application, developed by Marco Bosse (HIVVEN).