Skip to content

Privacy Policy

Last Updated: March 18, 2026

Daniel Sticker ("we", "us", "our") operates the SaaS Starter service (the "Service") as a personal project. This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection law.

I. Information We Collect.

When you create an account, we collect your name, email address, and authentication provider (such as Google or GitHub). When you use the Service, we collect usage data including pages visited, features used, and interactions with the Service through analytics. When you use the support chat, we collect the messages and any attachments you send.

II. How We Use Your Information.

We use your information to provide and maintain your account, send transactional emails (such as verification, password reset, and support replies), send occasional service-related communications, and improve the Service through anonymized analytics. We do not sell, share, or rent your personal data to third parties for marketing purposes.

We process your data on the following legal bases under the GDPR: contract performance (Art. 6(1)(b)) to provide your account and the Service, legitimate interest (Art. 6(1)(f)) to improve the Service and ensure security, and consent (Art. 6(1)(a)) where explicitly given, for example for optional communications.

IV. Third-Party Processors.

We use the following GDPR-compliant third-party services to operate the Service: Convex (EU, Ireland) for database and backend infrastructure, Vercel (Edge, Frankfurt, Germany) for hosting and deployment, Resend for transactional email delivery, and PostHog for product analytics. Each of these processors maintains appropriate technical and organizational measures to protect your personal data.

V. Cookies.

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies. No consent banner is required as these cookies are strictly necessary for the operation of the Service.

VI. Data Retention.

We retain your personal data for as long as your account is active. When you delete your account, your personal data is removed. Some data may be retained in anonymized form for analytics or as required by applicable law.

VII. Your Rights.

Under the GDPR, you have the right to access your personal data (Art. 15), rectify inaccurate data (Art. 16), request deletion of your data (Art. 17), restrict processing (Art. 18), data portability (Art. 20), and object to processing (Art. 21). To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint with a supervisory authority.

VIII. Changes to This Policy.

We may update this Privacy Policy from time to time. If we do this, we will post the changes on this page and will indicate the date these terms were last revised. Your continued use of the Service after the date any such changes become effective constitutes your acceptance of the updated Privacy Policy.

Questions?

For privacy-related questions or to exercise your rights, please contact us at .