Privacy

Last updated: July 2026

1. Controller and contact

The controller responsible for personal data processed through Reorganicer is the provider identified in the imprint. Privacy requests can be submitted through the contact page.

2. Scope

This privacy notice applies to the Reorganicer web application and any Android app made available from it. Reorganicer organizes projects, workflows, sessions, events, locations and materials. It is not intended as an employee-monitoring system.

3. Data we process

Depending on how the service is used, we process:

  • account data such as email address, display name, password hash, account status and creation time;
  • optional profile data such as an uploaded avatar image;
  • project and organization data such as project name, members, roles and invitations;
  • content data such as workflows, sessions, times, breaks, notes, locations, addresses, materials and quantities;
  • calendar data such as titles, descriptions, time periods, locations, status, attendees and private events;
  • evidence and security data such as acceptance time, accepted terms version and IP address;
  • technical usage data needed for operation, troubleshooting, security and basic audience measurement.

4. Purposes and legal bases

We process data to provide and secure the service, administer accounts, enable project collaboration, organize events and sessions, communicate with users, troubleshoot errors and prevent abuse. The applicable legal bases include Article 6(1)(b) GDPR for performing the service agreement, Article 6(1)(f) GDPR for our legitimate interest in secure and reliable operation, and Article 6(1)(c) GDPR where processing is required by law. Where processing relies on consent, Article 6(1)(a) GDPR applies and consent may be withdrawn for the future.

5. Visibility within a project

Project members can see project, event and session information shared for collaboration. Private events are restricted according to the visibility settings selected in Reorganicer. Users should add personal information only where it is necessary for the relevant organizational purpose.

6. Recipients and processors

Data is disclosed only to service providers required for hosting, database operation, email delivery, backups or technical monitoring. Where required, these providers act under data-processing agreements. We do not sell personal data or disclose it for advertising purposes.

7. Cookies and local storage

Reorganicer uses technologies that are technically necessary for sign-in, session protection, language preferences and security. The protected application cannot operate reliably without them. We do not use advertising cookies or tracking cookies that create marketing profiles.

8. Retention

Accounts and associated content are generally retained while the service is used. Data is deleted when it is no longer needed for the stated purposes or after a valid deletion request. Legal evidence, limitation or retention obligations may require limited further storage. Security and operational logs are retained only as long as needed for operation, troubleshooting and abuse prevention.

9. Account and data deletion

An account can be removed at any time through Delete account. This deletes the profile, avatar, personal sessions, created events, invitations, attendance records and account-linked evidence. If the person is the project's only member, the complete project, including its locations, materials and events, is deleted. If other members remain and the deleted person was the last project coordinator, the oldest remaining account receives the coordinator role so shared project data does not become inaccessible.

10. International transfers

If a service provider processes data outside the EU or EEA, the transfer takes place only where legally permitted, including on the basis of an adequacy decision, appropriate safeguards or EU Standard Contractual Clauses.

11. Individual rights

Subject to applicable law, individuals may request access, correction, deletion, restriction, portability or object to processing. Consent may be withdrawn at any time for future processing. Individuals also have the right to lodge a complaint with a competent data-protection authority.

12. Security

Reorganicer uses appropriate technical and organizational safeguards, including encrypted transport, hashed passwords, access controls, confirmed email addresses, login rate limits and technical logging. Security concerns can be reported through the security page. Notifications required by law depend on the nature and severity of the incident. No internet service can guarantee absolute security.

13. Children and changes

Reorganicer is not directed specifically at children. We may update this notice when features, service providers or legal requirements change. The current version and its update date will remain available on this page.