Last updated: 08.06.2025
Felix Mennen
Ostlandring 59, 31303 Burgdorf, Germany
E‑mail: felix@xz3.dev
This policy explains how the K9 AI mobile application (“App”), the associated backend services and the website k9ai.xz3.dev process personal data when you:
It addresses the European General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act (“BDSG”). If you access the App from outside the EEA, local mandatory laws may also apply.
| Category | Data points | Purpose | Legal basis | Retention* |
|---|---|---|---|---|
| Account data | Google/Apple user‑ID, e‑mail address, name (if provided), authentication tokens | Create & secure your account, synchronise subscriptions, allow password‑free login | contract; legitimate interest (security) | Until account deletion |
| Profile & preferences | Dog’s name, breed, age, training goals, language, notification settings | Personalise training content & AI responses | contract | Until account deletion; dog profile can be edited/deleted at any time |
| AI Content | Text, photos, videos you voluntarily submit to the chat | Provide AI‑generated answers and training plans | contract; explicit consent for sensitive data (e.g. images with people) | Until account deletion |
| Usage & device data | IP address, device model, OS version, app version, crash logs | Ensure service delivery, prevent abuse, debug & improve | legitimate interest (app stability & security) | 90 days (logs) |
| Analytics & event data | Screen views, feature clicks, funnel events | Understand feature adoption & improve UX via PostHog | consent | 12 months or until consent withdrawal |
| Marketing / newsletter (opt‑in) | E‑mail address, open & click rates | Send product news & offers | consent | Until you unsubscribe |
| Support & feedback | Messages, screenshots, contact details | Respond to your request, reproduce bugs | contract | Until ticket closed + 6 months |
*Back‑ups may persist for up to 4 weeks longer; data will not be restored except for disaster recovery.
| Processor | Service | Location of processing |
|---|---|---|
| Hetzner Online GmbH | Server hosting, file storage | Germany |
| Google Ireland Ltd. | Google Sign‑In, Google Cloud AI (“Gemini”) | EU datacentres; may replicate to US |
| Apple Distribution International Ltd. | Sign in with Apple | EU; may replicate to US |
| OpenAI Ireland Operations, Ltd. | AI processing (ChatGPT, embeddings, moderation) | US |
| PostHog Inc. (EU Cloud) | Product analytics | EU |
| Revenuecat | Subscription Management | EU; may replicate to US |
K9 AI is designed to store and process your personal data inside the European Economic Area (EEA) wherever technically feasible. In a few situations—such as when we employ specialised AI models or receive 24/7 infrastructure support—data may need to travel to countries outside the EEA ("third countries"). When that happens we apply layered safeguards so that your data enjoys protection that is essentially equivalent to EU standards (Art. 44 et seq. GDPR).
The mobile App stores only essential tokens in the device’s secure storage. The marketing website uses:
You can revoke consent at any time in the App settings or by clearing cookies.
K9 AI generates personalised dog‑training advice using large language models (LLMs). The output is not legally binding, and no fully automated decisions with legal or similarly significant effect are made (Art. 22 GDPR). Human support is available via felix@xz3.dev.
K9 AI is not intended for children under 18. We do not knowingly process such data. Parents who believe their child has provided data should contact us for deletion.
We may update this notice to reflect changes in law or the App. Material changes will be announced at least 14 days in advance via in‑app notice or e‑mail (if we have your address). The version date at the top will change accordingly.
Questions? Reach us at felix@xz3.dev or by post at the address in (1). We aim to reply within 72 hours.