Privacy Policy

Last updated: April 15, 2026

1. Controller

This service is operated by Jan Baumbach (“we”, “us”). Full legal entity details (address, registration, VAT) will be published here before commercial launch. Until then, contact: see Section 8.

2. Scope

This policy describes how Rabauke — The Voice of Garmin (“Rabauke”) processes personal data when you use our websites, mobile companion apps, watch integrations, and related services.

3. Data we collect

• Account & billing: email, subscription status, and payment-related metadata processed by our payment provider (Stripe). We do not store full card numbers on our servers.
• App & watch usage: technical logs, device identifiers, crash diagnostics, and operational metrics needed to run and secure the service.
• Voice & prompts: audio or text you submit may be sent to AI providers to generate responses (see Third parties).
• API keys you provide: if you supply your own provider keys, those are used solely to fulfill your requests according to your settings.

4. Purposes & legal bases (GDPR)

• Contract / pre-contract: providing Rabauke, processing subscriptions, support (Art. 6(1)(b) GDPR).
• Legitimate interests: security, abuse prevention, product improvement, analytics where proportionate (Art. 6(1)(f) GDPR).
• Consent: where required for optional analytics or marketing communications (Art. 6(1)(a) GDPR).
• Legal obligation: tax, accounting, and regulatory duties (Art. 6(1)(c) GDPR).

5. Third-party services

Depending on your configuration, data may be processed by:

• Google Gemini API: prompts and related context may be transmitted to Google for model inference. Governed by Google’s terms and privacy policy.
• Firebase (Google): authentication, configuration, analytics, or crash reporting as enabled in the product.
• Stripe: payment processing, invoices, and fraud prevention.

These providers may act as processors or independent controllers for their own services. We select configurations that minimize data exposure where feasible.

6. Retention

We retain personal data only as long as necessary for the purposes above, including legal retention periods. Technical logs are rotated on a short cycle unless needed for security investigations. Subscription records are kept as required for tax and contract law.

7. International transfers

Providers may process data in the EU, UK, US, or other regions. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

8. Your rights

Where GDPR applies, you may have the right to access, rectification, erasure, restriction, portability, objection, and to withdraw consent. You may lodge a complaint with a supervisory authority. To exercise rights, contact us using the details below.

9. Security

We implement technical and organizational measures appropriate to the risk, including encryption in transit, access controls, and least-privilege operations. No method of transmission or storage is 100% secure.

10. Children

Rabauke is not directed at children under 16. We do not knowingly collect their personal data.

11. Changes

We may update this policy. The “Last updated” date will change materially; continued use after changes constitutes acceptance where permitted by law.

12. Contact

Jan Baumbach — placeholder contact: privacy@rabauke.albatrossen.de (replace with production inbox).