AliveGuard
Legal

Privacy Policy

Last updated: June 18, 2026 · Applies to the AliveGuard app and this website.

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

Gunnar Polte
Glasbläserhöfe 22
21035 Hamburg
Deutschland / Germany

Email: support@aliveguard.app
Website: https://aliveguard.app

2. General Information on Data Processing

We process personal data only to the extent necessary to provide a functional app and our services. Processing is based on a legal basis or, where required, on the user's explicit consent.

3. Data Processed in the App

3.1 Account & Registration

Using AliveGuard requires creating an account. We collect the following data:

  • Email address
  • Self-chosen password (stored encrypted)
  • Optional display name

Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

3.2 Trusted Contacts

Users can add trusted contacts who will be notified in an emergency. We process the following data:

  • Contact person's name
  • Phone number (for SMS notifications)
  • Contact person's email address

Whenever a trusted contact is added or updated, they automatically receive a confirmation email informing them that their details are stored in AliveGuard. The email includes an opt-out link allowing them to withdraw their consent at any time.

Legal basis: Art. 6(1)(a) GDPR (consent) and Art. 6(1)(b) GDPR.

3.3 Check-in Data

AliveGuard records when a user last confirmed a check-in. This timestamp serves exclusively the core function of the app – detecting whether a user has not checked in within a defined period.

No movement profiles or location data are collected.

Legal basis: Art. 6(1)(b) GDPR.

3.4 Notifications

In an emergency, trusted contacts are notified via SMS and/or email. We use the following third-party providers:

  • Twilio Inc. (SMS delivery) – 101 Spear Street, Suite 500, San Francisco, CA 94105, USA. Twilio is certified under the EU–US Data Privacy Framework. – Twilio Privacy Policy
  • Twilio SendGrid (email delivery) – same address as Twilio. – SendGrid Privacy Policy
  • Google Firebase Cloud Messaging (FCM) (push notifications to the user's device) – Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To deliver push notifications, a device-specific FCM token is transmitted to our server and stored there. – Firebase Privacy Policy

We have entered into data processing agreements (DPA) with these providers pursuant to Art. 28 GDPR. Data transfers to the USA are based on EU Standard Contractual Clauses (SCCs).

Legal basis: Art. 6(1)(b) GDPR.

3.5 Anonymous Device ID

To limit monthly usage (abuse prevention), an anonymous device ID (UUID) is generated on first launch and stored in the device's secure Keychain. This ID survives app reinstallation so that the monthly quota remains tied to the device.

  • The device ID is a randomly generated string with no connection to your identity.
  • It is stored on our server solely for quota management (maximum alerts per month).
  • It is not shared with advertising networks or other third parties.
  • It can be permanently removed by deleting your account within the app.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in abuse prevention).

4. Data Collected on this Website

4.1 Server Log Files

When you visit this website, technical access data is automatically stored in server log files, including:

  • IP address of the requesting device
  • Date and time of access
  • URL accessed
  • Browser type and version
  • Operating system
  • HTTP status code

This data is technically necessary for operating the website and is not merged with any other data sources. Retention period: 7 days.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure operation).

4.2 Contact by Email

If you contact us by email, we process your email address and the contents of your message in order to handle your enquiry.

Legal basis: Art. 6(1)(f) GDPR.

5. Retention Periods

We retain personal data only for as long as necessary for the purposes described or as required by law. Following deletion of your account, all personal data will be permanently erased within 30 days, unless statutory retention obligations apply.

6. Your Rights

With respect to your personal data, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, please contact us at: support@aliveguard.app

7. Data Security

We implement appropriate technical and organisational measures to protect your data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. All connections between the app, server, and website are encrypted in transit (TLS/HTTPS). Passwords are stored exclusively as hashed values (bcrypt).

8. No Automated Decision-Making

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

9. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in legal requirements or our services. The current version is always available on this page.

10. Contact

For any questions about data protection, please reach out to us at: support@aliveguard.app

Back to home