FastStats
0
Legal

Privacy
Policy

This Privacy Policy explains how TheNextLvl Productions collects, uses, and protects personal data when you use faststats.dev.

Last updated: 24 December 2025

1. Controller Information
Data Controller
TheNextLvl Productions
Sole proprietorship
Location
Germany, Baden-Württemberg
Contact
Email: [email protected]
Imprint
Further legal and contact information is available via the Imprint.
2. Scope of This Policy

This Privacy Policy applies to:

  • The faststats.dev website
  • The logged-in application and dashboard
  • Publicly accessible views of unrestricted applications

It does not apply to third-party websites or services linked from faststats.dev.

3. Data We Collect
3.1 Account Data

When you create an account, we collect:

  • Email address
  • Username
  • Password (stored only in encrypted/hashed form)
3.2 Usage and Analytics Data

We use PostHog Cloud (EU region) to analyze usage of the Service. Through PostHog, we process:

  • Device and browser information
  • Usage events (e.g. page views, feature usage)
  • Session recordings
  • Identified user behavior linked to an account

Important clarifications:

  • We do not store or access IP addresses
  • We do not collect advertising identifiers
  • We do not sell or share data for advertising purposes
3.3 User-Submitted Service Data

Users submit application data to faststats.dev server-to-server, not via client-side user input. This data is processed solely to provide the Service.

4. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential service functionality
  • Analytics and product improvement (via PostHog)
Cookie Consent
  • For unauthenticated users, analytics cookies are optional
  • For authenticated users, certain cookies are required for the Service to function
  • A cookie consent banner is provided where required by law
5. Purposes and Legal Bases of Processing

We process personal data for the following purposes:

PurposeLegal Basis (GDPR)
Account creation and authenticationArt. 6(1)(b) GDPR (contract)
Providing and operating the ServiceArt. 6(1)(b) GDPR
Analytics and product improvementArt. 6(1)(a) GDPR (consent) and/or Art. 6(1)(f) GDPR (legitimate interest)
Security and abuse preventionArt. 6(1)(f) GDPR
Legal complianceArt. 6(1)(c) GDPR
6. Data Sharing and Sub-Processors

We do not sell personal data and do not share it for advertising purposes.

We use the following sub-processors to operate the Service:

  • PostHog Cloud (EU) – analytics, session recordings, error tracking
  • Cloudflare – hosting, security, and content delivery
  • Railway – application hosting
  • Emailthing (Cloudflare Workers-based) – transactional email delivery

All processing currently takes place within the European Union (Amsterdam region).

7. International Data Transfers

At present, personal data is processed exclusively within the European Union. If this changes in the future, we will ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, including legal, accounting, or technical requirements.

You may delete your account at any time, which will result in the deletion of associated personal data unless retention is legally required.

9. User Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Request deletion of your personal data
  • Restrict or object to processing
  • Data portability
How to Exercise Your Rights
  • Account data access and deletion can be managed directly in the account settings
  • Username and email address can be corrected in the settings
  • Additional requests may be submitted via [email protected]

You also have the right to lodge a complaint with a supervisory authority.

10. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encrypted password storage
  • Access controls
  • Secure infrastructure and hosting providers

No system can guarantee absolute security, but we take data protection seriously.

11. Children's Privacy

The Service is not specifically intended for children. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date will be revised accordingly.

If changes are significant, we will notify users via:

  • The website
  • Email
  • Our Discord server
13. Contact

If you have any questions or concerns about this Privacy Policy or data processing, please contact:

[email protected]

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.