Privacy Policy for the App "Question5"

1. Controller

Appgineering GbR
Hauptstraße 22
38173 Dettum
Germany
Email: info@question5.com
Represented by: Kevin Neitola, Simon Großmann, Nick Thissen

2. General Information

We take data protection seriously. The use of our app “Question5” does not require direct entry of personal data, except during registration. Registration is required and takes place via third-party providers (Apple, Google) or email/password using secure authentication.

We process data in accordance with the provisions of the General Data Protection Regulation (GDPR).

3. Registration and Authentication

To use the app, users must register via one of the following methods:

• Email and password
• Apple Sign-In
• Google Sign-In

These authentication services are provided by the respective third parties. Their privacy policies apply:

• Apple Privacy
• Google Privacy

We do not store passwords or sensitive authentication data on our servers.

4. Hosting and Backend

We use Supabase as our backend provider, hosted in Frankfurt, Germany (EU). Supabase stores registration data (e.g., email addresses) and gameplay-related data like progress or scores.

More info: https://supabase.com/privacy

5. Analytics and Usage Data

We use analytics provided by Apple App Store Connect only (e.g., crash reports, usage statistics). These are anonymized and cannot be used to identify individuals.

6. Advertising

In the free version of the app, ads are displayed using Google AdMob. Google may collect pseudonymous usage data (e.g., device info) for ad delivery.

More info: https://policies.google.com/technologies/ads

7. Data Disclosure

We do not share your personal data with third parties unless legally required or necessary for performance of a contract (e.g., Apple in-app purchases).

8. In-App Purchases

All purchases (e.g., premium subscriptions) are processed exclusively through the Apple App Store. Apple's privacy policy applies.

9. Your Rights Under GDPR

You have the following rights:

• Access to your data (Art. 15 GDPR)
• Correction of inaccurate data (Art. 16 GDPR)
• Erasure (“right to be forgotten”) (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection to data processing (Art. 21 GDPR)
• Lodging a complaint with a supervisory authority (Art. 77 GDPR)

10. Contact

For privacy-related questions, please contact:
info@question5.com

---

Last updated: April 2025