Privacy Policy
As of: February 12, 2026
1. Data Controller
Responsible for data processing on this website:
Niklas Bretz
Cartesiusstraße 48 R
89075 Ulm, Germany
Email: niklas.bretz01@gmail.com
Phone: +4915567138522
The contact details correspond to the information provided in the Legal Notice.
2. Hosting (Static Web App)
This website is operated as a static web app. The frontend is currently delivered via GitHub Pages (GitHub, Inc.). Technically required connection data is processed to deliver the website.
3. Server Log Files
The hosting provider automatically collects server log files on every request (e.g., IP address, browser type/version, date/time of request, referrer, requested resource). Processing is carried out to ensure security, stability, and protection against misuse/DDoS attacks.
4. Local Storage in the Browser (Local Storage / IndexedDB)
Silent Sand stores settings, garden saves, reminder status, streak information, and local game states in your device browser (Local Storage and IndexedDB). This data is generally not transmitted to our server and remains local on your device unless you use a network feature you actively trigger.
5. Google and Firebase Services
For features such as leaderboard, push reminders, and sign-in, Google/Firebase services are used (e.g., Cloud Functions and Google OAuth). When signing in with Google, profile information such as Google ID, name, email address, and profile picture may be processed.
If data is transferred to third countries (especially the USA), this is done on the basis of appropriate safeguards, in particular standard contractual clauses (SCCs) pursuant to Art. 46 GDPR.
If Firebase Authentication is used, the required account data (e.g., email and profile information) is processed for authentication and account assignment.
6. Payment Processing (Stripe)
Stripe may be used for payment processing. The provider in the EEA is Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. The legal basis is Art. 6(1)(b) GDPR (performance of a contract or steps prior to entering into a contract).
Payment data, in particular credit card data, is processed directly by Stripe and is not stored on our server. Stripe may use technically necessary cookies for fraud prevention and session management.
7. Other Recipients / Third-Party Providers
Additional service providers may be integrated for usage analysis and feature delivery, in particular: Google Analytics/Google Tag (audience measurement), Google Sign-In, and Cloudinary (uploading shared screenshots). Processing is carried out only to the extent required in each case.
8. Cookies
This website uses technically necessary browser storage mechanisms and integrated third parties may set cookies. This includes, in particular, cookies for security, session management, and fraud prevention (e.g., with Stripe), and where applicable for analytics or authentication functions.
9. Legal Bases
Personal data is processed depending on purpose on the basis of Art. 6(1)(b) GDPR (performance of a contract), Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation), and where required, on the basis of your consent (Art. 6(1)(a) GDPR).
10. Data Subject Rights under GDPR
You have, in particular, the following rights:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure / "right to be forgotten" (Art. 17 GDPR)
- Right to data portability (Art. 20 GDPR)
To exercise your rights, please contact us at: niklas.bretz01@gmail.com