Privacy Policy

Minimal Data Collection - Only What's Essential

  • We collect only essential data: emails, stories, media, and technical logs
  • Stories, images, and audio files stored only to provide app functionality
  • All servers located in the European Union
  • 100% GDPR compliant data handling

Last updated: September 15, 2025

Introduction

Wizzy ("we," "our," or "us") is committed to protecting your privacy with minimal data collection. We only collect email addresses, your created stories and media content, and technical data (crash reports and logs) that are essential for providing and improving our service. This Privacy Policy explains what data we collect, how we use it, and how we protect it. Our servers are exclusively located in the EU and we are fully GDPR compliant.

What Data We Collect

We Collect Only Essential Data:

  • Email Addresses: For account management, communication, and service updates
  • Stories and Media: Stories, images, and audio files you create within the app
  • Crash Reports: Technical data about app crashes to identify and fix bugs
  • System Logs: Technical logs for debugging and improving app performance

We DO NOT Collect:

  • Names or personal identifiers (beyond email)
  • Phone numbers or physical addresses
  • IP addresses or precise location data
  • Device fingerprints or unique identifiers
  • Cookies or tracking pixels for advertising
  • Usage analytics or detailed behavior data
  • Voice recordings or personal content
  • Social media profiles or third-party account data

How We Use Your Data

  • Email addresses: Account authentication, service notifications, and customer support
  • Stories and media: Storing your created stories, images, and audio files to provide the app service
  • Crash reports: Identifying and fixing technical issues to improve app stability
  • System logs: Performance monitoring and troubleshooting technical problems

All data collection is limited to what's essential for providing and improving our service.

How Your Data is Protected

We implement strong security measures to protect the limited data we collect:

  • Encryption: All data is encrypted in transit and at rest
  • Access Control: Strict access controls limit who can view your data
  • Data Minimization: We only collect and retain what's absolutely necessary
  • EU Servers: All data stored exclusively within European Union borders
  • Regular Audits: Security practices reviewed regularly by third parties
  • No Advertising: Your data is never sold or used for advertising

Your minimal data footprint means reduced privacy risk.

EU-Based Infrastructure & GDPR Excellence

All servers exclusively in the European Union

  • Primary servers: Frankfurt, Germany
  • Secondary servers: Amsterdam, Netherlands
  • Zero data transfers outside the EU
  • Full GDPR compliance by design
  • Regular audits by EU-certified security firms
  • End-to-end encryption for all connections

The Ultimate Security: No Data to Protect

Traditional security focuses on protecting stored data. We've eliminated the risk entirely:

  • No databases = No data breaches possible
  • No user data = No privacy violations possible
  • No storage = No compliance violations possible
  • No tracking = Complete user anonymity

Third-Party Services

We explicitly AVOID:

  • NO Google Analytics or any analytics
  • NO Facebook Pixel or tracking
  • NO advertising networks
  • NO data brokers
  • NO cloud storage of user data

Limited third-party interactions:

  • AI models process requests without data retention
  • All services are GDPR compliant
  • No personal data ever leaves our EU servers

Children's Privacy

Our App is designed to be family-friendly and may be used by children with parental supervision. We do not knowingly collect email addresses from children under 13 without verifiable parental consent. If you are a parent or guardian and believe that your child has provided us with an email address without your consent, please contact us immediately at hello@reactor.studio.

Our minimal data collection approach means there is very little personal information at risk. Crash reports and logs contain only technical data, not personal information.

Your Rights Under GDPR

You have full GDPR rights over your data:

  • Right to Access: Request a copy of your data (email and any stored logs)
  • Right to Rectification: Correct any inaccurate data we hold
  • Right to Erasure: Request deletion of your account and all associated data
  • Right to Restrict: Limit how we process your data
  • Right to Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing for legitimate interests

Contact us at hello@reactor.studio to exercise any of these rights. We will respond within 30 days as required by GDPR.

Data Sharing and Disclosure

We protect what little data we have.

Our minimal data collection means:

  • No selling: Your data is never sold to advertisers or third parties
  • No unnecessary sharing: Data only shared when legally required or with your consent
  • Legal compliance: We comply with valid legal requests within GDPR framework
  • Breach notification: Any security incidents reported within 72 hours
  • Data retention: Email addresses retained only while account is active
  • Technical data: Crash reports and logs automatically purged after analysis

Minimal data collection significantly reduces what could be at risk.

No International Data Transfers

🇪🇺 100% EU-Based Processing

  • All servers permanently in the EU
  • No data ever leaves European borders
  • No reliance on international data treaties
  • No Privacy Shield dependencies
  • Complete EU data sovereignty

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • By email: hello@reactor.studio
  • Through the in-app support feature
  • By visiting our website contact form

California Privacy Rights

California residents have rights under CCPA regarding their personal information. Since we only collect email addresses and technical data (crash reports and logs), your CCPA rights are easily exercised. You can request to know what data we have, delete your account and all associated data, or opt-out of any sales (though we never sell data). Contact hello@reactor.studio to exercise these rights.

European Privacy Rights (GDPR)

We meet GDPR through privacy-focused minimal data collection:

  • Privacy by design and default (minimal necessary data only)
  • Lawful basis established for all data processing
  • Regular Privacy Impact Assessments conducted
  • Full compliance with all GDPR requirements
  • Data Protection Officer available for complex matters
  • Transparent data practices with clear user rights

Our EU-based, minimal data infrastructure prioritizes your privacy while maintaining service quality.