Legal

Privacy Policy

Last updated: April 2026 · Version 1.3 · momento App · Operated by: Justin Mangelsdorf

The Key Points

momento is a private photo app for closed groups. Your data belongs to you — we do not sell it, we do not track you, and we show no advertising. All user data is stored exclusively on EU servers (region eur3, Belgium). This policy transparently describes what data we collect and why.

Contents

1. Controller

The controller responsible for processing personal data under the GDPR is:

Justin Mangelsdorf
Godewind 6
23570 Lübeck
Germany
Email: support@momento-cloud.net

2. Data We Collect

2.1 Registration & Profile

When registering with email we collect:

2.2 Third-Party Sign-In

You may alternatively sign in via the following providers, which transmit the following data to us:

2.3 Content You Create

2.4 Usage Data

2.5 Payment-Related Data

For paid event upgrades (Premium, VIP, Elite or Public tier) payments are handled depending on platform:

We ourselves do not receive or store any card, bank account or Apple Pay data. After a successful payment we receive only: confirmation (yes/no), amount, timestamp and internal event ID.

2.6 Automatically Collected Technical Data

Firebase automatically collects technical metadata such as IP addresses, device type and operating system for security and service stability. This data is not permanently stored by us.

3. Purpose of Processing

We process your data solely to operate the app:

Legal bases: Art. 6(1)(b) GDPR (contract performance) for core app operation; Art. 6(1)(a) GDPR (consent) for optional features such as push notifications, Spotlight and third-party logins.

4. Storage & Server Location

🇪🇺 EU-Only Storage ✓ GDPR compliant

All momento user data is stored exclusively within the European Union:

Technical security data (logs, IP addresses) may be processed internally by Google Firebase under the EU–US Data Privacy Framework — this falls under Google's sole responsibility as described in their privacy policy.

Retention Periods

5. Sharing with Third Parties

We do not sell data and do not share it for advertising purposes. Data is shared only in these cases:

6. Third-Party Services

Google Firebase

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Privacy policy: policies.google.com/privacy

Apple Sign-In

Apple Distribution International Ltd., Hollyhill Industrial Estate, Cork, Ireland

Optional sign-in method. Apple transmits name and email on first login. You may use Apple's relay email service to keep your real address private.

Privacy policy: apple.com/legal/privacy

Google Sign-In

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Optional sign-in method. Google transmits name, email and profile photo. Privacy policy: policies.google.com/privacy

7. Spotlight Feature

What is Spotlight?

Spotlight is an optional feature that lets you share selected posts from your events beyond the private participant group. Spotlight posts are visible to all your friends in the apps — not just event participants.

Note: Only share content via Spotlight with the consent of all people shown.

8. Payments

Paid event upgrades (Premium, VIP, Elite and Public tiers) are processed by different payment providers depending on your platform.

💳 Stripe — Android & Web

Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin 2, Ireland

Stripe Privacy Policy: stripe.com/privacy

🍎 Apple Pay — iOS & Safari

Apple Distribution International Ltd., Hollyhill Industrial Estate, Cork, Ireland

Apple Pay Privacy Policy: apple.com/legal/privacy

9. Your Rights

Under GDPR you have the following rights regarding your personal data:

To exercise your rights contact: support@momento-cloud.net

Supervisory authority (Germany): Federal Commissioner for Data Protection and Freedom of Information (BfDI)

10. Delete Your Account

How to delete your account

You can permanently delete your account and all associated data at any time:

The following data is irreversibly deleted:

Deletion is immediate in the app and complete within 30 days. Transaction data held by Stripe or Apple is subject to their own retention obligations and is not under our control.

11. Children & Minors

momento is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has created an account, we will delete it immediately and completely.

For users between 13 and 16 we recommend completing registration together with a parent or guardian.

12. Changes

We reserve the right to update this privacy policy when the app, its features or legal requirements change. For material changes we will notify registered users via in-app notification or email. The date of the last update is shown at the top. The current version is always available at /privacy.html.

13. Contact & Complaints

Justin Mangelsdorf
Godewind 6 · 23570 Lübeck · Germany
Email: support@momento-cloud.net

Supervisory authority: Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Husarenstraße 30 · 53117 Bonn · Germany