Privacy Policy
Datenschutzerklärung
Last updated: April 2026
1. Controller
The controller responsible for data processing on this website is:
Martin Betz
[Address]
Germany
Email: hello@findmysexy.com
2. What Data We Collect and Why
Account and authentication
When you create an account, we store your email address to authenticate you via passwordless magic links. We also store your practice progress (which days you have completed, reflections you choose to write, and streak data). Legal basis: contract performance (Art. 6(1)(b) GDPR).
Waitlist
If you join the waitlist, we store your email address and your optional answer to the "what do you need" question. We use this to notify you when membership opens. Legal basis: consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time by emailing us.
Payments
Payments are processed by Lemon Squeezy (Lemon Squeezy, LLC), who acts as Merchant of Record. We do not store your payment card details. Lemon Squeezy's privacy policy applies to payment data. Legal basis: contract performance (Art. 6(1)(b) GDPR).
Transactional emails
We send magic link sign-in emails and account-related notifications via Resend (Resend, Inc., USA). Your email address is transmitted to Resend for delivery purposes only. Legal basis: contract performance (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f) GDPR).
Website analytics
We use Google Analytics 4 (Google LLC, USA) to understand how visitors use our website. Google Analytics collects anonymised data including pages visited, time on site, and approximate location. IP addresses are anonymised before storage. Legal basis: legitimate interest (Art. 6(1)(f) GDPR). You can opt out using the Google Analytics opt-out browser add-on.
3. Third-Party Services
| Service | Purpose | Location |
|---|---|---|
| Vercel | Website hosting and deployment | USA (EU edge nodes) |
| Turso / libSQL | Database hosting | USA (AWS eu-west-1) |
| Resend | Transactional email delivery | USA |
| Lemon Squeezy | Payment processing (Merchant of Record) | USA |
| Google Analytics 4 | Website usage analytics | USA |
Where data is transferred to the USA, this is based on Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR, or the EU-US Data Privacy Framework where applicable.
4. Cookies
We use the following cookies:
- Session cookie — keeps you signed in during your visit. Strictly necessary, no consent required.
- next-auth.session-token — authentication session token. Strictly necessary.
- _ga, _ga_* — Google Analytics cookies used to distinguish users and track sessions. Analytics purposes; processed under legitimate interest.
5. Data Retention
- Account data — retained for the duration of your subscription plus 2 years, unless you request earlier deletion.
- Practice data and reflections — retained while your account is active. Deleted on account deletion.
- Waitlist entries — retained until you request removal or until 12 months after launch, whichever comes first.
- Analytics data — Google Analytics data is retained for 14 months (GA4 default).
6. Your Rights
Under the GDPR, you have the following rights:
- Access — request a copy of the personal data we hold about you.
- Rectification — request correction of inaccurate data.
- Erasure — request deletion of your data ("right to be forgotten").
- Portability — request your data in a machine-readable format.
- Objection — object to processing based on legitimate interest.
- Restriction — request restriction of processing in certain circumstances.
- Withdraw consent — where processing is based on consent, withdraw it at any time.
To exercise any of these rights, email hello@findmysexy.com. We will respond within 30 days.
7. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority. In Germany, the competent authority is the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI).
8. Changes to This Policy
We may update this privacy policy from time to time. The current version is always available at findmysexy.com/privacy. Material changes will be communicated by email.