LocalizeASO Logo LocalizeASO

Privacy Policy

Last updated: February 11, 2026

We take data protection seriously and process personal data in accordance with the GDPR.

1. Data Controller

Wotaso GmbH
Bostonring 5
71686 Remseck am Neckar
Germany
Email: [email protected]

Represented by the Managing Director: Lucas Damian Orzan
Registered office: Remseck am Neckar
Commercial Register: HRB 801744
Register Court: District Court of Stuttgart
VAT ID: DE457485481

2. What Data We Collect

Account Data

  • Name (if provided)
  • Email address
  • Account ID

Service Data

  • App metadata you enter or generate
  • Locale settings
  • Keyword data
  • Usage actions in the dashboard

Technical Data

  • IP address (temporarily in server logs)
  • Device/browser information

Error Monitoring

We use Sentry to detect and fix errors. This may include technical data and error context.

3. Payment Data

Payments are handled by our payment provider. We do not store full payment details.

4. How We Use Data

We process data to:

  • Provide and operate the Service
  • Authenticate users
  • Store metadata drafts
  • Communicate with users
  • Improve stability and performance
  • Ensure security

Legal basis: contract performance (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f)).

5. Web Analytics (Marketing Website)

We use a self-hosted web analytics solution (Plausible) to understand how visitors use our website and to measure the effectiveness of marketing campaigns.

Data processed:

  • Page views
  • Referrer URL
  • Device type (generalized)
  • Country (derived from anonymized IP)
  • UTM parameters (if provided)

We do not:

  • Use third-party tracking cookies
  • Track users across websites
  • Create behavioral advertising profiles
  • Store full IP addresses

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in improving our website and measuring marketing effectiveness).

6. Product Analytics (Authenticated Users)

Within our authenticated dashboard and plugin, we use self-hosted Plausible analytics with custom events and custom properties to understand feature usage and improve product quality.

Data processed:

  • Feature usage events
  • Generalized technical metadata (browser/device category)
  • Initial acquisition properties (UTM/referrer/path, if available)

We do not process:

  • Email addresses
  • Names
  • Content created within the product
  • Uploaded files or design data

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in product improvement and system security).

Users can opt out of product analytics at any time in account settings.

7. Hosting & Subprocessors

Provider Purpose Location
Supabase Database & authentication Germany
Hetzner Backend hosting Germany
Plausible (self-hosted) Web + product analytics (cookieless) EU
Sentry Error monitoring May process data in EU/US

8. Data Retention

We retain account data as long as your account exists. You may request deletion at any time.

Analytics data is automatically deleted after 12 months unless a shorter period is required by law.

9. Security

We use encryption, access controls, and secure infrastructure to protect data.

10. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Correct data
  • Delete data
  • Restrict processing
  • Data portability
  • Lodge a complaint with a supervisory authority

11. Data Transfers

Our analytics stack is self-hosted in the EU. No data is shared with third-party advertising providers.

12. Opt-Out

Authenticated users can disable product analytics in account settings. Website visitors can block analytics through browser settings.

13. Changes

We may update this policy.

14. Contact

Email: [email protected]