Privacy Policy
Last updated: April 2026
1. Data Controller
2. Summary
Lokalstamp stores your data locally on your device by default. No mandatory user account, no default cloud sync, no sharing with third parties — except for optional features that you explicitly enable. No advertising IDs, no analytics SDKs, no tracking.
3. Legal Framework
- Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR)
- German Federal Data Protection Act (BDSG), version of 20 November 2019
- Telecommunications Telemedia Data Protection Act (TTDSG), 23 June 2021
- For users outside the EU: the GDPR applies by virtue of the data controller's location in the EU (Art. 3 GDPR)
4. Operating Modes and Data Processing
Lokalstamp has three operating modes, each with a different data scope:
Base Manual time tracking
Full offline functionality without any network communication after activation. Manual clock-in/out, calendar, export (CSV/PDF), 18 languages. No data leaves the device.
Pro GPS automation + projects
On top of Base: automatic time tracking when arriving at or leaving defined locations, trip log, map view, project and report management. GPS data is stored locally on the device only. Reverse geocoding (coordinates → address) via OpenStreetMap Nominatim — see Section 8.
Max Pro + AI assistant "Laiv"
On top of Pro: optional AI-powered assistant. Queries to Laiv are transmitted to U.S.-based services (Anthropic, Cloudflare) — see Section 7. Laiv usage is fully opt-in and can be disabled at any time in settings.
5. Data Categories and Storage Location
| Category | Purpose | Mode | Storage |
|---|---|---|---|
| GPS coordinates | Location-based time tracking | ProMax | Device (SQLite) |
| Time entries | Working time record | all | Device |
| Project data, reports | Project management | ProMax | Device |
| Trips | Trip log | ProMax | Device |
| Reverse geocoding queries | Coordinates → address | ProMax | OSM Nominatim (UK) |
| AI queries | Assistant function | Max (opt-in) | Anthropic/Cloudflare (USA) |
| Entitlement status | License verification | ProMax | Google Play (IE) |
6. System Permissions
| Permission | Purpose | Mode |
|---|---|---|
| Location (precise) | Location-based time tracking | ProMax |
| Location (background) | Automatic arrival/departure detection | Pro (opt-in) |
| Notifications | Optional reminders | all |
| Internet access | For Laiv + Nominatim + Google Play only | ProMax |
| Storage | Local database + export | all |
Base mode requires no internet access and no location permission after setup. The app is fully functional offline in Base mode.
7. International Transfer (USA)
When you activate the optional AI assistant Laiv (Max mode), your queries pass through two U.S.-based service providers:
548 Market St, PMB 90375
San Francisco, CA 94104, USA
101 Townsend St
San Francisco, CA 94107, USA
Cloudflare acts solely as a technical proxy — no content analysis.
Legal bases for the transfer:
- Primary: EU Standard Contractual Clauses (Commission Implementing Decision 2021/914), Art. 46(2)(c) GDPR — concluded with both Anthropic and Cloudflare
- Supplementary: EU-U.S. Data Privacy Framework (adequacy decision of 10 July 2023) — both providers are certified
- Underlying processing: Art. 6(1)(a) GDPR — your explicit consent when activating Laiv
Your consent can be withdrawn at any time by disabling Laiv in the app settings. Withdrawal does not affect the lawfulness of processing prior to the withdrawal.
8. Additional Processors
Reverse geocoding (OpenStreetMap Nominatim)
To convert GPS coordinates into readable addresses, Lokalstamp uses Nominatim (in Pro and Max modes):
St John's Innovation Centre, Cowley Road
Cambridge, CB4 0WS, United Kingdom
Only GPS coordinates are transmitted, no user identifiers or device IDs. The United Kingdom has been recognized as a safe third country by the European Commission adequacy decision of 19 December 2025 (renewal of the 28 June 2021 decision, valid until 27 December 2031). Legal basis: Art. 6(1)(f) GDPR (legitimate interest in functionality).
Payment processing (Google Play Billing)
When you purchase a Pro, Max, or Lifetime license, payment is processed via Google Play:
Gordon House, Barrow Street
Dublin 4, Ireland
Also technical transmission to Google LLC, USA — covered by DPF.
Google receives your Google account ID and transaction data. Lokalstamp only receives an anonymous entitlement status (active/inactive), no payment data. Legal basis: Art. 6(1)(b) GDPR (contract performance).
9. Cookies on lokalstamp.com
The website uses only strictly necessary cookies for session management by the hosting provider Strato (Strato AG, Pascalstraße 10, 10587 Berlin, Germany). No analytics, tracking, or advertising cookies are set. Legal basis: § 25(2)(2) TTDSG (technically necessary).
The Lokalstamp app itself does not use cookies.
10. Retention Period
Local data remains on your device until you delete it yourself (uninstall or manual deletion in the app). Lokalstamp imposes no maximum retention since data does not leave the device.
AI queries are not stored by Lokalstamp. Anthropic's retention policy applies on the provider side (typically 30 days for security logs).
11. Your Rights
Under Art. 15–22 GDPR you have the following rights:
- Access (Art. 15 GDPR) — which data is processed about you
- Rectification (Art. 16 GDPR) — correct inaccurate data
- Erasure (Art. 17 GDPR) — "right to be forgotten"
- Restriction (Art. 18 GDPR) — limit processing
- Data portability (Art. 20 GDPR) — export in machine-readable format
- Objection (Art. 21 GDPR) — object to processing
- Withdrawal (Art. 7(3) GDPR) — withdraw consent at any time
Since most data resides locally on your device, you can exercise most rights directly in the app (export, delete). For inquiries to the data controller: info@lokalstamp.com.
12. Right to Complain
You have the right to lodge a complaint with a data protection supervisory authority. For the data controller the competent authority is:
Kavalleriestraße 2-4
40213 Düsseldorf, Germany
Phone: +49 211 38424-0
Website: www.ldi.nrw.de
Email: poststelle@ldi.nrw.de
EU residents may also lodge a complaint with the supervisory authority in their country of residence.
13. Data Security
Local data is protected by operating system security (Android/iOS sandbox). Network transmissions (for optional features only) use TLS 1.2 or higher. Laiv queries additionally benefit from Cloudflare edge encryption. Technical and organisational measures are implemented per Art. 32 GDPR.
14. Changes to This Policy
This privacy policy may be updated for technical or legal reasons. The current version is always available at lokalstamp.com/privacy/en. Material changes are announced in the app.