Last updated: 23.04.2026
Frontroll Development – André Frank
Delstrup 95
48167 Münster
Email: frontroll.development@mail.online-impressum.de
Phone: +4915111057527
The app "Color Star" can be used without registration and without creating a user account. No actively entered personal data is collected. The App does not contain any tracking, analytics, or advertising SDKs.
When using the image import feature, images selected from your device gallery are processed entirely on your device. No image data, metadata, or derivatives are transmitted to any server.
Insofar as personal data is processed, this is done on the following legal bases:
When retrieving image content via our server service (Supabase), technically necessary server log data may be processed:
Retention period: Server log data is stored for a maximum of 30 days and then automatically deleted.
To maintain app stability, anonymous error data may be transmitted to our server when the app encounters a technical problem. This data includes:
This data is fully anonymous — no IP addresses, device identifiers, user accounts, or other personally identifiable information is stored in error records. The data is used exclusively for identifying and fixing technical issues.
Retention period: Error reports are stored for a maximum of 90 days and then deleted.
Data processing agreement: Supabase (Supabase Inc., USA) is used as a data processor pursuant to Art. 28 GDPR. Data processing is governed by a Data Processing Agreement (DPA) concluded with Supabase. The project is hosted on AWS EU infrastructure (Frankfurt, Germany / eu-central-1) — data is processed within the European Union. Supabase uses Amazon Web Services (AWS) EU data centers as infrastructure sub-processor. For more information, see https://supabase.com/privacy.
The App uses third-party libraries and APIs to provide its features (e.g., image rendering, network communication). These libraries are used exclusively for functional purposes – not for tracking, analytics, or advertising.
When using third-party APIs, technically necessary data (e.g., IP address) may be transmitted to the respective service providers. This processing is based on our legitimate interest in providing the App's functionality (Art. 6(1)(f) GDPR).
When downloading the App from the Apple App Store or Google Play Store, personal data is processed by the respective provider (e.g., Apple ID, Google account, payment information). This processing falls under the responsibility of Apple Inc. or Google LLC. The respective privacy policies of those providers apply.
Optional purchases (Pro version) are processed exclusively through Apple In-App Purchase and Google Play Billing. Payment data is not collected, processed, or stored by the developer. Payment data processing is handled solely by the respective app store provider.
Colored and edited pictures are stored exclusively locally on the user's device. When using the image import feature, imported photos and the resulting paintings are also stored exclusively on your device and are never transmitted to any server. This data is deleted when you delete the painting within the App or uninstall the App.
Imported photos may contain embedded metadata (e.g., EXIF data such as GPS location, camera model, date/time). This metadata is stored locally as part of the imported image and is not processed, extracted, or transmitted by the App. When sharing paintings derived from imported photos, the shared image does not include the original photo's metadata.
When users share their creations via the App's sharing feature, images are transmitted to the platform or app chosen by the user (e.g., messaging apps, social media). This transmission occurs at the user's explicit request. The respective privacy policies of the target platform govern any further processing.
This applies equally to paintings created from App-provided templates and from user-imported photos via image import. When sharing a painting derived from an imported photo, only the painted version is shared — the original source photo is not included.
The App is suitable for children. We take the protection of minors seriously.
You have the following rights regarding your personal data:
To exercise your rights, please contact us at frontroll.development@mail.online-impressum.de.
You have the right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data violates the GDPR. The competent supervisory authority for the data controller is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW): https://www.ldi.nrw.de
This privacy policy may be updated as needed. Material changes will be communicated through the App or via other appropriate means. The current version available in the App shall apply.