The following information provides a simple overview of what happens to your personal data when you visit this website and use the CrossVocab application. Personal data is any data that can be used to personally identify you.
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the "Information about the responsible party" section of this privacy policy.
How do we collect your data?
Your data is collected when you provide it to us (e.g., during registration). Other data is automatically collected or collected with your consent by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access).
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior (with your consent).
This website and the CrossVocab application are hosted by external service providers (hosters). The personal data collected on this website is stored on the hosters' servers.
Hosting Services Used:
The use of these hosters is for the purpose of contract fulfillment with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
The responsible party for data processing on this website is:
David Schwab
Draisstraße 24
79106 Freiburg
Germany
Email: info@crossvo.cab
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
Unless a specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate deletion request or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data.
We use tools from companies based in the USA or other third countries that are not secure under data protection law. When these tools are active, your personal data may be transferred to and processed in these third countries. We point out that no level of data protection comparable to the EU can be guaranteed in these countries.
For data transfers to the USA, the EU-U.S. Data Privacy Framework exists, which ensures an adequate level of data protection for certified companies.
After the beta phase ends, you have the following options regarding your data:
You have the following rights regarding your personal data:
Our website uses so-called "cookies". Cookies are small data packages and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device.
Technically Necessary Cookies:
We use technically necessary cookies to make our website functional. These cookies are essential for the operation of the site. The legal basis is Art. 6(1)(f) GDPR (legitimate interest).
| Cookie | Purpose | Storage Duration |
|---|---|---|
| __clerk_* | Authentication and session management (Clerk) | Session / varies |
| cookie_consent | Storage of your cookie preferences | 1 year |
Analytics Cookies (only with your consent):
Analytics cookies are only set if you have consented to them in our cookie banner. The legal basis is Art. 6(1)(a) GDPR (consent).
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR.
You can register on this website to use additional functions. The data entered is used only for the purpose of using the respective offer or service for which you have registered.
Data Collected During Registration:
Additional Usage Data Collected:
The processing of data entered during registration is based on your consent (Art. 6(1)(a) GDPR) and for the performance of a contract (Art. 6(1)(b) GDPR). You can revoke any consent you have given at any time.
The data collected during registration will be stored by us as long as you are registered on this website and will be deleted afterwards. Statutory retention periods remain unaffected.
During the beta phase of CrossVocab, we may collect the following anonymized information in addition to the data mentioned above:
Legal basis: The collection of this additional beta data is based on our legitimate interest in improving and stabilizing the service (Art. 6(1)(f) GDPR). This data is collected anonymously and cannot be traced back to you personally.
Storage duration: The additional anonymized data collected during the beta phase will be deleted or permanently anonymized after evaluation or at the latest when the beta phase ends.
For future payment processing after the beta phase, we use Clerk's integrated payment service (Clerk Billing). The provider is Clerk, Inc., 149 New Montgomery St, 4th Floor, San Francisco, CA 94105, USA.
The following data is transmitted to Clerk during payment processing:
Processing is based on Art. 6(1)(b) GDPR (contract performance). We do not store any complete payment data ourselves.
Further information can be found in Clerk's privacy policy: https://clerk.com/legal/privacy
This website uses PostHog for user behavior analysis. The provider is PostHog, Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA.
We use PostHog's EU hosting option, so your data is processed on servers in the European Union.
PostHog collects with your consent:
The use of PostHog is only with your consent based on Art. 6(1)(a) GDPR. You can revoke your consent at any time via the cookie settings.
Further information: https://posthog.com/privacy
We use Sentry for error detection and resolution. The provider is Functional Software, Inc. dba Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA.
We use Sentry's EU hosting option, so your data is processed on servers in the European Union.
When an error occurs, the following data is collected:
Use is based on our legitimate interest in the technical error-free operation and optimization of our application (Art. 6(1)(f) GDPR).
Further information: https://sentry.io/privacy/
We use Resend for sending transactional emails (e.g., registration confirmation, password reset). The provider is Resend, Inc., 2261 Market Street #4170, San Francisco, CA 94114, USA.
The following data is processed during use:
Processing is based on Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interest in communicating with our users).
Further information: https://resend.com/legal/privacy-policy
We employ technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security measures are continuously improved in line with technological developments.
Data transmission is encrypted via HTTPS. Passwords are stored using modern hash algorithms.
This privacy policy is currently valid as of January 2026.
Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this privacy policy. The current privacy policy can be accessed at any time on the website at https://crossvo.cab/privacy.html.
Last updated: January 2026