Back to Home

Privacy Policy

Last updated: November 20, 2025

This Privacy Policy explains how BookmarkManager.com (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our website, browser extensions, and mobile apps (collectively the “Service”).

1. Data Controller

Kevin Schmidt
Zugmantelstr. 34B
65510 Idstein
Germany
Email: contact@bookmarkmanager.com

2. Data We Collect

2.1. Account Information

When you create an account, we may collect:

  • Email address
  • Name or display name (for example from Google or Apple)
  • Authentication metadata provided by Firebase Auth
  • Hashed password if you register with email and password

2.2. User Content

When you use the Service, we process the data you store in it, including:

  • Bookmarks (URLs, titles, descriptions)
  • Tags
  • Notes and other organizational metadata

This data is used only to provide and improve the Service and to allow you to organize and search your bookmarks.

2.3. Technical Data

When you access the Service, certain technical data is collected automatically, for example:

  • IP address (which may be anonymized or truncated, depending on the tool)
  • Browser type and version
  • Operating system and device information
  • Server logs (such as request URLs, timestamps, and error logs)

2.4. Cookies, Local Storage, and Analytics

The Service may use:

  • Functional cookies or local storage to maintain sessions and UI preferences
  • Plausible Analytics, a privacy-friendly, cookieless analytics tool

Plausible Analytics operates without cookies and does not collect personal data in a way that identifies you directly. It uses aggregated, anonymous statistics to help us understand usage of the Service.

No marketing tracking pixels (for example Meta, Google Ads, LinkedIn, or similar) are used.

3. How We Use Your Data

We use your data for the following purposes:

  • To provide, operate, and maintain the Service
  • To authenticate you and manage your account
  • To store and sync your bookmarks and related data across devices
  • To ensure the security and integrity of the Service
  • To analyze aggregated usage patterns to improve the Service
  • To process payments and manage subscriptions via Paddle

We do not sell your personal data.

4. Legal Bases for Processing (EU/EEA)

If you are located in the EU/EEA, we rely on the following legal bases for processing your personal data:

  • Contract: Processing necessary to provide the Service and fulfill our agreement with you (for example account creation, login, storage of your bookmarks).
  • Legitimate interests: Processing for security, fraud prevention, improvement of the Service, and aggregated analytics, where our interests are not overridden by your rights.
  • Legal obligation: Processing necessary to comply with legal obligations, such as tax or accounting obligations related to payments via Paddle.

5. Third-Party Services

5.1. Google Cloud

We use Google Cloud for hosting, data storage, and server logs. Data may be stored in data centers located in the United States.

5.2. Firebase Auth

Firebase Auth is used for authentication, including login, account creation, and password resets. Firebase processes your email and authentication-related data to provide this functionality.

5.3. Paddle

Paddle is used for payment processing and subscription management. When you subscribe to a paid plan, Paddle collects and processes payment details, billing address, transaction information, and any required tax information. Paddle retains this data as required for accounting and legal compliance.

5.4. Plausible Analytics

Plausible provides aggregated, anonymous web analytics without the use of cookies and without storing identifiable personal data. It helps us understand overall usage of the Service.

5.5. Optional Integrations

If you choose to connect external integration services (for example automation tools such as Zapier or Make.com), data is shared with these services only according to your configuration. Their processing of your data is governed by their own privacy policies.

6. Data Retention

We retain data only for as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law.

  • Account and User Content: retained for as long as your account is active. If you delete your account, we will delete or anonymize your personal data, subject to technical and legal constraints.
  • System logs: typically retained for up to 90 days, unless needed longer for security or legal reasons.
  • Backups: retained for up to 30 days before being overwritten or deleted.
  • Analytics data (via Plausible): kept in aggregated and non-identifiable form.

7. Data Transfers

Because we use services such as Google Cloud and Firebase, your data may be processed in countries outside the EU/EEA, including the United States. Where required, we rely on appropriate safeguards for such transfers, such as standard contractual clauses or similar mechanisms provided by the relevant service providers.

8. Your Rights (EU/EEA)

If you are located in the EU/EEA, you have the following rights regarding your personal data, subject to applicable law:

  • Right of access: request a copy of the personal data we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion of your personal data, subject to legal retention obligations.
  • Right to restriction of processing: request that we limit processing of your data in certain circumstances.
  • Right to data portability: request a copy of your data in a structured, commonly used, machine-readable format.
  • Right to object: object to certain processing based on legitimate interests.

You can exercise your rights by contacting us at contact@bookmarkmanager.com. You also have the right to lodge a complaint with a supervisory authority.

9. Security

We take appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS) and at rest (for example via Google Cloud’s encryption mechanisms). Access to personal data is limited to authorized individuals who need it to operate and improve the Service.

10. Children

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe that a child has provided us with personal data, please contact us so that we can take appropriate action.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Last updated” date at the top of this page. If changes are material, we may provide additional notice through the Service or by email.

Back to Home