Data Protection
Privacy Policy
Joint privacy policy for the website www.maikstrings.com and all Android apps listed below.
§ Privacy Policy
Joint privacy policy for the websites www.maikstrings.com, www.maikstrings.de and www.maikstrings.es and all Android apps listed in the table below.
1. Introduction and Scope
Thank you for your interest in our website and apps. The protection of your personal data is very important to us. The processing of your data is carried out in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the Digital Services Act (DDG), and the Telecommunications-Digital Services Data Protection Act (TDDDG).
This privacy policy applies to:
- our websites www.maikstrings.com, www.maikstrings.de and www.maikstrings.es including all subpages
- our mobile app "Ad Earnings Service & More" (
com.maikstrings.admob_service) - our music apps Capodaster Sheet Pro, Chord Circle, Chord of a Circle Pro, Circle of Fifths Auto, Circle of a fifth Pro and Circle of fifths +
| App Name | Package ID | Category |
|---|---|---|
| Ad Earnings Service & More | com.maikstrings.admob_service | Reporting Tool |
| Capodaster Sheet Pro | com.maikstrings.Capo_transpose | Music Tool |
| Chord Circle | com.maikstrings.Circle_of_Fifths | Music Tool |
| Chord of a Circle Pro | com.maikstrings.chord_circle_pro | Music Tool (Pro) |
| Circle of Fifths Auto | com.maikstrings.circle_of_fifths_auto | Music Tool |
| Circle of a fifth Pro | com.maikstrings.maikstringsadfree | Music Tool (ad-free) |
| Circle of fifths + | com.maikstrings.maikstrings | Music Tool |
2. Controller
Maikstrings
3. Data Protection Officer
A data protection officer has not been appointed because the legal requirements (§ 38 BDSG) are not met. For data protection questions, please contact the controller listed above.
4. Competent Supervisory Authority
State Commissioner for Data Protection of Lower Saxony
5. Definitions
This privacy policy uses the official terms of the GDPR according to Art. 4 GDPR.
6. Legal Basis for Processing
- Art. 6 para. 1 lit. a GDPR – Consent
- Art. 6 para. 1 lit. b GDPR – Performance of contract
- Art. 6 para. 1 lit. c GDPR – Legal obligation
- Art. 6 para. 1 lit. f GDPR – Legitimate interest
- § 25 TDDDG – Access to terminal device information
A. Data Processing on the Website
A.1 Server Log Files
When the website is accessed, technical data is automatically stored: date/time, requested file, referrer URL, access status, browser type, operating system, IP address (anonymized). Legal basis: Art. 6 para. 1 lit. f GDPR. Retention period: max. 7 days.
A.2 Cookies
Technically necessary cookies (§ 25 para. 2 no. 2 TDDDG) as well as analytics and marketing cookies only after explicit consent (§ 25 para. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR).
A.3 Google AdSense
Google AdSense
- Provider
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
- Purpose
- Integration of advertisements via cookies and web beacons
- Legal basis
- Art. 6 para. 1 lit. a GDPR (consent)
- Third country
- USA – EU-US Data Privacy Framework
- Opt-out
- adssettings.google.com
A.4 Embedding of Third-Party Content (YouTube)
YouTube videos are only loaded after active consent (click-to-play solution, extended privacy mode). Legal basis: Art. 6 para. 1 lit. a GDPR.
B. Data Processing in the Apps
B.1 Music Apps (Capodaster, Chord Circle, Circle of Fifths Auto, etc.)
These apps require no registration, do not access cloud accounts, and work largely offline. Only app settings and user configurations are stored locally.
B.2 Reporting App "Ad Earnings Service & More"
Requires Google Sign-In (OAuth 2.0). Processed: name, email, Google user ID, and OAuth token. Password is never stored. Legal basis: Art. 6 para. 1 lit. b GDPR.
B.3 Integrated SDKs
B.3.1 Google AdMob (ad-supported apps)
- Provider
- Google Ireland Limited
- Purpose
- Advertisements, reach measurement, fraud prevention
- Legal basis
- Art. 6 para. 1 lit. a GDPR (consent via consent banner)
- Third country
- USA – EU-US Data Privacy Framework
- Opt-out
- Android settings → Google → Ads
B.3.2 Firebase Crashlytics
- Provider
- Google Ireland Limited
- Purpose
- Anonymized crash reports for error correction
- Legal basis
- Art. 6 para. 1 lit. f GDPR (legitimate interest)
- Privacy
- firebase.google.com/support/privacy
B.4 Data Security
All data transmissions are encrypted via HTTPS/TLS. The "Ad Earnings Service & More" app provides a "Delete all data" button that removes all local data and revokes the OAuth token.
C. General Information
C.1 Data Transfers to Third Countries
Google services may transfer data to the USA. Legal basis: EU-US Data Privacy Framework (adequacy decision of 10 July 2023) and EU Standard Contractual Clauses according to Art. 46 para. 2 lit. c GDPR.
C.2 Retention Period
- Server log files: 7 days
- Crash reports (Firebase): max. 90 days
- Local app data: until actively deleted by the user
- OAuth token: until revoked
C.3 Your Rights
- Art. 15 Right of access
- Art. 16 Right to rectification
- Art. 17 Right to erasure
- Art. 18 Restriction of processing
- Art. 20 Data portability
- Art. 21 Right to object
- Art. 7 para. 3 Withdrawal of consent
- Art. 77 Right to lodge a complaint
C.4 Objection to Advertising Mails
The use of contact data published in our legal notice for the purpose of sending unsolicited advertising is hereby expressly prohibited.
C.5 No Automated Decision-Making
Automated decision-making, including profiling according to Art. 22 GDPR, does not take place.
C.6 Changes to this Privacy Policy
We reserve the right to adapt this declaration as needed. The version current at the time of your visit applies. As of: April 2026.