Back to Home

Privacy Policy

Last updated: December 2024

The Short Version

We collect as little data as possible. We don't sell it. We don't use it for ads. Your privacy isn't a feature—it's the foundation of everything we build.

This policy explains what data we collect, why, and your rights under GDPR and Danish law.

Who We Are

Screaming Donkey Studio is the data controller for the personal data processed through our apps and website.

Screaming Donkey Studio
Denmark
Email: [click to reveal email]

What We Collect (By App)

SmoothExit

What we collect:

  • The message you paste and your selected preferences (tone, relationship)
  • Your saved favorites and history (stored locally on your device)
  • Anonymous usage analytics (which features you use, not what you write)

Third-party processing:

To generate unique replies, your message is processed via OpenAI's API. We use OpenAI's European data residency option, meaning your data is processed on servers located in the EU and is not transferred to the United States. OpenAI operates under a zero data retention policy for API requests—your messages are not stored or used to train their models. See OpenAI's Privacy Policy. We don't store your messages on our servers.

Legal basis: Contract performance (providing the service you requested)

Vimblr

What we collect:

  • Your content ideas and preferences (stored locally)
  • Generated scripts and posts (stored locally)
  • Anonymous usage analytics

Third-party processing:

Content is processed via OpenAI's API using European data residency. Your data stays within the EU and is subject to zero data retention—OpenAI does not store or use API requests for training. See OpenAI's Privacy Policy. We don't store your content on our servers.

Legal basis: Contract performance

Tiny Gems - App

What we collect:

  • Quotes and memories you save (stored locally on your device)
  • Children's names and ages you enter (stored locally only)
  • Anonymous usage analytics (no personal content)

Children's privacy:

Tiny Gems is designed for parents to record memories. All data about children stays on your device. We never collect, transmit, or store children's personal information on any server. No third parties have access to this data.

Legal basis: Legitimate interest (local-only storage for your personal use)

Tiny Gems - Roblox

What we collect:

  • Game progress and collected gems (managed by Roblox)
  • No personal information beyond what Roblox provides

Platform:

This game runs on Roblox. Roblox handles user accounts and data according to theirPrivacy Policy. We only access anonymized gameplay data to improve the experience.

Legal basis: Legitimate interest

Gladr

What we collect:

  • GPS location during active walks (stored locally on your device)
  • Health data if connected to Apple Health (stored locally via HealthKit)
  • Account data if signed in: display name, avatar emoji (stored in CloudKit)
  • Walking patterns for Twin matching (anonymized, never exact routes)

Important:

Your exact walking routes never leave your device unless you explicitly share them (e.g., Ghost Walks sent to friends). Twin matching uses patterns, not locations. All social data is stored in Apple's CloudKit with encryption.

View Gladr's full privacy policy →

Legal basis: Contract performance and legitimate interest

Kluegr

What we collect:

  • Photos you capture for visual memory (stored locally on your device)
  • Search queries and saved items (stored locally)
  • Anonymous usage analytics (no personal content)

Third-party processing:

For image recognition, we use Google Cloud Vision API. Google processes images in memory only—they are not saved to disk or stored permanently. Google does not use your images to train their AI models. Google Cloud Vision is GDPR-compliant and SOC 2 certified. See Google's Cloud Privacy Notice.

For text understanding and search, we use OpenAI's API with European data residency. Your data is processed on servers located in the EU and is subject to zero data retention—OpenAI does not store or use API requests for training. See OpenAI's Privacy Policy. We don't store your content on our servers.

Legal basis: Contract performance (providing the service you requested)

What We Don't Do

  • We don't sell your data. Ever. To anyone.
  • We don't use your data for advertising or profiling.
  • We don't track you across apps or websites.
  • We don't share data with third parties for marketing.
  • We don't collect more than we need.

Analytics

We use privacy-friendly analytics to understand how our apps are used. This helps us fix bugs and improve features. Analytics data is:

  • Anonymized (we can't identify you)
  • Aggregated (we see trends, not individuals)
  • Limited to app usage patterns (not personal content)

How Long We Keep Data

  • Local app data: Until you delete the app or clear data
  • API requests: Not stored—OpenAI uses zero data retention for API calls, meaning your data is processed and immediately discarded
  • Analytics: Aggregated, anonymized data kept for up to 24 months
  • Support emails: Kept for 3 years to help with follow-up questions

Your Rights (GDPR)

Under GDPR and Danish data protection law, you have the right to:

  • Access — Request a copy of any personal data we have about you
  • Rectification — Correct inaccurate data
  • Erasure — Request deletion of your data ("right to be forgotten")
  • Portability — Receive your data in a portable format
  • Object — Object to processing based on legitimate interest
  • Withdraw consent — Where processing is based on consent

To exercise any of these rights, email us at [click to reveal email]. We'll respond within 30 days.

Where Your Data is Processed

We prioritize keeping your data within the European Union. We deliberately choose Danish and European infrastructure to ensure your data never leaves the EU.

Our Hosting Infrastructure

Our servers are hosted by Cloudservers A/S, a Danish company based in Aarhus, Denmark (CVR: 26616409). All our infrastructure is located in Denmark and the EU, ensuring full GDPR compliance and that your data stays within European jurisdiction.

Cloudservers A/S, Åbogade 15, 8200 Aarhus N, Denmark

API Processing (SmoothExit & Vimblr)

For SmoothExit and Vimblr, we use OpenAI's European data residency option, which ensures your data is processed on servers located in the EU. Combined with OpenAI's zero data retention policy for API requests, your messages are processed within Europe and immediately discarded—they are never stored or used for model training.

Security

We use industry-standard security measures including HTTPS encryption for all data transmission, secure API connections, and we follow security best practices in our app development. Most data stays on your device and never touches our servers.

Complaints

If you're unhappy with how we handle your data, please contact us first at [click to reveal email].

You also have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet):

Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Phone: +45 33 19 32 00
Website: datatilsynet.dk

Changes to This Policy

We may update this policy as our apps evolve. We'll post changes here and update the "last updated" date. For significant changes, we'll notify you through the app or email if we have your address.

Questions?

We're real humans who care about this stuff. If you have any questions about our privacy practices, just email us at [click to reveal email].