Privacy Policy

Last updated: November 8, 2025

1. Introduction

mutedblue is operated by Dr. Sebastian Lindner (Germany). This privacy policy explains what data we collect, how we use it, and your rights under GDPR.

2. Data We Collect

When you create a report, we collect:

  • Required: Birthdate, country of birth, questionnaire answers (10 items, TIPI — Big Five), report language
  • Optional: Name, gender, time of day of birth, exact birth time, birth city
  • Payment data: Processed securely by Stripe (we never see your full credit card number)
  • Technical data: IP address (for security), browser type, device info (via server logs)

3. How We Use Your Data

We use your data to:

  • Generate your personalized personality report
  • Process payments through Stripe
  • Deliver your PDF report
  • Enable compatibility testing with others
  • Improve our service and user experience

4. Data Processors & Third Parties

We use the following third-party services:

  • OpenAI (US): GPT-5 AI model for generating report text. Data sent: personality scores across 15 dimensions, zodiac info, optional demographics. OpenAI does NOT use API data to train models.
  • Supabase (EU servers): Database for storing report data, questionnaire answers, and PDF files
  • Stripe (US/EU): Payment processing. Stripe handles all credit card data securely.

Data transfer to US-based services (OpenAI, Stripe) is covered by their GDPR compliance and EU Standard Contractual Clauses.

5. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing of your data

To exercise these rights, contact us at hello@mutedblue.com

6. Data Retention

How long we keep your data:

  • Report data: Stored indefinitely to enable re-downloads and compatibility tests
  • Payment records: 10 years (German tax law requirement)
  • Your right to deletion: Contact hello@mutedblue.com to request deletion of your report data (payment records must be retained for legal compliance)

7. Security

We implement appropriate technical and organizational measures to protect your data:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database access controls
  • Regular security updates and monitoring
  • No sharing of personal data with third parties for marketing

8. Cookies and Tracking

We use minimal cookies for:

  • Essential functionality (session management)
  • Language preference
  • Anonymous analytics (if applicable)

You can control cookies through your browser settings.

9. Children's Privacy

mutedblue is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, please contact hello@mutedblue.com immediately.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date.

11. Contact Us

For any privacy-related questions or to exercise your rights:

Email: hello@mutedblue.com