Last updated: April 2026
Elisabeth Goletzko
Rauental 53, 42289 Wuppertal, Germany
Email: support@7fz.de
During registration we collect:
When linking your reMarkable, we store a device token encrypted with AES-256-CBC in our database. This token enables the upload of documents to your reMarkable via the reMarkable Cloud API. We do not have access to the contents of your reMarkable, except for annotation data on documents we have sent (see 2.8).
As an alternative to reMarkable, you can connect your Google Drive account.
We use OAuth 2.0 with the drive.file scope, which only allows access
to files that 7fz itself has created. We store an encrypted refresh token and
access token. We cannot access any other files in your Google Drive.
You can revoke access at any time in your Account settings or via
Google Account permissions.
You provide iCal URLs (e.g., from Google Calendar, Apple Calendar). We store these URLs and retrieve them server-side to generate PDFs. Calendar contents are processed at the time of PDF generation and are not stored permanently. Temporary PDF files are deleted immediately after upload.
Your selected RSS feed URLs are stored. Article contents are retrieved and processed for PDF/ePub generation and are not stored permanently. For full-text articles, the article web page is fetched server-side to extract text and images.
Your chosen city name is stored to retrieve weather data. The city name is converted to geographic coordinates via the Open-Meteo geocoding API. Only coordinates are sent to the weather API, not your name or account information.
When searching for books, your search terms are sent to Gutendex (Project Gutenberg), Internet Archive, or arXiv. No account data is transmitted. Downloaded files are temporarily stored on our server during upload and deleted immediately after.
For interactive games, we read annotation data (.rm files) from documents we have sent to your reMarkable. This data contains only stroke coordinates (pen position) - no text recognition or handwriting analysis is performed. We use these coordinates solely to detect which grid cell you marked. Game state (board position, move count, win/loss/draw statistics) is stored in our database.
Payment processing is handled entirely by Paddle.com Market Limited as Merchant of Record. We do not store credit card numbers, bank details, or other payment information. Paddle transmits to us only: subscription status, billing period, and a Paddle customer ID. For details, see Paddle's Privacy Policy.
We collect anonymized usage events (e.g., "calendar sent", "game started") to understand which features are used. These events contain: event type, page name, and timestamp. They do not contain personal content (no calendar data, no article text, no game moves). Analytics data is only visible to the administrator and is not shared with third parties.
For failed login attempts, we temporarily store the email address and IP address (max. 15 minutes) to protect against brute-force attacks. Successful logins delete these entries.
Technical errors are logged with: error message, file name, line number, and timestamp. No personal data is included in error logs. Error logs are retained for 30 days.
For each automatic sync, we log: timestamp, status (success/error), and error message if applicable. Sync logs are retained for 30 days.
The web server automatically collects: IP address, browser type, access time, page visited. This data is not merged with other data sources and is deleted after 30 days.
The following external services receive data:
| Service | Provider | Data Transmitted | Purpose |
|---|---|---|---|
| reMarkable Cloud | reMarkable AS, Norway | Encrypted token, PDF content, annotation data | Document delivery and game interaction |
| Google Drive | Google Ireland Ltd. | OAuth token, PDF files | Alternative document delivery |
| Paddle | Paddle.com Market Ltd., UK | Email address (for invoice) | Payment processing |
| Open-Meteo | open-meteo.com | Geographic coordinates | Weather data |
| Nager.Date | nager.at | Country/region code | Public holiday data |
| Gutendex / Internet Archive / arXiv | Various | Search terms | Book/article search |
| All-Inkl | Neue Medien Münnich, Germany | All data (hosting) | Web hosting, email, database |
We do not use Google Analytics, Facebook Pixel, or any other third-party tracking services. No personal data is sold or shared for advertising purposes.
We exclusively use technically necessary session cookies for
authentication, CSRF protection, and language preference. No tracking cookies,
advertising cookies, or third-party cookies are set. A separate cookie
(7fz_lang) stores your language preference for 1 year.
| Data | Retention Period |
|---|---|
| Account data (name, email, settings) | Until account deletion by the user |
| Device tokens (reMarkable, Google Drive) | Until disconnection or account deletion |
| Calendar/news/weather content | Not stored permanently; processed and deleted |
| Game data (Tic Tac Toe) | Until account deletion |
| Analytics events | 90 days |
| Sync logs | 30 days |
| Error logs | 30 days |
| Login attempts (failed) | 15 minutes |
| Server logs (web server) | 30 days (managed by hosting provider) |
| Temporary PDF/ePub files | Deleted immediately after upload |
The Tic Tac Toe game uses automated processing to detect hand-drawn marks on a grid and respond with an AI move (Minimax algorithm). This is purely a game mechanic and has no legal or similarly significant effects on the user. No profiling is performed.
Under the GDPR, you have the right to:
Contact for data protection inquiries: support@7fz.de
Your data is stored on servers in Germany. Some third-party services may process data outside the EU/EEA (reMarkable AS in Norway - adequate protection under GDPR; Google - Standard Contractual Clauses; Paddle - UK adequacy decision).
We may update this Privacy Policy to reflect changes in our service or legal requirements. Material changes will be communicated to registered users by email. The current version is always available at this URL.