Note: This policy describes the app's actual, deliberately data-minimal design. A legal review before a broad launch is recommended; the host DPA note (below) is still open. Courtesy translation; the German Datenschutzerklärung is authoritative. As of June 2026.

In short

This application is local-first: it runs entirely in your browser. By default no server receives or stores your household data – there are no accounts, no cookies and no trackers, and no external resources (fonts, scripts, analytics) are loaded from third parties. The only exception is the optional device sync that you enable yourself – and even then your data leaves your device exclusively end-to-end encrypted (see below).

Responsible party

tap & type UG (haftungsbeschränkt)
Pestalozzistr. 14, 14943 Luckenwalde, Germany
Email: [email protected] · see Imprint

What data is processed

Your household data

Amounts, labels, tags and settings you enter are stored exclusively in your browser's local storage (localStorage and – as a robust mirror for offline recovery – IndexedDB) on your device. They do not leave your device and are not visible to us. You can delete them at any time via “Clear” or by clearing your browser storage.

Server logs of the host

The website is hosted by Cloudflare (Cloudflare Pages). On access, technically necessary data (e.g. IP address, time, file requested, user agent) is processed to deliver the site and ensure secure operation (legal basis Art. 6(1)(f) GDPR). Provider: Cloudflare, Inc. [Conclude a data processing agreement (DPA) with Cloudflare and link the host's privacy notice here.]

Optional device sync (end-to-end encrypted)

Disabled by default. Only if you enable the sync yourself and set a passphrase, an encrypted copy of your data is synced via a server so you can share it between devices. The following applies:

• Encryption happens entirely on your device (AES-256-GCM; the key is derived from your passphrase via PBKDF2-SHA-256).
• The server stores only the ciphertext plus a non-reversible identifier derived from the passphrase. No plaintext household data, no name, no email, no account.
• Your passphrase never leaves your device and is unknown to us. Without it the data cannot be decrypted – a reset is therefore not possible.
• Infrastructure: Cloudflare (Workers + KV storage). Legal basis Art. 6(1)(a) GDPR (consent by enabling), revocable at any time by disabling or deleting the sync entry.

No cookies, no tracking

No cookies are set and no analytics/tracking services are used. An optional, cookie-free and anonymous statistic (e.g. Plausible) is currently not active; should it be added later, this section will be updated accordingly.

Offline function (PWA)

For offline use the browser stores the app files (HTML/CSS/JS, icons) in a local cache. This too happens only on your device.

Your rights

Under the GDPR you have, among others, the right to access, rectification, erasure, restriction and objection. Since your household data resides exclusively locally, you have full control and can delete it yourself. For matters regarding the responsible party, use the details in the Imprint.