RumX Privacy Policy: How We Protect Your Data

Last updated: June 5, 2026

This Privacy Policy explains how we process your personal data when you use the RumX website (rumx.com), the RumX mobile application, and our community forum (community.rumx.com) — together the "Service". It also informs you about your rights under the EU General Data Protection Regulation (GDPR) and the German Telecommunications Digital Services Data Protection Act (TDDDG).

1. Controller

The controller within the meaning of Art. 4 (7) GDPR is:

Oliver Gerhardt
Böblinger Str. 24
70178 Stuttgart, Germany
Email: info@rumx.com
Phone: +49 711 39682888

2. Supervisory Authority and Your Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI)
Lautenschlagerstraße 20, 70173 Stuttgart, Germany
www.baden-wuerttemberg.datenschutz.de

You may also contact the supervisory authority of your place of residence.

3. Your Rights

You have the following rights regarding your personal data:

  • Access (Art. 15 GDPR) — request a copy of the personal data we hold about you.
  • Rectification (Art. 16 GDPR) — have inaccurate data corrected.
  • Erasure (Art. 17 GDPR) — have your data deleted ("right to be forgotten").
  • Restriction of processing (Art. 18 GDPR).
  • Data portability (Art. 20 GDPR) — receive your data in a structured, commonly used, machine-readable format.
  • Withdrawal of consent (Art. 7 (3) GDPR) — withdraw any consent at any time with effect for the future, e.g. via the "Cookie preferences" link in the website footer or in your device settings.

Right to object (Art. 21 GDPR): Where we process your personal data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object at any time for reasons arising from your particular situation. Where we process your data for direct marketing, you can object at any time without giving reasons.

To exercise any of these rights, contact us at info@rumx.com. We may ask you to verify your identity before responding.

Account Deletion

You can delete your account and all related data directly within the app: log in, open the profile tab (bottom right), and tap "Delete user account" at the bottom. This action is irreversible — all personal data associated with the account is permanently deleted. For assistance, contact us at info@rumx.com.

4. Consent Management (Cookie Banner)

When you first visit our website, a consent banner asks for your consent before any non-essential cookies or similar technologies are used. The legal basis for storing or reading information on your device is § 25 (1) TDDDG; the subsequent processing of personal data is based on your consent (Art. 6 (1) (a) GDPR). Strictly necessary technologies are used under § 25 (2) TDDDG without consent.

We use the following consent categories:

  • Essential / Functional (shown in the banner as "Smooth Experience") — required to operate the Service (e.g. your consent choice itself, shopping cart, language and country selection). Always active.
  • Analytics & Personalization — usage statistics and personalized recommendations (Google Analytics 4, Microsoft Clarity, Recombee personalization, Algolia Insights, Google Ads conversion measurement). Loaded only after your consent.
  • Marketing (shown in the banner as "Connect & Discover") — advertising and retargeting (Meta Pixel, Releva.nz, YouTube embeds, chat widget). Loaded only after your consent.

Your consent choice is stored in a cookie ("consent-settings") for 180 days. You can change or withdraw your choice at any time via the "Cookie preferences" link in the footer. Both "Accept all" and "Only essential" are offered equally on the first banner layer.

5. Hosting and Server Logs

Netlify: Our website is hosted by Netlify, Inc., 512 2nd Street, Suite 200, San Francisco, CA 94107, USA. When you visit the website, Netlify processes connection data (IP address, date and time, requested URL, browser user agent) in server logs for the purpose of delivering the website securely and reliably. Legal basis: legitimate interest in the secure and performant operation of the website (Art. 6 (1) (f) GDPR). Netlify is certified under the EU-U.S. Data Privacy Framework; we have additionally concluded a data processing agreement including EU Standard Contractual Clauses. Log data is automatically deleted after a short period (up to 30 days).

Backend (Google Firebase / Google Cloud): Our app backend, user accounts, images and APIs run on Google Firebase and Google Cloud Platform (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), primarily in the region europe-west3 (Frankfurt); some functions run in the USA (us-central1). Legal basis: performance of the contract (Art. 6 (1) (b) GDPR). Google LLC is certified under the EU-U.S. Data Privacy Framework.

Community forum (Discourse): Our forum at community.rumx.com is a self-hosted Discourse instance operated by us on infrastructure of DigitalOcean LLC. When you participate in the forum, your profile and posts are processed there. Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

6. Data We Collect

Account and Profile Data

When you create an account we process: email address, username, first and last name (optional), profile picture (optional), and your password in encrypted form. Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

Social Login

You can register and log in via third-party sign-in services (e.g. Google, Apple, Facebook). If you do, we receive the profile data you authorize there (typically name, email address). Legal basis: performance of the contract (Art. 6 (1) (b) GDPR). The respective provider's privacy policy applies to its own processing.

Content You Post

Ratings, tasting notes, reviews, photos, comments and forum posts you publish are visible to other users together with your username. Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

Optional City of Residence

You may optionally select your city from a Google Places autocomplete suggestion. We store the Google Places ID, the city display name, and the ISO country code. We do not store GPS coordinates, street addresses, or any sub-city precision tied to your account. You can change or remove the city at any time in your account settings; removal takes effect on the Community Map within 24 hours.

Taste Profile (Match Score)

When you rate rums, we compute four numerical taste-axis values (sweet/dry, fruity/woody, mild/intense, complexity) from your ratings to provide personalized recommendations (the "Match Score"). See section 9 for details.

Usage Data

When you use the Service, we automatically process technical data such as IP address, browser type and version, device type, operating system, pages visited, and timestamps. Legal basis: legitimate interest in operating, securing and improving the Service (Art. 6 (1) (f) GDPR).

App Permissions

The mobile app requests the following permissions only with your prior consent (Art. 6 (1) (a) GDPR), which you can revoke at any time in your device settings:

  • Camera and photo library — to add pictures to your ratings and your profile.
  • Contacts — only if you actively use the friend-invitation feature.
  • Push notifications — see section 11.

The app does not access your device's GPS for the Community Map or Match Score features.

7. Purchases via the RumX Marketplace

RumX does not sell alcoholic beverages itself. When you submit an order request, the purchase contract is concluded with the licensed partner shop identified before checkout. To process your order we share the necessary order data (name, delivery address, email, order items) with that partner shop. Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

Payment (Mollie): Payments are processed by Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands, as payment service provider of the respective seller (Mollie Connect). Mollie processes your payment data (e.g. card details, PayPal account, bank details) under its own responsibility as required by payment regulation. We do not store full payment credentials. Depending on the payment method, Apple Pay (Apple Distribution International Ltd., Ireland) or PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg) are involved. Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

Age verification: Because alcoholic beverages may only be sold to adults, the delivery service performs an age check upon delivery on behalf of the seller. Legal basis: legal obligation (Art. 6 (1) (c) GDPR in conjunction with § 9 of the German Youth Protection Act).

8. Website Services and Tools

Essential (no consent required)

  • Algolia Search (Algolia SAS, 55 Rue d'Amsterdam, 75008 Paris, France) — powers the site search. Your search queries are transmitted to Algolia to return results. Legal basis: legitimate interest in providing a functioning search (Art. 6 (1) (f) GDPR).
  • IPinfo geolocation (IPinfo Inc., USA) — we determine your country (country-level only) from your IP address to show the correct shops, prices and currency. The IP address is not stored by us together with your account. Legal basis: legitimate interest in showing regionally correct offers (Art. 6 (1) (f) GDPR).
  • Recombee (non-personalized) — basic, non-personalized rum recommendations are retrieved from Recombee s.r.o. (Prague, Czech Republic; EU data center) without building a user profile. Legal basis: legitimate interest (Art. 6 (1) (f) GDPR).

Analytics & Personalization (only with your consent, Art. 6 (1) (a) GDPR; § 25 (1) TDDDG)

  • Google Analytics 4 (Google Ireland Limited) — usage statistics with Google Consent Mode v2. IP addresses are not logged or stored by GA4. Data may be transferred to Google LLC (USA, DPF-certified). Retention: up to 14 months.
  • Google Ads conversion measurement (Google Ireland Limited) — measures whether visits via Google ads lead to orders.
  • Microsoft Clarity (Microsoft Ireland Operations Ltd.) — session replays and heatmaps to improve usability. Data may be transferred to Microsoft Corporation (USA, DPF-certified).
  • Recombee (personalized) — with your consent, your interactions (viewed and rated rums) are used to compute personalized recommendations. EU data center.
  • Algolia Insights — anonymous click and conversion events on search results to improve search quality.

Marketing (only with your consent, Art. 6 (1) (a) GDPR; § 25 (1) TDDDG)

  • Meta Pixel (Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, Ireland) — measures advertising on Facebook/Instagram (e.g. ViewContent, AddToCart, Purchase events) and enables retargeting. For data collected via the pixel, we and Meta are joint controllers (Art. 26 GDPR); Meta provides the substance of this arrangement at facebook.com/legal/controller_addendum. Data may be transferred to Meta Platforms, Inc. (USA, DPF-certified).
  • Releva.nz (Releva GmbH, Germany) — retargeting pixel that shows you our ads on other websites. Processing within the EU.
  • YouTube embeds (Google Ireland Limited) — videos are embedded in privacy-enhanced mode (youtube-nocookie.com) and only load data from YouTube when you play a video and have consented to marketing.
  • OpenWidget chat (LiveChat Software S.A. / Text, Inc.) — chat widget on our assistant page; loads only with marketing consent.

9. Community Map and Match Score

Community Map

The Community Map lets you discover other rum enthusiasts geographically near you. It is built on a strict k=5 anonymity design: a city becomes visible on the map only once at least 5 users have selected that city (or nearby cities forming a cluster). Below this threshold, the city is fully suppressed server-side and never transmitted to any other user.

  • What we store on your account: the Google Places ID of your selected city, the city display name, and your country code (ISO 3166-1 alpha-2). We do not store latitude/longitude per user, no street addresses, and we do not access your device's GPS for this feature.
  • What other users see: aggregated cluster markers containing the cluster's member count, a weighted centroid coordinate (city-level, never an individual address), the country code, and the timestamp of the cluster's most recent activity.
  • Cluster leaderboard: when another user taps a cluster, they see a Top-50 list of usernames with each user's monthly tasting count. No location data more precise than the cluster centroid is shown.
  • Aggregation cadence: the map is recomputed nightly. Any change to your city selection — including removal — propagates within 24 hours.
  • Legal basis: your consent (Art. 6 (1) (a) GDPR) for the processing of your city selection; our legitimate interest (Art. 6 (1) (f) GDPR) for displaying aggregated, anonymized clusters, as the k=5 threshold and weighted centroid prevent re-identification.

Match Score

The Match Score is a personalized recommendation computed from your rum ratings: a taste profile of four numerical axes (sweet/dry, fruity/woody, mild/intense, complexity) and a per-rum match value.

  • Inputs: only your own ratings and the rums' flavor profiles maintained by us.
  • Outputs: a recommendation displayed in-app. The Match Score does not influence pricing, contractual terms, or account access and does not produce legal or similarly significant effects within the meaning of Art. 22 GDPR.
  • Storage and removal: the derived taste profile is stored as part of your account record and deleted automatically when you delete your account. You can also request deletion at any time at info@rumx.com.
  • Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

10. Email Communication

Transactional emails (order confirmations, account notifications, security notices) are sent via Mailgun (Mailgun Technologies, Inc., a Sinch company, USA; EU sending region where available, DPF-certified). Legal basis: performance of the contract (Art. 6 (1) (b) GDPR).

Newsletter and product emails are sent via OneSignal (OneSignal, Inc., USA, DPF-certified) only if you have subscribed. You can unsubscribe at any time via the link in every email. Legal basis: consent (Art. 6 (1) (a) GDPR).

11. Push Notifications

If you enable push notifications in the app or browser, we send them via OneSignal (OneSignal, Inc., USA, DPF-certified). You can disable push notifications at any time in your device or browser settings. Legal basis: consent (Art. 6 (1) (a) GDPR).

12. Social Media Presence

We operate pages on social networks, including a Facebook page (facebook.com/rumxapp). For statistics that Facebook provides to us ("Page Insights"), we and Meta Platforms Ireland Ltd. are joint controllers (Art. 26 GDPR); the joint controller arrangement is available at facebook.com/legal/terms/page_controller_addendum. For details on Meta's processing, see facebook.com/privacy/policy.

13. International Data Transfers

Where we transfer personal data to the USA, we rely on the EU-U.S. Data Privacy Framework (adequacy decision of the EU Commission of 10 July 2023, Implementing Decision (EU) 2023/1795) for certified recipients (including Google, Microsoft, Meta, Netlify, OneSignal, Mailgun/Sinch). As a fallback, we have concluded EU Standard Contractual Clauses (Art. 46 (2) (c) GDPR) with our processors. For other third countries, we use Standard Contractual Clauses or rely on adequacy decisions.

14. Retention

We store personal data only as long as necessary for the respective purpose:

  • Account data and content: until you delete your account (or individual content).
  • Order data: retained as required by commercial and tax law (up to 10 years, §§ 147 AO, 257 HGB).
  • Server logs: up to 30 days.
  • Consent records: consent cookie 180 days; proof of consent as long as legally required.
  • Analytics data: see the retention periods stated per tool in section 8.

15. Data Security

We use appropriate technical and organizational measures (TLS encryption, access controls, encrypted password storage) to protect your data. No method of transmission or storage is 100% secure, but we continuously review and improve our safeguards.

16. Children and Minors

The Service deals with alcoholic beverages and is directed exclusively at persons aged 18 or over. We do not knowingly collect personal data from minors. Where consent is the legal basis, the GDPR requires a minimum age of 16 in Germany (15 in France); since our Service requires users to be 18+, we delete accounts of underage users as soon as we become aware of them. If you believe a minor has provided us with personal data, please contact us at info@rumx.com.

17. No Automated Decision-Making

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you (Art. 22 GDPR). Recommendations such as the Match Score are discovery aids only.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, e.g. when we add new features or services. The current version is always available on this page; the "Last updated" date at the top shows the latest revision. For material changes we will inform you via the Service or by email.

19. Contact

If you have any questions about this Privacy Policy or data protection at RumX, contact us at info@rumx.com.