This privacy policy explains which personal data the iOS & Android app "Gegenverkehr" processes, for what purpose, and on what legal basis. It applies exclusively to the app itself.
Gegenverkehr helps you document traffic incidents and get in touch with other affected people or witnesses. Unlike purely on-device apps, this requires processing personal data on a server (backend). Your identity and exact location are never shown to other users, and contact details are only shared once both sides agree.
The data controller under the General Data Protection Regulation (GDPR) is the individual who publishes "Gegenverkehr" as a solo developer:
Full contact details of the controller are also listed in the imprint. The controller and the person named in the imprint are identical.
Gegenverkehr is published by a single individual as a solo developer. A data protection officer is therefore not legally required and none is appointed.
Using Gegenverkehr requires an account. During sign-up we process your email address and password (stored encrypted by our backend provider, see below). Sign-up requires email confirmation. The legal basis is performance of the usage contract (Art. 6(1)(b) GDPR).
Gegenverkehr processes personal data for the following purposes:
The legal basis is performance of the usage contract and providing the feature you explicitly requested (Art. 6(1)(b) GDPR); for optional features (photo and voice evidence, push notifications, contact exchange) additionally your consent (Art. 6(1)(a) GDPR).
For license-plate and location/time search, reports are served through a technically enforced, non-identifying view: your identity (reporter ID) and exact location are never shown to other users. Only once you accept a contact request does your contact information become visible to the other side - and vice versa, only if the other side agrees too.
Evidence photos and voice recordings are stored in a private storage area and are visible only to you and to people you have explicitly granted access via an accepted witness offer or an accepted contact request. Photos are compressed on your device before upload. Voice recordings are transcribed directly on your device where technically possible (no audio is sent to a third-party transcription service for this purpose); the recording itself is stored as evidence once you submit the report.
Gegenverkehr uses the backend provider Supabase as a data processor (Art. 28 GDPR) for accounts, database, and file storage. For push notifications, the respective operating system's push service is used - Apple (APNs) on iOS and Google (Firebase Cloud Messaging) on Android; only a device token is transmitted for this purpose.
Your data is not shared with any other third parties. There are no ad networks, no analytics SDK, and no tracking SDK in the app.
To the extent our data processors (Supabase, Apple, Google) process data in countries outside the EU/EEA, this happens on the basis of appropriate safeguards (e.g. EU Standard Contractual Clauses under Art. 46 GDPR) provided by the respective vendor.
Your reports, evidence, and contact data remain stored as long as your account exists. You can fully and irreversibly delete your account, along with all associated data (reports, photos, voice recordings, contact data, contact requests), at any time in the app under Profile → Delete account.
Under the GDPR you have the following rights:
You can exercise access, rectification, and erasure for most data directly in the app's profile section. For anything else, contact gegenverkehr@borisniehaus.de.
Gegenverkehr is distributed via the Apple App Store and Google Play. Obtaining the app through these stores is subject to Apple's or Google's own data processing (e.g. as part of your account and the download). This processing is carried out by Apple or Google, is governed by their own privacy policies, and is outside the controller's sphere of influence.
Gegenverkehr does not use cookies, does not run advertising tracking, and does not embed any third-party analytics or ad SDKs.
2026-07-03