nahbar is an iOS app that lives entirely on your iPhone. Your notes, contacts, personality profiles, and visits stay with you — we never see any of it. The one exception is the optional AI features, which transmit data about a selected person to an external AI service — and only when you actively use them and have given prior consent. This page explains what that means in practice, and the few data flows that do exist.
Last updated: 29 April 2026
1. Data Controller
The controller responsible for data processing under the General Data Protection Regulation (GDPR) is:
Sven Hanold
Falkenweg 27
89129 Langenau
Germany
Email: info@nahbar.app
2. Your data in the app
Everything you enter in nahbar — contacts, notes, visits, personality profiles, likes and dislikes — is stored exclusively on your iPhone.
- There are no servers holding your data by default.
- nahbar does not perform any cloud sync of its own.
- If you delete the app, your data is gone with it (unless you have enabled an iCloud device backup yourself — in that case, Apple’s terms apply).
The one exception is the optional AI features. See section 7 for details.
3. Access to your contacts
If you choose to, nahbar can import contacts from your iPhone’s address book. iOS will ask you for explicit permission the first time this happens.
- All processing takes place on your device.
- No contact data is transmitted to us or to third parties.
- You can revoke this permission at any time in iOS Settings (Settings → Privacy & Security → Contacts → nahbar).
Legal basis: Art. 6(1)(a) GDPR (consent).
4. App analytics and crash reports via Apple
If you have agreed in iOS Settings to share usage and diagnostic data with app developers, Apple sends us aggregated and anonymised information — for example, how often the app was launched or whether it crashed. We receive this data through Apple App Store Connect.
- The data does not allow us to identify you personally.
- It is used solely to fix bugs and improve the app.
- You can disable sharing at any time: Settings → Privacy & Security → Analytics & Improvements → “Share with App Developers”.
Apple is responsible for collecting and transmitting this data. For more information, see Apple’s privacy policy: apple.com/legal/privacy.
Legal basis: Art. 6(1)(a) GDPR (consent given through iOS Settings).
5. In-app purchases
Any purchase you make inside nahbar is handled entirely by Apple’s In-App Purchase system.
- We do not receive payment details, credit card numbers, or your Apple ID.
- We only see aggregated information on whether purchases took place — for billing via App Store Connect.
- Apple is responsible for processing the payment.
Apple’s privacy terms apply in addition: apple.com/legal/privacy.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract).
6. No third-party trackers or SDKs
nahbar contains no third-party tracking tools — no analytics SDKs, no ad networks, no crash reporters such as Firebase or Sentry. No third party silently collects data about you in the background.
The only time data leaves your device for an external service is when you actively use an AI feature — and only then. Details are in the next section.
7. AI features (optional)
nahbar offers some features that use artificial intelligence to suggest things — for example conversation topics before a meeting, gift ideas around a birthday, or insights into your relationship patterns. These features are optional. The first time you use them, we’ll ask for your permission.
AI provider: We use the API of Mistral AI, a French company based in Paris (Mistral AI SAS, 15 rue des Halles, 75001 Paris).
Data transmitted: When you start an AI feature for a specific person, the first name, year of birth, recorded interests, and the most recent saved moments and log entries for that person are sent to Mistral AI. Before sending, all text is sanitised automatically: email addresses, phone numbers, IBANs, links, and long digit sequences are replaced with placeholders.
Processing: Mistral AI processes API data primarily within the EU. Transfers outside the EU are safeguarded using the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR. Mistral contractually commits not to use API data for training its models, and requests are deleted after 30 days.
Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time by no longer using the AI features.
A detailed description — including links to Mistral’s privacy policy, data processing addendum (DPA), and usage policy — is available on the AI Terms of Use page.
8. Your rights
Under the GDPR, you have the following rights:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent at any time (Art. 7(3) GDPR)
Since we do not store any personal data about you ourselves, in many cases we can only refer you to the relevant party (for example, Apple for app analytics or payments, Mistral AI when you use the AI features). For any questions, you can reach us at info@nahbar.app.
9. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstraße 10a
70173 Stuttgart, Germany
Web: baden-wuerttemberg.datenschutz.de
10. Changes to this privacy policy
If features of the app or the legal framework change, we will update this privacy policy accordingly. The current version is always available on this page.