Privacy Policy (Website)

We are pleased that you are visiting our website at Data protection and data security when using our website are very important to us. In this Privacy Policy we adhere to our obligations set out in the Texas Data Privacy and Security Act (“TDPSA”), and the EU’s General Data Protection Regulation (“GDPR”) and inform you about which Personal Information we collect and process and for what purpose and of course about your rights and how you can assert them.

General Information

What is Personal Information?

Personal Information is information that makes it possible to identify a natural person. This includes in particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data exists if no personal reference to the user can be made.

What is Processing?

“Processing” means and covers virtually any handling of data.

Who is responsible?

The person responsible for the processing of Personal Information is Apps Do Wonders LLC, a Dallas based limited liability company. Please read this Privacy Policy together with our Cookie Policy and email us using [email protected] or our Contact Form if you have any questions.

Purpose and legal basis of processing

In accordance with the TDPSA and the GDPR we need to have both a purpose and a legal basis to process Personal Information. The purposes are:

The above mentioned laws require,

  • providing the website and their functions and contents,
  • responding to contact requests and communicating with our customers,
  • providing our services, and
  • security measures.

Of course, we can only do that if we have at least one of the following legal bases or in other words lawful reasons to do so. Unless specifically described below, we typically link the above purposes to one of the following:

  • consent,
  • to fulfill our services and carry out contractual obligations,
  • to fulfill our legal obligations, and
  • to protect our legitimate interests.

Data transfers

In certain cases, it is necessary to transmit the processed Personal Information in the course of data processing. In this respect, there are different recipient bodies and categories of recipients.

  • Service providers in the context of fulfillment processing,
  • Companies that provide marketing services,
  • Service providers within the scope of providing our website, and
  • State authorities and institutions as far as this is required or necessary.

Our main operations are based in the USA and your Personal Information is generally processed, stored and used within the USA. In some instances, your Personal Information may be processed outside the USA. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your Personal Information is protected in the same way as if it was being used within the USA. Where we need to transfer your data outside the USA, we will use approved standard contractual clauses in contracts for the transfer of Personal Information to third countries.


In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. Our security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

Storage and retention

Your Personal Information will be stored by us only for as long as is necessary to achieve the purposes for which the data was collected or – if statutory retention periods exist that go beyond this point and for the duration of the legally prescribed retention period. We then delete your Personal Information. Only in a few exceptional cases is your data be stored beyond this period, e.g., if storage is necessary in connection with the enforcement of and defense against legal claims against us.

What Personal Information do we process?

Log files

When you access our website, some access data is recorded automatically and stored in a log file on our website’s server. This means if you browse and simply have a look at our website, we process a) the IP address of your computer, b) the date and time of your access, c) the name and URL of the accessed file, d) the browser used, e) the amount of bytes transferred, f) the status of the page request, g) the session ID and g) the referrer URL. The legal basis for processing is our legitimate interest.

Hosting of our website

We use the hosting services of, LLC, for the purpose of hosting and displaying our website. GoDaddy does so on the basis of processing on our behalf, and that also means that all data collected on our website and shop is processed on GoDaddy’s servers.The basis for processing is our legitimate interest, and the initiation and/or fulfillment of a contract.

Content Management System

We use the Content Management System (CMS) of WordPress by Automattic Inc to publish and maintain the created and edited content and texts on our website. This means that all content and texts submitted to us is transferred to WordPress. This represents a legitimate interest.


We use so-called cookies on our website. Cookies are small text files that are stored on your device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.

Contact options

If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided and your message. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our legitimate interest in processing your request.

Social Media

We are present on social media on the basis of our legitimate interest. If you contact or connect with us via social media platforms, we and the relevant social media platform are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. The legal basis is our legitimate interest, your consent or, in some cases, the initiation of a contractual service, if any.

When using our services

We process the Personal Information involved in your use of our services in order to be able to provide our contractual services. This includes in particular our support, correspondence with you, invoicing, fulfillment of our contractual, accounting and tax obligations. Accordingly, the data is processed on the basis of fulfilling our contractual obligations and our legal obligations.

Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks as well as organization of our business, and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are our legal obligations and our legitimate interest.

Direct marketing in the context of a customer relationship

Insofar as you have also given us separate consent to process your data for marketing and advertising purposes, We are entitled to contact you for these purposes via the communication channels you have ticked in this consent.

Your Rights and Privileges

Privacy rights

Under the TDPSA, you can exercise the following rights:

  • Right to know
  • Right to rectification
  • Right of deletion
  • Right of non-discrimination
  • Right to opt-out of sale

Under the GDPR, you can exercise the following rights:

  • The right to access;
  • The right to rectification;
  • The right to erasure;
  • The right to restrict processing;
  • The right to object to processing;
  • The right to data portability;
  • The right to complaint to a supervisory authority

If you have any questions, please contact us.

Updating your information

If you believe that the information we hold about you is inaccurate or request its rectification, deletion, or object to its processing, please do so by contacting us.

Withdrawing your consent

You can withdraw consents you have given at any time by contacting us.

Access Request

In the event you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Information or to make a correction requested by you, we will tell you why.

Complaint to a supervisory authority

You have the right to complain about our processing of Personal Information to a supervisory authority responsible for data protection. However, we would appreciate the opportunity to address your concerns before you contact any supervisory authority.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of Personal Information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.


The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CAN SPAM, we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email us, and we will promptly remove you from ALL correspondence.

Controls For Do-Not-Track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, our website does not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this policy.

What we do not do

  • We do not use Automated decision-making including profiling; and
  • We do not sell your Personal Information.

Does this policy change?

We may update our Privacy Policy from time to time. This might be for a number of reasons, such as to reflect a change in the law or to accommodate a change in our business practices and the way we use your Personal Information. We recommend that you check here periodically for any changes to our Privacy Policy. This Privacy Policy was last updated on Wednesday, 07th of December 2023.

Who should I contact for more information?

If you feel that the above is not sufficient or if you have any queries as regards the collection, processing or use of your Personal Information we are looking forward to hearing from you. We will make every effort to reply as soon as possible and take into consideration any suggestions from your end.