Privacy Policy

Effective date: 9 June 2026 · Version 2.0

Windrose ("Windrose", "the Service", "we", "us") is a dashboard for visualising data from portable weather stations through their provider's API. This Privacy Policy explains what personal data we process, the purposes and legal bases for processing, who we share it with, how long we keep it, the safeguards we apply, and the rights you have. It is drafted to meet the requirements of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and reflects information-security practices aligned with the ISO/IEC 27001 framework.

1. Data Controller

The data controller responsible for your personal data is Windroses ("the Controller"). For any privacy request, or to contact the person responsible for data protection, write to admin@windroses.world.

2. Personal Data We Process

We practise data minimisation and collect only what is needed to provide the Service.

• Account identity — your email address, display name, and a one-way hashed password. If you sign in with Google, we instead receive a Google account identifier, your email address and, where available, your profile picture URL. We never receive or store your Google password.
• Authentication & session — a strictly necessary session cookie (HttpOnly, Secure where served over HTTPS, SameSite=Lax) and an optional "remember me" token, used solely to keep you signed in and to protect your account.
• Weather-station configuration — the provider API credentials you supply (API key and secret), station identifiers, and the station's geographic location (latitude, longitude, city, region, country, elevation, time zone) and selected driver type, used to retrieve and display your station's data.
• Weather measurements — sensor readings (e.g. temperature, wind, rainfall, pressure) retrieved for your stations and cached on our servers to speed up the dashboard.
• Billing — your subscription plan, status and renewal date, and the customer and subscription identifiers issued by our payment processor. Payment-card details are entered directly with the payment processor and are never received or stored by Windrose.
• Notifications — if you enable push alerts, the push subscription endpoint and keys provided by your browser, your preferred language, and the alert conditions you configure.
• AI assistant — the messages you send to the in-app assistant, the station weather data used to answer them, and aggregate usage counters. Please do not enter special categories of personal data (e.g. health, political or religious information) into the chat.
• API access — any API keys you generate (stored with the secret hashed) and minimal request logs (timestamp, endpoint, key identifier) used for rate-limiting, billing and abuse prevention.
• Technical & diagnostic data — limited server logs (such as IP address, timestamp and the request made) kept for security, troubleshooting and the proper operation of the Service.

We do not collect data for advertising, do not use third-party tracking or analytics tools, and do not sell your data.

3. Purposes and Legal Bases

• Providing the Service (account, stations, dashboard, AI assistant, API, notifications you request) — performance of a contract, GDPR Art. 6(1)(b).
• Billing and subscriptions — performance of a contract and compliance with legal accounting/tax obligations, GDPR Art. 6(1)(b) and 6(1)(c).
• Push notifications — your consent, GDPR Art. 6(1)(a); you may withdraw it at any time by disabling notifications.
• Security, fraud and abuse prevention, and service improvement — our legitimate interests, GDPR Art. 6(1)(f), balanced against your rights.

4. Recipients and Processors

We do not sell your personal data. We share it only with the service providers below, who act as processors or independent controllers under contractual data-protection terms, and only to the extent necessary:

• Sign-in with Google — identity verification, only if you choose to sign in with Google.
• Payment processor — secure processing of subscriptions and payment-card data on our behalf, under PCI-DSS.
• Third-party AI language-model provider — processes your chat messages and the related station data to generate the assistant's responses.
• Weather-station provider (e.g. Davis WeatherLink) — the source of your station's data, contacted using the API credentials you provide.
• Weather forecast provider — receives your station's coordinates to return forecast and historical climate data.
• Map-tile provider (OpenStreetMap / CARTO) — receives your IP address to load map tiles when you open the community map.
• Web push services (operated by your browser/OS vendor) — receive the push endpoint to deliver notifications you enabled.
• Hosting provider — operates the servers that run the Service, located in the European Economic Area (Germany).

5. International Transfers

Our primary infrastructure is hosted within the European Economic Area (EEA). Some processors (notably the AI language-model provider, the payment processor and Google) may process data outside the EEA. Where this occurs, transfers are protected by appropriate safeguards under GDPR Chapter V — typically the European Commission's Standard Contractual Clauses and/or an adequacy decision. You may request a copy of the relevant safeguards using the contact above.

6. Retention

• Account and station data — kept while your account is active and deleted (or anonymised) after account closure, unless longer retention is legally required.
• Weather cache — retained on a rolling basis according to your plan's history window.
• Billing records — retained for the period required by applicable accounting and tax law.
• Push subscriptions — kept until you unsubscribe or the subscription expires.
• Security and API logs — kept for a short period for security and diagnostics, then deleted.

7. Information Security

We apply technical and organisational measures aligned with the ISO/IEC 27001 framework, including: encryption of data in transit (TLS); one-way hashing of passwords and API-key secrets; access controls and the principle of least privilege; HttpOnly/Secure/SameSite session cookies; rate-limiting and abuse monitoring; regular patching and backups; and contractual data-protection commitments with our processors. Deleting your account cascades to your stations, cached data, push subscriptions and alerts. No method of transmission or storage is fully secure; we work continuously to protect your data and to detect and address incidents.

8. Automated Decision-Making

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on you. Plan-based feature limits are contractual settings, not profiling.

9. Cookies

We use only strictly necessary cookies (the session and "remember me" tokens) and store your interface preferences (such as theme and language) locally in your browser. We do not use advertising or third-party tracking cookies, so no cookie-consent banner is required.

10. Your Rights

Under the GDPR you have the right to access, rectify, erase, restrict or object to the processing of your personal data, the right to data portability, and the right to withdraw consent at any time without affecting prior processing. To exercise any right, contact admin@windroses.world; we respond within one month. You also have the right to lodge a complaint with your local data-protection supervisory authority.

11. Children

The Service is not directed to children below the age of digital consent in their country (16 in most of the EU). We do not knowingly collect their data; if you believe a child has provided us data, contact us and we will delete it.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted on this page with a new effective date. Continued use of the Service after an update constitutes acknowledgement of the revised Policy.