© Message Jay 2025
Last updated: 19.05.2025
First things first: We do not sell your data to anyone!
We are pleased that you are visiting our platform. Our platform includes both our website (messagejay.com including all subdomains) and our iOS and Android apps.
You can visit our platform without providing personal data. However, as soon as you use specific functions, services, or offers on our platform, personal data may be processed. We process personal data if you have given your consent, if there is a legal basis for it, or if the processing is carried out on behalf of the provider.
We reserve the right to change this privacy policy at any time with effect for the future. The current version of the privacy policy can always be accessed, saved, and printed via our platform.
Data protection is of high importance to us, and we want you to feel safe while visiting our platform. Below we inform you in accordance with Art. 12, 13, and 21 of the EU General Data Protection Regulation (GDPR) about the type, scope, and purpose of the personal data we collect, use, and process, and inform you of your rights as a data subject.
This privacy policy (together with our Terms of Use and any other referenced documents) forms the basis for how we process any personal data we collect from you or that you provide to us. Please read this policy carefully to understand how we handle your personal data.
This privacy policy applies to our direct customers who use our product (hereinafter "users").
We point out that data transmission over the Internet (e.g., communication by email) may have security vulnerabilities. Complete protection of data from third-party access is not possible.
The responsible entity for data processing on this website is:
Philipp Uhl Capital UG (haftungsbeschränkt)
Weberstr. 18
59558 Lippstadt
Germany
Email: privacymessagejay.com
The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Unless a more specific storage period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion will occur after these reasons no longer apply.
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data according to Art. 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing also takes place based on Art. 49(1)(a) GDPR. If you consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), processing is additionally based on § 25(1) TDDDG. Consent can be revoked at any time.
If your data is required to fulfill a contract or carry out pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data if required to fulfill a legal obligation based on Art. 6(1)(c) GDPR. Processing can also be based on our legitimate interest under Art. 6(1)(f) GDPR. We inform you about the respective legal bases in the following sections of this privacy policy.
In the course of our business activities, we work with various external entities. This may require the transfer of personal data to these external parties. We only disclose personal data to external parties if it is necessary for contract fulfillment, if we are legally obligated to do so (e.g., to tax authorities), if we have a legitimate interest according to Art. 6(1)(f) GDPR, or if there is another legal basis. When using processors, we only disclose personal data based on a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Many data processing operations are only possible with your explicit consent. You can revoke consent already given at any time. The legality of the data processing carried out before the revocation remains unaffected.
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the browser address line switching from “http://” to “https://” and the lock symbol in your browser line.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
The use of contact data published as part of the legal notice obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited promotional information, such as spam emails.
Various types of personal information are collected and processed by us. Below, we explain the types.
Philipp Uhl Capital UG is not obligated to provide the services offered on our website and in our app if the necessary data is not provided, and you may not be able to register for a user account.
You may provide us with information, including personal data, when filling out forms on the website/app (e.g., during registration), or when contacting us via phone, email, or other means. Mandatory fields are indicated in the registration form.
Personal data may include:
Each time you visit our website/app, we may, in accordance with applicable law and, if required, with your consent, collect data about the devices you use, the networks you connect to, or your activities on the website/app. This may include:
We collect this data using various technologies, including cookies (see our cookie policy for more).
This data is collected on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website.
If you contact us via email, phone, or fax, your request, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.
Processing is based on Art. 6(1)(b) GDPR if your request relates to contract fulfillment or pre-contractual measures. In all other cases, processing is based on our legitimate interest (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if obtained. Consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory statutory provisions—especially retention periods—remain unaffected.
We delete personal data after it is no longer needed for contract execution and there are no legitimate interests or legal retention obligations (§ 147 AO, § 257 HGB) preventing deletion.
We use the data collected from you as follows:
We also process personal data based on legitimate interests:
We may share your data with one or more processors who use it exclusively for internal purposes on our behalf. The relationship with processors is described below:
Provider: Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter AWS).
When you visit our website, your personal data is processed on AWS servers. Data may also be transferred to AWS’s parent company in the USA. The transfer is based on EU Standard Contractual Clauses. Details: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/
See AWS’s privacy policy here: https://aws.amazon.com/de/privacy/?nc1=f_pr
Use of AWS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the reliable presentation of our website. If consent has been obtained, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG (for cookies or device access). Consent can be revoked at any time.
AWS is certified under the EU-U.S. Data Privacy Framework (DPF). More info: https://www.dataprivacyframework.gov/participant/5776
We have concluded a data processing agreement (DPA) with AWS to ensure your personal data is processed in accordance with the GDPR and only on our instructions.
We use Stripe as our payment service provider to ensure the secure processing of payments in our products. When you make a payment through Stripe, your payment data, such as credit card information, is processed directly by Stripe. As the operator of our products, we have no access to this data and do not store it in our systems. Stripe is certified under the international security standard PCI DSS and uses state-of-the-art encryption technologies to protect your data. Further information about Stripe and data protection at Stripe can be found in their privacy policy at https://stripe.com/de/privacy.
Our website uses the privacy-friendly web analytics tool PostHog, provided by PostHog Inc. Data processing takes place exclusively on servers within the European Union.
We use PostHog in cookieless mode. No cookies are set, and no information is stored on the user's device. PostHog only collects anonymous usage information, such as pages visited, duration of stay, or click behavior. IP addresses are not permanently stored or are immediately anonymized. Identification of individual persons is not possible.
Processing is carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in analyzing website usage and optimizing our online offering. There is no transfer of personal data to third countries.
You can object to the analysis at any time by activating the "Do Not Track" feature in your browser.
Further information on data protection at PostHog can be found here: https://posthog.com/privacy.
Certain functions of our service use services provided by the company OpenAI.
If you use these functions, the data you enter as well as any data you select for processing will be processed directly by OpenAI. Further information about OpenAI and data protection at OpenAI can be found in their privacy policy at https://openai.com/de-DE/policies/row-privacy-policy/.
To make visiting our platform attractive and to enable the use of certain functions, we use so-called "cookies" on our platform. These are small text files that are placed and stored on your device via a browser. Many cookies contain a so-called cookie ID. This is a string of characters that allows platforms and servers to be assigned to a specific browser in which the cookie was stored. After the browser session ends, most of the cookies we use are deleted ("session cookies"). Persistent cookies, on the other hand, remain on your device. These cookies allow us and other websites you visit to distinguish your individual browser from others and thus to identify you individually during a visit to our platform. The purpose of this identification is to facilitate your use of our platform and to make your visit as pleasant as possible. Some of the third-party services we integrate may also use cookies. Please refer to the respective third-party websites for details on their functionality and data processing.
You can find the services we use in this privacy policy. You can configure your browser to inform you when cookies are set and to decide individually whether to accept them or to exclude the acceptance of cookies for specific cases or in general, or to prevent cookies from being set altogether, thereby permanently objecting to their use. You can also delete already set cookies at any time via your browser. This also applies to all third-party cookies listed below. If you do not accept cookies or deactivate them, the functionality of our platform may be limited.
As a member of our website/app, you can access the personal data we hold about you via your account in order to correct, modify, or delete inaccurate information. You are obligated to provide truthful, accurate, and complete information in your account and to keep it up to date. You may also update or delete your personal data or object to the processing of certain personal data by contacting us. You can also close your account at any time. You have the right to:
withdraw your previously given consent at any time in accordance with Art. 7 para. 3 GDPR. This means that we will no longer be permitted to continue processing the data based on this consent in the future;
request information pursuant to Art. 15 GDPR about your personal data processed by us. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of rights to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, where applicable, meaningful information about its details;
request the correction of incorrect or the completion of your personal data stored by us without delay in accordance with Art. 16 GDPR;
request the deletion of your personal data stored by us pursuant to Art. 17 GDPR, unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
request the restriction of the processing of your personal data pursuant to Art. 18 GDPR if the accuracy of the data is contested by you, the processing is unlawful, but you oppose the erasure and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Art. 21 GDPR;
receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transmission to another controller pursuant to Art. 20 GDPR, and
lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
Please note that in some cases, we will retain certain data about you as required by law or for legitimate purposes. For example, if we suspect fraudulent intent or a violation of the Terms of Service, we may wish to retain some of your data to prevent circumvention of the rules governing our community.
IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).
All future changes to our privacy policy will always be published on our website. In addition, we will inform our members by email before any changes are made.
These privacy policy shall be governed by German law. The sole binding language of this privacy policy is German. The English translation provided is for information purposes only and has no legal force whatsoever.