Privacy Policy

Studi AI

Privacy Policy

We are delighted about your visit to our website. Data protection is of particularly high importance to us. In principle, it is possible to use our website without providing any personal data. However, if a data subject wishes to use specific services via our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with applicable country-specific data protection regulations. Through this privacy policy, we aim to inform you and the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy serves to inform data subjects about their rights.

Hesse Al GmbH, as the controller responsible for processing, has implemented numerous technical and organizational measures (TOMs) to ensure the most comprehensive protection possible for personal data processed via this website. Nevertheless, internet-based data transmissions may inherently have security vulnerabilities, meaning absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us through alternative means, such as by telephone.

1. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union, and other provisions of a data protection nature is:

Hesse Al GmbH

Managing Directors: Nikolas Adjan, Veit Heller, Frederik Stoiber

Innstraße 69b

94032 Passau

Germany

Email: support@hesse.ai

Website: https://hesse.ai/

2. Contact Details of the Data Protection Officer

Every data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection. The data protection officer of the controller is:

BullProtect, a brand of NetBull GmbH

https://bullprotect.de/

Jeremias Vaillant

You can reach our data protection officer by post at the aforementioned address with the addition "Data Protection Officer" or by email at: datenschutz@hesse.ai

3. Collection of General Data and Information

Our website collects a range of general data and information each time it is accessed by a data subject or an automated system. This general data and information is stored in the server log files.

The following may be collected, for example:

(1) the browser types and versions used,

(2) the operating system used by the accessing system,

(3) the website from which an accessing system reaches our website (so-called referrers),

(4) the subpages accessed via an accessing system on our website,

(5) the date and time of access to the website,

(6) an Internet Protocol address (IP address),

(7) the Internet service provider of the accessing system, and

(8) other similar data and information that serve to protect against threats in the event of attacks on our information technology systems.

When using this general data and information, no conclusions are drawn about the data subject. Rather, this information is needed to:

(1) deliver and display the content of our website correctly,

(2) optimize the content of our website and its advertising,

(3) ensure the long-term functionality of our information technology systems and the technology of our website, and

(4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.

This anonymously collected data and information is therefore evaluated by the controller both statistically and with the aim of increasing data protection and data security within our company, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.

4. Web Hosting

This website is hosted by an external service provider (hoster). The hosting of this website is provided by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Personal data collected on this website is stored on the hoster’s servers. This may include, in particular, IP addresses, contact requests, metadata and communication data, website accesses, and other data generated via a website.

The use of the hoster is for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the legitimate interest of providing our online offering securely, quickly, and efficiently through a professional provider (Art. 6(1)(f) GDPR). If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

We have concluded a data processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, obligating them to protect our customers' data and not to disclose it to third parties.

5. Legal Basis for Processing

Art. 6(1)(a) GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, such as in processing operations required for the delivery of goods or the provision of any other service or consideration, the processing is based on Art. 6(1)(b) GDPR. The same applies to processing operations necessary for carrying out pre-contractual measures, such as inquiries about our products or services. If we are subject to a legal obligation requiring the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)(c) GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured on our premises and their name, age, health insurance data, or other vital information needed to be passed on to a doctor, hospital, or other third party. In such cases, the processing would be based on Art. 6(1)(d) GDPR. Finally, processing operations may be based on Art. 6(1)(f) GDPR. This legal basis applies to processing operations not covered by any of the aforementioned legal grounds, where the processing is necessary to safeguard our legitimate interests or those of a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not override them. Such processing operations are permissible, in particular, because they have been specifically mentioned by the European legislator. The legislator considered that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 GDPR). Where the processing of personal data is based on Art. 6(1)(f) GDPR, our legitimate interest lies in conducting our business activities for the benefit of the well-being of all our employees and shareholders.

6. Duration of Storage of Personal Data

The criterion for the duration of storage of personal data is the respective statutory retention period. After the expiration of this period, the corresponding data is routinely deleted, provided it is no longer required for the performance or initiation of a contract and no other legal or statutory requirements prevent its deletion.

7. Routine Deletion and Blocking of Personal Data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or as provided for by the European legislator or another legislator in laws or regulations to which the controller is subject. If the storage purpose ceases to apply or a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with statutory provisions.

8. Statutory or Contractual Provisions for the Provision of Personal Data

We inform you that the provision of personal data is partly required by law (e.g., tax regulations) or may also arise from contractual or pre-contractual arrangements (e.g., details of the contracting party). In some cases, it may be necessary for a data subject to provide us with personal data for the conclusion of a contract, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data when concluding a contract with us. Failure to provide such personal data would result in the contract with the data subject not being concluded. Before providing personal data, the data subject must contact one of our employees. Our employee will clarify on a case-by-case basis whether the provision of personal data is required by law or contract or necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

9. Registration on Our Website / Use of Input Forms and Templates

The data subject has the option to register on the controller’s website or enter personal data into input forms, providing personal data in the process. This may be necessary, for example, to subscribe to a newsletter, contact us via a contact form, register for participation in events, or similar registration options. The specific personal data transmitted to the controller is determined by the respective input form used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the data to be passed on to one or more processors, such as a parcel service provider, who will also use the personal data exclusively for internal purposes attributable to the controller.

When you contact us (e.g., via a contact form), personal data is collected. This data is stored and used solely for the purpose of responding to your request and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your contact aims at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after the final processing of your inquiry, which is the case when it can be inferred that the matter in question has been conclusively resolved, provided no statutory or legal retention obligations prevent deletion.

Upon registration on the controller’s website, the IP address assigned by the data subject’s Internet service provider (ISP), as well as the date and time of registration, are also stored. The storage of this data is necessary to prevent misuse of our services and, if needed, to enable the investigation of committed offenses. In this respect, the storage of this data is required to protect the controller. This data is not passed on to third parties unless there is a legal or statutory obligation to do so or the disclosure serves the purpose of law enforcement.

The registration of the data subject with the voluntary provision of personal data enables the controller to offer the data subject content or services that, due to their nature, can only be offered to registered users or those who explicitly request them.

Registered persons are free to modify the personal data provided at any time or to have it completely deleted from the controller’s database.

The controller shall, upon request, provide any data subject at any time with information about which personal data concerning the data subject is stored. Furthermore, the controller shall correct or delete personal data at the request or indication of the data subject, provided no statutory or legal retention obligations prevent this. All employees of the controller are available to the data subject as contact persons in this context.

10. Use of Our Paid Services

If you wish to use our paid services, it is necessary for the conclusion of a contract that you provide your personal data, which we require to process your order. Mandatory information required for the execution of contracts is marked separately; additional information is voluntary. We process the data you provide to handle your order. For this purpose, we may pass your payment data on to our house bank. The legal bases for this are Art. 6(1)(a) GDPR (consent) and, where applicable, Art. 6(1)(b) GDPR (contract).

You may voluntarily create a customer account, through which we can store your data for future purchases. When creating an account under "My Account," the data you provide will be stored revocably. You can delete all further data, including your user account, at any time in the customer area. We may also process the data you provide to inform you about other interesting products from our portfolio or to send you emails with technical information. Please also refer to the following section in this regard.

Due to commercial and tax law requirements, we are obliged to store your address, payment, and order data for a period of ten years. After the expiration of this period, the relevant data will be routinely deleted, provided it is no longer required for contract performance or initiation and/or there is no continued legitimate interest on our part in retaining it.

To prevent unauthorized access by third parties to your personal data, especially financial data, the ordering process is encrypted using TLS technology.

11. Recipients or Categories of Recipients

Depending on the purpose of collecting personal data, we may transfer this data to the following recipients or categories of recipients, or they may be directly involved in the processing of personal data:

- Provider / Web Hoster (see section "4. Web Hosting")

- IT service providers and other recipients depending on the tools used (see section "19. Use of Additional Applications, Plugins, and Tools")

To the extent that links to websites of other providers are provided, this privacy policy does not apply to their content. We have no knowledge or influence over what data the operators of these sites may collect.

12. Third-Country Transfers

If we transfer personal data to service providers outside the European Economic Area (EEA), such transfers will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection or if other appropriate data protection safeguards (e.g., binding corporate rules or EU Standard Contractual Clauses) are in place. Please refer to the further details provided in this policy, particularly the final section, which describes in detail the tool-specific recipients and their locations.

Since all third-country transfers are exclusively to the USA, these transfers are currently based on the existing adequacy decision as the transfer mechanism. Should this (e.g., due to annulment by the ECJ) no longer be a valid transfer mechanism, we will at that point base the third-country transfers on the existing Standard Contractual Clauses (SCCs).

13. Existence of Automated Decision-Making

As a responsible company, we do not use automated decision-making or profiling.

14. Data Protection in Applications and the Application Process

The controller collects and processes personal data from applicants for the purpose of handling the application process. Processing may also occur electronically. This is particularly the case if an applicant submits corresponding application documents to the controller electronically, for example, via email or a web form available on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of managing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the controller, the application documents will be automatically deleted no later than six months after notification of the rejection decision, provided no other legitimate interests of the controller pursuant to Art. 6(1)(f) GDPR prevent deletion. Another legitimate interest in this sense could be, for example, a burden of proof in proceedings under the German General Equal Treatment Act (AGG).

15. Definitions

This privacy policy is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy, we use, among others, the following terms:

a) Personal Data

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject

"Data subject" means any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing

"Processing" means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing

"Restriction of processing" means the marking of stored personal data with the aim of limiting its processing in the future.

e) Profiling

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization

"Pseudonymization" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Filing System

"Filing system" means any structured set of personal data accessible according to specific criteria, whether centralized, decentralized, or dispersed on a functional or geographical basis.

h) Controller or Data Controller

"Controller" (or "data controller") means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

i) Processor

"Processor" means a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

j) Recipient

"Recipient" means a natural or legal person, public authority, agency, or another body to which personal data is disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

k) Third Party

"Third party" means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

l) Consent

"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

m) Enterprise

"Enterprise" means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity.

16. Rights of the Data Subject

a) Right to Confirmation

Every data subject has the right, granted by the European legislator, to obtain from the controller confirmation as to whether or not personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they may contact an employee of the controller at any time.

b) Right to Access

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller, at any time and free of charge, information about the personal data stored about them and a copy of this information. Furthermore, the European legislator has granted the data subject the right to access the following information:

- the purposes of the processing;

- the categories of personal data being processed;

- the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;

- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

- the right to lodge a complaint with a supervisory authority;

- where the personal data is not collected from the data subject, any available information as to its source;

- the existence of automated decision-making, including profiling, referred to in Art. 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, the data subject has the right to be informed whether personal data has been transferred to a third country or an international organization. Where this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.

If a data subject wishes to exercise this right to access, they may contact an employee of the controller at any time.

c) Right to Rectification

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to request the immediate rectification of inaccurate personal data concerning them. Furthermore, taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

If a data subject wishes to exercise this right to rectification, they may contact an employee of the controller at any time.

d) Right to Erasure (Right to Be Forgotten)

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to request from the controller the erasure of personal data concerning them without undue delay, provided one of the following grounds applies and the processing is not necessary:

- The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.

- The data subject withdraws consent on which the processing is based according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, and there is no other legal ground for the processing.

- The data subject objects to the processing pursuant to Art. 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR.

- The personal data has been unlawfully processed.

- The erasure of personal data is required to comply with a legal obligation under Union or Member State law to which the controller is subject.

- The personal data has been collected in relation to the offer of information society services referred to in Art. 8(1) GDPR.

If one of the aforementioned reasons applies and a data subject wishes to request the erasure of personal data stored by us, they may contact an employee of the controller at any time. Our employee will ensure that the erasure request is complied with promptly.

If the personal data has been made public by us and we, as the controller, are obliged pursuant to Art. 17(1) GDPR to erase the personal data, we will, taking into account available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers processing the published personal data that the data subject has requested the erasure of all links to, or copies or replications of, that personal data, unless the processing is necessary. Our employee will arrange the necessary measures on a case-by-case basis.

e) Right to Restriction of Processing

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to request from the controller the restriction of processing where one of the following applies:

- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.

- The processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead.

- The controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise, or defense of legal claims.

- The data subject has objected to processing pursuant to Art. 21(1) GDPR, pending the verification of whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions is met and a data subject wishes to request the restriction of personal data stored by us, they may contact an employee of the controller at any time. The employee will arrange the restriction of processing.

f) Right to Data Portability

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit that data to another controller without hindrance from the controller to which the personal data was provided, where the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, or on a contract pursuant to Art. 6(1)(b) GDPR, and the processing is carried out by automated means, provided the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising their right to data portability pursuant to Art. 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided this does not adversely affect the rights and freedoms of others. To assert the right to data portability, the data subject may contact an employee of the controller at any time using the contact details provided above.

g) Right to Object

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims.

If we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to us processing their data for direct marketing purposes, we will no longer process the personal data for these purposes.

Additionally, the data subject has the right, on grounds relating to their particular situation, to object to the processing of personal data concerning them by us for scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

To exercise the right to object, the data subject may directly contact one of our employees. The data subject is also free, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.

h) Automated Individual Decision-Making, Including Profiling

Every data subject affected by the processing of personal data has the right, granted by the European legislator, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, provided the decision:

(1) is not necessary for entering into or performing a contract between the data subject and the controller, or

(2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights, freedoms, and legitimate interests, or

(3) is based on the data subject’s explicit consent.

If the decision:

(1) is necessary for entering into or performing a contract between the data subject and the controller, or

(2) is made with the data subject’s explicit consent,

we will implement suitable measures to safeguard the data subject’s rights, freedoms, and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express their point of view, and to contest the decision.

If the data subject wishes to exercise rights concerning automated decision-making, they may contact an employee of the controller at any time.

i) Right to Withdraw Data Protection Consent

Every data subject affected by the processing of personal data has the right, granted by the European legislator, to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they may contact an employee of the controller at any time.

j) Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data violates the GDPR, you have the right, pursuant to Art. 77 GDPR, to lodge a complaint with the data protection officer mentioned above or with a supervisory authority.

The supervisory authority responsible for us is:

Bayerischer Landesbeauftragter für den Datenschutz

Postfach 22 12 19

80502 München

Germany

Our data protection officer is also available to assist you at the contact details provided under section 2.

17. Cookies

Our websites, apps, or other services may use cookies. Cookies are text files that are stored on an information technology system (e.g., computer, laptop, smartphone, tablet) via an internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that allows websites and servers to identify the specific internet browser in which the cookie was stored. This enables visited websites, servers, apps, or other services to distinguish the individual browser of the data subject from other internet browsers that contain different cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, we can provide users of our services with more user-friendly services that would not be possible without the setting of cookies.

By means of a cookie, the information and offers on our services can be optimized in the interest of the user. As mentioned earlier, cookies allow us to recognize the users of our websites, apps, or other services. The purpose of this recognition is to make it easier for users to utilize our services. For example, a user of a service that uses cookies does not have to check the cookie banner and make a selection each time they visit or enter their login details again on the website, as this is handled by the website and the cookie stored on the user’s system. Another example is the cookie of a shopping cart in an online shop, which allows the online shop to remember the items a customer has placed in the virtual shopping cart.

The data subject can prevent the setting of cookies by our services at any time by adjusting the settings of the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our services may be fully usable.

18. Consent Management Tool

To obtain the aforementioned cookies and your consent for them, as well as for any third-party connections (see the following section), we use a cookie consent tool, also known as a "cookie banner" or, more accurately, a "consent banner."

19. Use of Additional Applications, Plugins, and Tools

We aim to provide you with the best possible service. Therefore, we have integrated various applications, plugins, and tools (hereinafter: "tools") on our website. Depending on their function, these tools can, for example, optimize the loading times of our website, simplify its use, assist us in improving our offerings, or enhance security.

Under this button, you can adjust the consents managed via the consent tool:

http://app.studi.ai/?privacy=show

We explain the specific details regarding the tools used below.

Privacy Policy Regarding the Use of the OpenAI API

We have integrated the OpenAI API into our website. The operator of the OpenAI API is OpenAI Inc., located at 415 Brannan St, San Francisco, CA 94107, USA. OpenAI provides a wide range of AI technologies and services, including language processing and text generation. By integrating the OpenAI API, we can enhance certain functions on our website, such as automated text generation for customer interactions or personalized content. When using this third-party provider, personal data such as text inputs or usage data may be processed. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The third-party provider or product OpenAI API enables us to improve the user experience on our website by providing automated text generation and other features.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this provider if you have given us your consent to do so. For more information on the handling of personal data, please refer to OpenAI’s privacy policy: https://openai.com/privacy/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., shopping carts) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of Paddle

We have integrated the third-party provider Paddle into our website. The operator of Paddle is Paddle.com Inc., located at 3811 Ditmars Blvd, #1071, Astoria, New York, 11105-1803, USA. Paddle is a platform that enables us to sell and manage digital products. Its features include, among others, the processing of payment information, the provision of license keys, and the management of subscriptions. In the context of these functions, personal data such as name, email address, billing address, and payment information may be processed. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The third-party provider or product Paddle enables us to ensure a secure and reliable payment processing process for our digital products and to efficiently manage customer relationships.

Legal Basis

We also have a legitimate interest in optimizing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Paddle’s privacy policy: https://www.paddle.com/legal/privacy.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of ipinfo.io

We have integrated the third-party provider ipinfo.io into our website. The operator of ipinfo.io is ipinfo.io, Inc., located in San Francisco, California, USA. ipinfo.io is a service that enables the retrieval of geographical information based on IP addresses. This includes data such as country, region, city, postal code, latitude, longitude, and internet service provider. Through the processing of IP addresses, personal data may be collected, particularly if this information is linked to other data sources. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

We use ipinfo.io to provide our visitors with personalized content based on their geographical location. For example, we can automatically adjust the language of the website or display location-specific offers.

Legal Basis

We also have a legitimate interest in optimizing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to ipinfo.io’s privacy policy: https://ipinfo.io/privacy-policy.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of Framer

We have integrated the third-party provider Framer into our app. The operator of Framer is Framer B.V., located at Rozengracht 105, 1016 Amsterdam, Netherlands. Framer is a platform that enables us to flexibly design and manage our app. It serves as a design and development tool with which we can create, edit, and optimize content to provide an appealing and user-friendly experience. When using Framer, personal data such as IP addresses, usage data, browser information, and potentially form content may be processed. This data is used to provide and optimize the app. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

Framer enables us to design a user-friendly and visually appealing app that provides our users with an optimal experience. By using this tool, we can efficiently present, update, and manage content, contributing to the improvement of our digital presence.

Legal Basis

We rely on our legitimate interest in optimizing our online service pursuant to Art. 6(1)(f) GDPR. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). For more information on the handling of personal data, please refer to Framer’s privacy policy: https://www.framer.com/legal/privacy-policy/legal/privacy-statement/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) in the app no longer working, even if you wish them to.

Privacy Policy Regarding the Use of PostHog

We have integrated the third-party provider PostHog into our website. The operator of PostHog is PostHog Inc., located at 965 Mission Street, San Francisco, CA 94103, USA. PostHog is an analytics and product management platform that allows us to gain detailed insights into user behavior on our website. By integrating PostHog, we can collect and analyze data about user interactions, page views, dwell time, and other behavioral metrics. When using PostHog, personal data such as IP addresses, usage data, device information, and browser information may be processed. This data is used to improve the website, optimize the user experience, and for marketing purposes. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

PostHog enables us to make informed decisions to optimize our website and improve the user experience. By analyzing the collected data, we can identify weaknesses and take targeted measures for improvement.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this tool if you have given us your consent to do so. For more information on the handling of personal data, please refer to PostHog’s privacy policy: https://posthog.com/privacy.

Option to Object

Privacy Policy Regarding the Use of Sentry

We have integrated the tool Sentry into our website. The operator of Sentry is Sentry Inc., located at 132 Hawthorne St, San Francisco, CA, USA. Your data may therefore also be stored and processed on servers in the United States. Sentry is an error management tool that enables the monitoring of frontend and backend applications. It allows us to detect and track crashes and errors within the source code. As such, no data processing is carried out for marketing purposes, and only data such as your IP address or device information at the time of an error is collected. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

Sentry enables us to ensure the stability of our systems and quickly identify code errors.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in optimizing and securing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Sentry’s privacy policy: https://sentry.io/privacy/.

Option to Object

Privacy Policy Regarding the Use of AWS S3

We have integrated the third-party provider AWS S3 into our website. The operator of AWS S3 is Amazon Web Services, Inc., located at 410 Terry Avenue North, Seattle, WA 98109-5210, USA. AWS S3 is a cloud storage service that enables us to securely store and access files and data in the cloud. By integrating AWS S3, we can optimize the loading times of our website, ensure scalability, and provide reliable data storage. In the context of these functions, personal data such as IP addresses, usage data, and metadata may be transmitted and stored. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

AWS S3 enables us to use a reliable and scalable data storage solution for our website. By using AWS S3, we can ensure that our data is always available and high performance is maintained.

Legal Basis

We also have a legitimate interest in optimizing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Amazon Web Services’ privacy policy: https://aws.amazon.com/de/privacy/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of AWS SES

We have integrated the third-party provider AWS SES into our website. The operator of AWS SES is Amazon Web Services, Inc., located in Seattle, Washington, USA. AWS SES (Amazon Simple Email Service) enables us to reliably and cost-effectively deliver emails via the AWS infrastructure. In this context, personal data such as email addresses may be processed, which are necessary for sending notification emails or confirmation emails. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

AWS SES enables us to ensure that important emails, such as registration confirmations or password recovery emails, are reliably delivered to our users.

Legal Basis

We also have a legitimate interest in optimizing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Amazon Web Services’ privacy policy: https://aws.amazon.com/de/privacy/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of Microsoft Azure

We have integrated the third-party provider Microsoft Azure into our website. The operator of Microsoft Azure is Microsoft Corporation, located at One Microsoft Way, Redmond, Washington 98052-6399, USA. For the European region, Microsoft Ireland Ltd., South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland, is responsible for all Microsoft services. Microsoft Azure provides a comprehensive cloud platform that enables various functions on websites. When using this third-party provider, personal data such as IP addresses, device information, and usage data may be processed. We only process personal data for as long as necessary and delete it in accordance with our deletion policy. If a cookie is set, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

Microsoft Azure enables us to provide a reliable and powerful cloud infrastructure for various website functions, including data storage, data processing, and service delivery.

Legal Basis

The legal basis for the use of this tool requires your consent, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). This consent is obtained and documented via our consent tool. Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Microsoft’s privacy policy: https://privacy.microsoft.com/de-DE/privacystatement.

Option to Object

Privacy Policy Regarding the Use of Cloudflare

We have integrated the Content Delivery Network (CDN) Cloudflare into our website. The operator of Cloudflare is Cloudflare, Inc., located at 101 Townsend St., San Francisco, CA 94107, USA.

Cloudflare is a service that enables the reduction of website loading times. This allows websites to load quickly and optimally, even during high traffic peaks. At the same time, Cloudflare protects its users’ websites with an additional firewall and DDoS protection. To provide Cloudflare’s services, personal data from your browser may be sent to the service. This means the provider has the ability to collect and store user data such as your IP address, browser version, browser type, or the date of your visit to the site. According to its own statements, Cloudflare processes this data within the framework of applicable laws, including the GDPR. Third parties with whom Cloudflare collaborates may only process personal data under Cloudflare’s direction and in compliance with its privacy policies and other confidentiality and security measures. Cloudflare does not share personal data without our explicit consent. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

Cloudflare enables us to provide you with a well-functioning experience on our website. With Cloudflare’s help, our website can load significantly faster, while also enhancing our security against threats.

Legal Basis

We have a legitimate interest in optimizing and securing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). For more information on the handling of personal data, please refer to Cloudflare’s privacy policy: https://www.cloudflare.com/dede/privacypolicy/.

Option to Object

Privacy Policy Regarding the Use of jsDelivr

We have integrated the Content Delivery Network (CDN) jsDelivr, operated by the Polish company ProspectOne, Królewska 65A/1, 30-081 Kraków, Poland, into our website.

jsDelivr is an open-source service that enables the reduction of website loading times. This allows websites to load quickly and optimally, even during high traffic peaks. To provide jsDelivr’s services, personal data from your browser may be sent to the service. This means the provider has the ability to collect and store user data such as your IP address, browser version, browser type, or the date of your visit to the site. However, jsDelivr states in its privacy policy that the company does not use cookies or other tracking services. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

jsDelivr enables us to provide a well-functioning experience on our website. With jsDelivr’s help, our website can load significantly faster, which is particularly beneficial for our international visitors, as the CDN can deliver our website via nearby servers.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in optimizing and securing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this tool if you have given us your consent to do so. For more information on the handling of user data, please refer to jsDelivr’s privacy policy: https://www.jsdelivr.com/terms/privacy-policy-jsdelivrnet.

Option to Object

Privacy Policy Regarding the Use of Apple Login

We have integrated the “Sign in with Apple” (Apple Login) authentication feature into our website. The operator of this service is Apple Inc., located at One Apple Park Way, Cupertino, CA 95014, USA. For Europe, Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, is responsible.

Apple Login enables you to authenticate yourself securely and conveniently on our website using your Apple ID. In this process, personal data such as your Apple ID, name, email address, and an anonymized relay email address generated by Apple may be processed. Users have the option to hide their actual email address by using a randomly generated “Private Relay” email address provided by Apple, which forwards messages to their real email address. Additionally, Apple transmits information about the device and browser used during the login process. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

Apple Login enables us to offer a secure and user-friendly login function based on existing Apple accounts. This eliminates the need for you to remember an additional password, reducing security risks and improving the user experience on our website.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in simplifying the login process for users and enhancing security, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this tool if you have actively chosen this login method. For more information on the handling of personal data, please refer to Apple’s privacy policy: https://www.apple.com/legal/privacy/de-ww/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., login features) on visited websites no longer working.

Privacy Policy Regarding the Use of Google Login

We have integrated the Google Login authentication tool from Google LLC into our website. The operator of Google Login is Google LLC, located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For the European region, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, is responsible for all Google services, with joint responsibility assumed.

Google Login enables users to log in to our website using their existing Google account without needing to create a separate user account. In this process, Google processes personal data such as your email address, name, language settings, and profile picture. Depending on your individual Google account settings, additional information may also be transmitted. Google provides us with this data via a secure interface (API) to facilitate the login process and ensure seamless use of our website. We do not store Google account passwords but use the provided identity data solely for authentication purposes. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The third-party product Google Login enables us to provide you with a fast, secure, and user-friendly login option on our website. By integrating this tool, you save time by not needing to create a separate account and benefit from enhanced security, as no additional passwords need to be stored or managed.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). Additionally, we have a legitimate interest in making our online service more user-friendly and secure, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this tool if you have actively chosen this login method. For more information on the handling of personal data, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Option to Object

Privacy Policy Regarding the Use of ProfitWell

We have integrated the third-party provider ProfitWell into our website. The operator of ProfitWell is Paddle.com Inc., located at 3811 Ditmars Blvd, #1071, Astoria, New York, 11105-1803, USA. ProfitWell provides analytics services for SaaS companies to measure and analyze metrics such as revenue, customer retention, and churn rate. In this process, the service processes personal data such as email addresses and payment amounts of the respective account holders. This data is used to make the success of our offerings measurable and analyzable. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

ProfitWell enables us to make the success of our SaaS offerings measurable and analyzable.

Legal Basis

We require your consent for the use of this tool, which forms the legal basis pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR (consent). We obtain and document this consent via the consent tool described earlier. Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). Nevertheless, we only use this tool if you have given us your consent to do so. For more information on the handling of personal data, please refer to ProfitWell’s privacy policy: https://www.profitwell.com/privacy-policy.

Option to Object

Privacy Policy Regarding the Use of RevenueCat

We have integrated the third-party provider RevenueCat into our website. The operator of RevenueCat is RevenueCat, Inc., located at 2261 Market Street #4384, San Francisco, CA 94114, USA. RevenueCat is a platform for managing in-app subscriptions, enabling developers to efficiently handle subscription models for mobile applications. By integrating RevenueCat, information about subscriptions, purchases, and user behavior may be processed. This includes, in particular, transaction data, device information, the user’s IP address, and certain identifiers such as user or device IDs. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The third-party product RevenueCat enables us to manage subscription models in our mobile applications. This allows seamless integration of in-app purchases, transparent tracking of subscription statuses, and optimization of the user experience through smooth payment processing. Additionally, the collected data helps us analyze and improve our subscription offerings.

Legal Basis

We also have a legitimate interest in operating economically and optimizing our online service, which is why we rely on Art. 6(1)(f) GDPR (legitimate interest). However, it may also be the case that this service is used based on an existing contract, in which case the legal basis is Art. 6(1)(b) GDPR (contract). For more information on the handling of personal data, please refer to RevenueCat’s privacy policy: https://www.revenuecat.com/privacy.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., subscription management) on visited websites no longer working, even if you wish them to.

Privacy Policy Regarding the Use of In-App Purchases via Apple

We enable in-app purchases within our app, which are processed through the Apple App Store. The operator of the Apple App Store is Apple Inc., located at One Apple Park Way, Cupertino, CA 95014, USA. Apple handles the payment processing for the purchase of digital products or subscriptions within our app. For this purpose, personal data such as name{Li, email address, billing address, and payment information are processed. This data is transmitted to Apple to conclude the purchase contract with you. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The use of in-app purchases via Apple enables us to offer you digital products and subscriptions directly within the app and ensure a secure and reliable payment process.

Legal Basis

The processing of personal data in the context of in-app purchases is necessary to fulfill the purchase contract with you and is based on Art. 6(1)(b) GDPR (contract performance). Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Apple’s privacy policy: https://www.apple.com/legal/privacy/de-ww/.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) in the app no longer working, even if you wish them to.

Privacy Policy Regarding the Use of In-App Purchases via Google

We enable in-app purchases within our app, which are processed through the Google Play Store. The operator of the Google Play Store is Google LLC, located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google handles the payment processing for the purchase of digital products or subscriptions within our app. For this purpose, personal data such as name, email address, billing address, and payment information are processed. This data is transmitted to Google to conclude the purchase contract with you. We only process personal data for as long as necessary. Once the purpose of the data processing has been fulfilled, the data is blocked and deleted in accordance with our local deletion policy, unless statutory provisions prevent deletion. If a cookie is set in this context, it will be automatically deleted after the storage period expires, unless you delete it yourself beforehand.

Purposes of Processing

The use of in-app purchases via Google enables us to offer you digital products and subscriptions directly within the app and ensure a secure and reliable payment process.

Legal Basis

The processing of personal data in the context of in-app purchases is necessary to fulfill the purchase contract with you and is based on Art. 6(1)(b) GDPR (contract performance). Additionally, we have a legitimate interest in optimizing our online service, which is why we also rely on Art. 6(1)(f) GDPR (legitimate interest). For more information on the handling of personal data, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Option to Object

You always have the option to manage the setting, administration, and deletion of cookies in your browser according to your preferences and knowledge. For example, if you do not want this tool to set cookies and collect information about you and potentially your behavior, you can disable the setting of cookies entirely in your browser settings at any time. However, this may, in some cases, result in certain functionalities (e.g., country selection or shopping carts) in the app no longer working, even if you wish them to.

Version: March 20, 2025

Terms and Conditions ›

Imprint

Data Regulation