Privacy Policy

1. Controller

Entwicklerherz GmbH
Am Hauptbahnhof 16
60329 Frankfurt am Main
Deutschland

Email: info@entwicklerherz.de

2. Scope

This privacy policy applies to the central landing page (including sub-pages), all web apps/tools/services provided thereunder, the admin/back-office interface, and all related contact and communication channels.

As we operate multiple services, individual features may vary by app. The processing described below may apply depending on usage.

3. Categories of data subjects

Depending on usage, we process data of:

• visitors to the landing page,
• interested parties (e.g. waitlist/lead forms),
• users of the apps (including beta versions),
• communication partners (support/inquiries).

4. Data categories

Depending on usage, we process technical usage data (e.g. page views, clicks, feature usage), metadata/log data (e.g. timestamps, IP address, browser type), contact data (e.g. email address for inquiries) and, where applicable, content data (e.g. messages via contact form).

5. Legal bases

We process data on the basis of the GDPR, in particular:

• Consent (Art. 6(1)(a) GDPR)
• Contract / pre-contractual measures (Art. 6(1)(b) GDPR)
• Legal obligation (Art. 6(1)(c) GDPR)
• Legitimate interest (Art. 6(1)(f) GDPR), e.g. operational security, error analysis, abuse prevention

The storage/reading of information on your device (cookies, localStorage) is additionally governed by § 25 TDDDG. Details see Cookie Settings.

6. Recipients / Processors

We may use service providers that process data on our behalf (commissioned processing). Where necessary, we conclude data processing agreements.

7. Third-country transfers

Our hosting provider (Vercel Inc.) is based in the USA. Data transfers are based on Standard Contractual Clauses (Art. 46(2)(c) GDPR) and, where applicable, additional safeguards. Our own telemetry is processed exclusively within the EU.

8. Retention

We store personal data only as long as necessary for the respective purposes or as required by statutory retention obligations. Subsequently, we delete or anonymise the data.

9. Server log files

When accessing our services, our systems and the hosting provider process log data (IP address, date/time, requested URL, referrer, browser/OS, HTTP status). These serve operation, IT security and error analysis. Legal basis: Art. 6(1)(f) GDPR. Retention: 30 days.

10. Hosting

Our services are hosted by Vercel Inc. (USA). The hosting provider processes the data necessary for delivery and operation.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stable operation); where applicable Art. 6(1)(b) GDPR.

11. Contact requests

When you contact us (e.g. by email), we process your information to handle the enquiry.

Data processed: name (if provided), email address, message content, and any other voluntary information.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual/contractual) or Art. 6(1)(f) GDPR (general enquiries).

Retention: until completion of the enquiry + 6 months.

12. Waitlist / product updates

If you sign up (e.g. waitlist, launch notification), we process your data to inform you and validate our product decisions.

Data processed: email address; optionally name; optionally which app/idea you are interested in.

Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw your consent at any time (e.g. by email to info@entwicklerherz.de or via the unsubscribe link).

13. App usage & user account

If individual apps require a user account, we process data for registration and usage (e.g. email, password as hash, login times, usage data).

Legal basis: Art. 6(1)(b) GDPR (contract performance); Art. 6(1)(f) GDPR (security).

Retention: until account deletion.

14. Admin interface & metrics

We operate an admin interface for analysis and management (e.g. metrics on feature usage, conversions, support cases).

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in product management and security).

Retention: 30 days (raw data), 365 days (aggregated reports).

15. Telemetry

Essential aggregated telemetry is used without storing tool input values.

Our telemetry is self-operated (first-party) and collects only aggregated usage data (page views, events, paths) without personal identifiers. Processing takes place within the EU.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in product improvement).

Mode: ESSENTIAL_AGGREGATED | Raw: 30d | Rollup: 365d

16. Cookies, consent & similar technologies

We use one essential cookie (hub-last-app, 180 days) for app navigation and localStorage (hub-consent-v1) to store your consent preferences. No optional cookies or third-party scripts are currently in use.

16.1 Strictly necessary technologies

These are necessary for basic functions to work (session management, security features, consent storage, app navigation).

Legal basis: § 25(2)(2) TDDDG; Art. 6(1)(f) GDPR.

16.2 Optional technologies

For all non-essential technologies, we obtain consent. Currently, no optional cookies or third-party scripts are in use.

16.3 Manage / withdraw consent

You can change or withdraw your consent at any time at: Cookie Settings

17. App-specific addendum

18. Rights of data subjects

Subject to statutory requirements, you have the following rights:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent (Art. 7(3) GDPR)

Right to lodge a complaint: You may lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

19. Data security

We take appropriate technical and organisational measures to protect your data (e.g. TLS encryption, access controls, authorisation concepts, minimisation). Nevertheless, no internet transmission is absolutely secure.

20. Updates and changes

We may amend this privacy policy if the legal situation, our services or data processing activities change. The current version is always available on this page.