l4yercak3

Privacy Policy

How we collect, use, and protect your data

1. Introduction

Vound Brand UG (haftungsbeschränkt) ("we," "us," or "our") respects your privacy and is committed to protecting the personal data of our users ("User" or "you"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our services.

2. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

Vound Brand UG (haftungsbeschränkt)

Am Markt 11

17309 Pasewalk

Germany

Email: support@l4yercak3.com

UST-ID: DE293728593

Data Protection Officer (DPO): As a small company with a single owner/operator and no core large-scale monitoring or special category data processing, we are not legally required to appoint a Data Protection Officer (Art. 37 GDPR). For all privacy inquiries, please contact us directly at the address above.

3. Data We Collect

We accumulate certain data to provide our Service effectively:

  • Identity Data: Name, email address, password hash.
  • Contact Data: Billing address, phone number.
  • Financial Data: Payment details (processed securely via our payment provider Stripe; we do not store full credit card numbers).
  • Technical Data: IP address, login data, browser type and version, time zone setting, operating system.
  • Usage Data: Information on how you use our website and Service, including audit logs of actions taken within the platform.
  • User Content: Data input into the Service, including text for AI processing and generated results.

4. Purpose of Processing

We process your data for the following purposes:

  • To provide and operate the Service (including AI content generation).
  • To manage your account and subscription.
  • To process payments.
  • To provide customer support.
  • To improve our Service via analytics.
  • To detect and prevent fraud and security issues.

5. Legal Basis for Processing

We process Personal Data under the following legal bases pursuant to the GDPR:

  • Consent (Art. 6(1)(a) GDPR): Use of cookies/tracking technologies and sending of marketing emails.
  • Contract (Art. 6(1)(b) GDPR): Processing necessary to perform the contract with you (e.g., providing the service, processing payments).
  • Legitimate Interests (Art. 6(1)(f) GDPR): Network security, product improvement, and fraud prevention.

6. Data Sharing and Subprocessors

We share data with the following categories of third-party service providers (Subprocessors) to operate our business:

  • Cloud Hosting: Vercel, Supabase, AWS
  • Payment Processing: Stripe
  • AI Models: OpenAI, Anthropic - strictly for content generation request handling
  • Analytics: PostHog, Google Analytics

7. International Data Transfers

If we transfer data to countries outside the European Economic Area (EEA), such as to the US for certain AI or cloud services, we ensure appropriate safeguards are in place, primarily through the use of Standard Contractual Clauses (SCCs) or reliance on the EU-US Data Privacy Framework where the provider is certified.

8. Data Retention

We retain personal data only as long as necessary:

  • Account Data: For the duration of your account + transition period relative to deletion.
  • Tax/Commercial Records: 6 to 10 years as required by German commercial and tax law (§ 257 HGB, § 147 AO).
  • Audit Logs/Technical Data: 7 to 365 days depending on the tier and security relevance.
  • AI Input/Output: Retained transiently for generation or as part of your saved Project content until deleted by you.

9. Your Data Protection Rights

Under the GDPR, you have the following rights:

  • Right to Withdraw Consent (Art. 7(3)): You may withdraw your consent at any time (e.g., opting out of marketing).
  • Access, Rectification, Erasure: You can request to access, correct, or delete your data.
  • Restriction & Objection: You may restrict processing or object to processing based on legitimate interests.
  • Data Portability: You may request your data in a structured format.
  • Complaint: You have the right to lodge a complaint with a supervisory authority.

Supervisory Authority:

Der Landesbeauftragte für Datenschutz und Informationsfreiheit Mecklenburg-Vorpommern

Schloss Schwerin, Lennéstraße 1, 19053 Schwerin

10. Security (TOMs)

We implement appropriate technical and organizational measures ("TOMs") including encryption (SSL/TLS), access controls, and regular security reviews to protect your data.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Vound Brand UG (haftungsbeschränkt)

Email: support@l4yercak3.com

See also

Cookie PolicyTerms of Service