|
Privacy Policy
This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as \"data\") within the scope of our online offering and the associated websites, functions, content, and external online presences, such as our social media profiles (LinkedIn, Instagram).
When visiting our social media profiles (LinkedIn, Instagram), personal data is processed by the respective platform operators. We point out that, for certain processing operations, we are jointly responsible with the platform operators within the meaning of Article 26 of the General Data Protection Regulation (GDPR). Data processing is carried out in accordance with the privacy policies of the respective providers.
With regard to the terminology used, such as \"personal data\" or \"processing,\" we refer to the definitions set out in Article 4 of the GDPR.
We process personal data of our users only to the extent necessary to provide a functional web application as well as our content and services. Processing is carried out on the basis of the GDPR and the applicable national data protection regulations.
Last updated: December 12, 2025
The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:
Our web application is hosted by the following service provider:
Processing is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest in the secure and stable operation of the application).
A data processing agreement pursuant to Article 28 GDPR has been concluded.
For the storage and processing of application data, we use the backend service Supabase, with servers located in the European Union.
In particular, the following data is processed in Supabase: Authorization data (email address), usage data, technical identifiers, tokens, and application-related data.
No plain-text data such as names or postal addresses is processed. Personal data required for identification and authentication (email addresses and technical identifiers) is processed. Sensitive application data is stored separately from directly identifying personal data. Processing is carried out exclusively on our instructions on the basis of a data processing agreement pursuant to Article 28 GDPR.
The legal basis for processing is Article 6(1)(b) GDPR (performance of a contract) and Article 6(1)(f) GDPR (technical operation).
For payment processing, we use the payment service provider Payone.
Depending on the payment method, the following data may be processed by Payone: Payment amounts, Payment status, Transaction identifiers, If applicable, the name and payment details of the payer.
Offered payment methods: Credit card, SEPA, PayPal.
Processing is carried out on the basis of Article 6(1)(b) GDPR (execution of payments). A data processing agreement has also been concluded with this service provider.
If you contact us (via the contact form or by email at hello@leadarise.com), the information you provide will be processed for the purpose of handling and responding to your inquiry on the basis of Article 6(1)(b) GDPR (pre-contractual measures) or Article 6(1)(f) GDPR (legitimate interest in responding to inquiries). The information you provide may be stored in our customer relationship management system (CRM system) or a comparable inquiry management system.
For the management of our customer and contract data, we use the customer relationship management system Pipedrive.
In particular, the following data is processed: Name, email address, address, contract data, communication history.
Processing is carried out on the basis of Article 6(1)(b) GDPR (performance of a contract) and Article 6(1)(f) GDPR (efficient customer management). A data processing agreement has been concluded.
Invoicing and tax-related processing are carried out using Lexware.
In particular, the following data is processed: Invoice data, Address data, Tax-relevant information, Payment information.
Processing is carried out on the basis of Article 6(1)(b) GDPR and statutory obligations pursuant to Article 6(1)(c) GDPR (tax and commercial law). Data is stored in accordance with statutory retention periods.
Within our application, sensitive content-related data is also processed. This data is stored separately from directly identifying personal data. A direct association is made only where technically necessary for the performance of the contract. Processing is carried out exclusively in encrypted form and subject to strict access restrictions.
Users have the option to maintain a user account within the application. The following rights are granted:
A data export can be provided upon request in accordance with statutory requirements.
Personal data is deleted as soon as the purpose for its storage no longer applies, provided that no statutory retention obligations conflict with this. Data relevant under tax and commercial law is stored in accordance with statutory retention periods for up to 10 years.
We currently do not use any tracking or analytics tools. If optional tracking is introduced in the future, this will only take place after prior consent in accordance with Article 6(1)(a) GDPR. Technically necessary cookies are used on the basis of Article 6(1)(f) GDPR.
Users have the right at any time to:
Requests should be addressed to: support@leadarise.com
Data subjects have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the supervisory authority of the federal state in which our business is based.
We implement technical and organizational security measures to protect personal data against loss, manipulation, or unauthorized access. These include, among others:
Where service providers are based outside the EU or access from third countries cannot be excluded, processing is carried out on the basis of appropriate safeguards in accordance with Articles 44 et seq. GDPR, in particular the EU Standard Contractual Clauses.
We reserve the right to amend this Privacy Policy in the event of legal or technical changes.