Privacy Policy

1. Data Controller

The controller responsible for data processing on this website is:

Christoph Kaesler

Ernst-Rieck-Straße 4

18225 Kühlungsborn

Germany

Email: ck@leadkonzept.de

You may contact us at any time with questions about data protection.

2. Data We Process

2.1 Technical Data (automatically collected)

When you visit our website, the following technical data is automatically collected and transmitted to our server:

• IP address
• Date and time of access
• Browser type and version
• Operating system
• Referrer URL (the previously visited page)

Legal basis: Legitimate interest in providing a stable and secure website (Art. 6 (1) (f) GDPR).

Retention: Server log files are automatically deleted or anonymized after 30 days, unless there are indications of abuse.

2.2 Translation Input Text

When you use our translation service, the text you enter is processed to generate a translation.

Legal basis: Consent through active submission of the form (Art. 6 (1) (a) GDPR).

Retention: Translation input text is processed only during the translation and is not permanently stored on our servers.

Important notice: We recommend that you do not enter sensitive, confidential, or personally identifying information in the translation service. Although we do not store inputs, they are transmitted to our AI processing provider (see Section 4).

3. Hosting and Data Storage

3.1 Hosting Provider (Vercel)

Our website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA.

Our functions (API routes) are currently executed on Vercel servers in Washington, D.C., USA (Region iad1). This means that when you use our website, your IP address and technical data are transmitted to servers in the United States.

Vercel processes data on our behalf in accordance with Vercel's Terms of Service and the Data Processing Addendum contained therein.

Data transfer to the USA: The transfer to the United States is based on the adequacy decision of the European Commission of July 10, 2023 (EU-US Data Privacy Framework). Vercel is certified under this Framework. For more information, visit dataprivacyframework.gov

3.2 Database (Supabase)

For storing user inputs and technical metadata, we use Supabase Inc., 970 Toa Payoh North #07-04, Singapore 318992.

Data processing for European users takes place on servers within the European Union (AWS data centers in Frankfurt, Germany, region eu-central-1). Processing is based on a Data Processing Agreement with Supabase pursuant to Art. 28 GDPR.

For more information: supabase.com/privacy

4. AI Translation Processing (Mistral AI)

To provide translations, we use an AI service.

Provider: Mistral AI SAS, 15 Rue des Halles, 75001 Paris, France (EU)

Data processed: The text you enter for translation.

Processing location: Within the European Union (Paris, France).

Legal basis: Consent through active submission of the form (Art. 6 (1) (a) GDPR).

Retention: Inputs are processed for the translation only and are not permanently stored by Mistral AI.

Important: We have deactivated the training of our API inputs on AI models in the Mistral Admin settings. Your inputs are therefore not used to train AI models.

Processing is based on Mistral AI's Data Processing Addendum. For more information: mistral.ai/terms/privacy-policy

5. Web Analytics (Vercel Analytics)

We use Vercel Analytics to collect anonymized usage statistics.

Provider: Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA

Data processed: Aggregated, anonymous data such as page views, referrer, country, and device category.

Legal basis: Legitimate interest in improving our service (Art. 6 (1) (f) GDPR).

Special features: Vercel Analytics does not use cookies, does not store IP addresses in plaintext, and does not perform browser fingerprinting. Attribution to individual persons is not possible.

6. Cookies and Local Storage

Cookies: This website does not use tracking, analytics, or marketing cookies.

Local Storage (localStorage):We use your browser's localStorage to save technically necessary data for features like favorites and translation history. This data is stored exclusively on your device and is never transmitted to our servers or third parties. You can clear it at any time via your browser settings.

Legal basis: Legitimate interest in providing user-friendly functionality (Art. 6 (1) (f) GDPR) and § 25 paragraph 2 No. 2 TDDDG (technically necessary access to the end device).

7. Data Recipients

Your data may be processed by the following categories of recipients:

• Vercel Inc. (USA) — Website hosting and analytics. Transfer to the USA is based on the EU-US Data Privacy Framework.
• Mistral AI SAS (France, EU) — AI translation processing. EU-based.
• Supabase Inc. (EU Frankfurt / Singapore HQ) — Database storage for European users on EU servers.

We do not share your personal data with any other third parties unless we are legally obligated to do so (e.g., to law enforcement authorities).

8. International Data Transfers

As our functions are hosted on Vercel servers in the United States, user data is transferred to the USA during regular use. This transfer is based on the adequacy decision of the European Commission of July 10, 2023 (EU-US Data Privacy Framework). Vercel is certified under this Framework, which the European Commission considers to provide an adequate level of data protection comparable to the GDPR.

Our AI processing with Mistral AI takes place within the EU (Paris, France) and does not involve a third-country transfer.

Our database processing with Supabase for European users takes place on servers within the EU (Frankfurt, Germany).

9. Your Rights Under GDPR (EU / EEA / UK Residents)

Under the GDPR, you have the following rights:

• Right of access (Art. 15 GDPR): You may request information about whether and which of your personal data we process.
• Right to rectification (Art. 16 GDPR): You may request correction of inaccurate data or completion of incomplete data.
• Right to erasure (Art. 17 GDPR): You may request immediate deletion of your data, subject to statutory retention obligations.
• Right to restriction of processing (Art. 18 GDPR): You may request restriction of data processing, e.g., if you contest the accuracy of the data.
• Right to data portability (Art. 20 GDPR): You may request to receive your data in a structured, commonly used, machine-readable format.
• Right to object (Art. 21 GDPR): You may object to the processing of your data at any time for reasons relating to your particular situation.
• Right to withdraw consent (Art. 7 (3) GDPR): You may withdraw a given consent at any time with effect for the future.

To exercise your rights, please contact us at ck@leadkonzept.de.

10. Right to Lodge a Complaint (EU Residents)

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates applicable data protection law. The competent authority for our processing is:

Der Landesbeauftragte für Datenschutz und Informationsfreiheit Mecklenburg-Vorpommern
Lennéstraße 1
19053 Schwerin, Germany
Telephone: +49 385 59494-0
Email: info@datenschutz-mv.de
Website: datenschutz-mv.de

You may also lodge a complaint with the data protection authority in your country of residence.

11. Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to know: You may request information about the categories and specific pieces of personal information we have collected about you.
• Right to delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to correct: You may request correction of inaccurate personal information.
• Right to opt-out of sale/sharing: We do not sell or share personal information with third parties for monetary or other valuable consideration. No opt-out is required because no sale takes place.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise these rights, contact us at ck@leadkonzept.de.

12. Rights for Canadian Residents (PIPEDA)

If you are a resident of Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including:

• Right to access your personal information
• Right to correct inaccurate personal information
• Right to withdraw consent at any time (subject to legal and contractual restrictions)

To exercise these rights, contact us at ck@leadkonzept.de.

13. Data Security

We implement appropriate technical and organizational measures to protect your data against misuse, loss, and unauthorized access. All data transmissions between your browser and our website are encrypted using TLS/SSL technology (HTTPS).

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in our processing activities or legal requirements. The current version is always available on this page.

15. Contact

For any questions regarding this Privacy Policy or our data processing practices, contact:

Christoph Kaesler
Email: ck@leadkonzept.de
Address: Ernst-Rieck-Straße 4, 18225 Kühlungsborn, Germany