Privacy Policy

Last updated: 18 September 2025

At getfaind.com and app.getfaind.com (together, the “Website” or “App”), protecting your privacy is a priority. This Privacy Policy explains what we collect, how we use it, and what rights you have under the EU/UK GDPR. If you have questions, contact us at leif@getfaind.com.

1) Controller

leif ventures UG (haftungsbeschränkt)
Karl-Marx-Str. 250, 12057 Berlin, Germany
Commercial Register: HRB 170145 B, Local Court (Amtsgericht) Charlottenburg
Represented by: Leif Pritzel
Email: leif@getfaind.com

Data Protection Officer: Not appointed (not legally required). Contact person for privacy matters: Leif Pritzel (see above).

2) Scope

This Policy applies to our Website/App and to online interactions with us. It does not cover offline processing.

3) What we collect

  • Usage and log data: IP address, timestamps, requested URLs, referrer, user agent, response codes, error logs.
  • Account and access data: email address for registration/login via magic link, session identifiers, plan/subscription status.
  • Communications: messages you send us (support emails).
  • Product data (when you use our services): publicly accessible content of your verified domain (e.g., HTML, structured data, meta tags), and technical measurements (e.g., status codes, response times) needed to generate bot-readable static copies and visibility reports.
  • Analytics (only with consent): pseudonymous usage data via Google Analytics.

We do not collect full payment card numbers. Payments are processed by Stripe (see “Recipients and processors”).

4) Why we use your data (legal basis)

  • Provide and secure the Website/App: Art. 6(1)(f) GDPR (legitimate interests).
  • Account, login, subscriptions, billing, support: Art. 6(1)(b) GDPR (contract/steps prior).
  • Product features (Agentic Web CDN, AI Visibility Report): Art. 6(1)(b) GDPR (contract).
  • Compliance (tax, accounting): Art. 6(1)(c) GDPR (legal obligation).
  • Analytics (Google Analytics): Art. 6(1)(a) GDPR (consent via cookie banner).

5) How we use your data

We use the data to operate and protect the Website/App; authenticate you; manage subscriptions; deliver our product (creating bot-readable static copies of publicly available pages you control and sending indexing signals); generate and send requested visibility reports; answer support requests; and (if you consent) improve the Website/App through analytics.

6) Log files

Like most websites, we process server logs. The information may include IP address, browser, ISP, date/time, entry/exit pages and click counts. Logs are not combined with directly identifying information and are used to analyze trends, administer the site and ensure security.

7) Cookies and similar technologies

We use strictly necessary cookies for sessions and security (Art. 6(1)(f) GDPR). Optional cookies/technologies (e.g., analytics) are used only with your prior consent via our cookie banner (Art. 6(1)(a) GDPR). You can withdraw consent at any time in the banner settings.

8) Recipients and processors

We use carefully chosen service providers under Art. 28 GDPR (processor agreements and, where needed, Standard Contractual Clauses):

  • Hosting/Server: DigitalOcean LLC (region FRA1/DE)
  • CDN/Security: Cloudflare, Inc.
  • Email sending: Brevo (Sendinblue)
  • Payments: Stripe Payments Europe, Ltd. (and affiliates)
  • Web Analytics: Google Ireland Ltd. (Google Analytics, only with consent)
  • AI processing (technical analysis/restructuring of publicly available content you instruct us to process): OpenAI, L.L.C.; Anthropic PBC

A current list of sub-processors is available on request.

9) International transfers

Where data is processed outside the EEA/UK (e.g., USA), we rely on adequacy decisions (if available) or the EU Standard Contractual Clauses plus supplementary safeguards. Copies of the relevant transfer mechanisms are available on request.

10) Retention

  • Server logs: typically 30–90 days (longer only for security incidents).
  • Magic-link tokens: up to 15 minutes; successful login records up to 12 months (security proof).
  • Contract/billing records: retained per statutory rules (up to 10 years).
  • Product artifacts (e.g., shadow pages): retained for the term of your subscription; deleted within a reasonable period after termination.

11) Your rights

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and to object to processing based on Art. 6(1)(f) (Art. 21). Where processing relies on consent, you can withdraw consent at any time with future effect (Art. 7(3)). To exercise your rights, email leif@getfaind.com. We may need to verify your identity.

12) Complaint

You can lodge a complaint with any supervisory authority. Competent for us: Berliner Beauftragte für Datenschutz und Informationsfreiheit.

13) Children’s data

Our services are not directed to children under 16. We do not knowingly collect data from children.

14) Security

We implement appropriate technical and organizational measures per Art. 32 GDPR, including TLS encryption, access controls, logging and regular backups.

15) Processing on behalf of customers (SaaS)

For the Agentic Web CDN, we process only publicly accessible content of the customer’s verified domain to produce a static, bot-readable copy and associated technical signals. We act as a processor under Art. 28 GDPR and provide a data processing agreement. The customer remains responsible for the lawfulness of content and robots rules of the origin site.

16) Changes to this Policy

We may update this Policy if our services or legal requirements change. The current version is always available here.

Contact: leif ventures UG (haftungsbeschränkt), Karl-Marx-Str. 250, 12057 Berlin, Germany · Email: leif@getfaind.com