Privacy Policy

Last updated: January 2025

1. Introduction

We take your privacy seriously. This Privacy Policy explains how Paperoni.ai ("we", "us", or "our") collects, uses, and protects your personal data when you use our beta registration page, in compliance with the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Georg Bunzel
Theodor-Heuss-Str. 54
37075 Göttingen
Germany

Email: hello[at]paperoni.ai

3. Data We Collect

When you sign up for our beta program, we collect the following personal data:

  • Name – To address you personally
  • Email address – To send you beta access information and updates
  • Feature requests (optional) – To understand your needs and improve our product

We also automatically collect certain technical data through our service providers (see Section 6).

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Consent (Art. 6(1)(a) GDPR) – You voluntarily provide your data by submitting the beta signup form
  • Legitimate interest (Art. 6(1)(f) GDPR) – To protect our services against spam and abuse (via Cloudflare Turnstile)

5. Purpose of Data Processing

We use your personal data exclusively for:

  • Managing your beta program registration
  • Sending you information about beta access and product updates
  • Understanding user needs to improve our product
  • Protecting our services against spam and automated abuse

We will never sell your personal data to third parties or use it for unrelated marketing purposes.

6. Third-Party Service Providers

We use the following third-party services to process your data. All providers have been selected for their GDPR compliance:

Cloudflare (Pages & Turnstile)

Hosts this website and provides spam protection. Cloudflare may process IP addresses and browser information.
Cloudflare Privacy Policy

Web3Forms

Processes form submissions and forwards them to our email. Web3Forms stores submission data temporarily.
Web3Forms Privacy Policy

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Beta signup data: Until you withdraw consent or the beta program ends, after which data is deleted within 30 days
  • Technical logs: Automatically deleted by our service providers according to their retention policies (typically 30-90 days)

8. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15) – Request a copy of your personal data
  • Right to rectification (Art. 16) – Correct inaccurate personal data
  • Right to erasure (Art. 17) – Request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing (Art. 18) – Limit how we use your data
  • Right to data portability (Art. 20) – Receive your data in a machine-readable format
  • Right to object (Art. 21) – Object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3)) – Withdraw your consent at any time

To exercise any of these rights, please contact us at hello[at]paperoni.ai. We will respond within 30 days.

9. International Data Transfers

Some of our service providers may process data outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place:

  • Cloudflare operates under the EU-US Data Privacy Framework
  • Standard Contractual Clauses (SCCs) where applicable

10. Cookies and Tracking

We do not set any first-party cookies. This website is designed to be privacy-friendly:

  • Dark mode preference: Stored in your browser's localStorage (client-side only, never transmitted to any server)

Third-Party Cookies

Cloudflare Turnstile (spam protection) may set cookies on the challenges.cloudflare.com domain. These are:

  • Strictly necessary for security (bot detection)
  • Not used for tracking or advertising
  • Set on Cloudflare's domain, not ours

These cookies are considered "strictly necessary" under GDPR and ePrivacy Directive and do not require consent. We do not use analytics, advertising, or social media tracking of any kind.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • HTTPS encryption for all data transmission
  • Secure hosting infrastructure via Cloudflare
  • Access controls limiting who can view your data

12. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Right to Lodge a Complaint

If you believe we have violated your data protection rights, you have the right to lodge a complaint with a supervisory authority. You can contact:

  • The data protection authority in your country of residence
  • The data protection authority where the alleged violation occurred

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: hello[at]paperoni.ai