Privacy policy
[FOUNDER: review with a Steuerberater/lawyer before public launch; fill the slots. This is a plain-language draft covering what the site actually does.]
Who is responsible: [FOUNDER: full name and address, same as the imprint]. Contact: [FOUNDER: email].
What this site stores, and why:
- Your email address — when you unlock a free use case, join a waitlist, follow for updates, or send feedback with a reply address. Used to give you access, save your progress, and (waitlist/follow) notify you about the thing you asked about. Waitlist and follow subscriptions use double opt-in: you receive updates only after clicking the confirmation link we email you, and you can unsubscribe from any update email. Legal basis: performing what you requested (Art. 6(1)(b) GDPR) and your consent (Art. 6(1)(a)).
- Your progress — which use cases you unlocked and which steps you completed, linked to your email.
- Feedback messages — what you write in the "Send me an idea" form.
- Anonymous usage statistics — page visits with an anonymized identifier (a hash; no name, no full IP stored) and the referring site. Used to understand which use cases help people. No third-party analytics, no advertising trackers, no cookies beyond one sign-in cookie.
Sign-in cookie: after you click a sign-in link, a cookie keeps you signed in (up to 1 year). It contains only your account reference.
Who else processes data:
- Resend (resend.com) sends the sign-in link emails.
- Gumroad (gumroad.com) handles purchases as the seller of record; their own privacy policy applies at checkout.
- [FOUNDER: hosting provider name] hosts the site and database.
Your rights (GDPR): access, correction, deletion, restriction, portability, objection, and complaint to a supervisory authority. For any of these, email [FOUNDER: email] — deletion requests are honored manually within 30 days.
Data is not sold or shared beyond the processors listed above.