Privacy policy for the processing of personal data at LeonLab.ai.
Legal
This Privacy Policy explains the nature, scope and purpose of the processing of personal data in connection with the use of the LeonLab website and SaaS platform.
LeonLab UG (haftungsbeschränkt)
Cappelerstr. 130B
35039 Marburg
Germany
Email: [email protected]
Navid Behnami
Our website and SaaS platform are hosted by OVHcloud. When users access our website or use the platform, technical access data is processed, in particular IP address, date and time of access, pages accessed, browser type, operating system and server log files.
This processing is necessary to provide the website and platform securely, reliably and stably. The legal basis is Art. 6(1)(f) GDPR.
We process personal data that is generated when users access our website or SaaS platform, or that users actively provide to us. This includes in particular:
Users can sign in via Google Login. Depending on the permissions granted by the user, we may process the user's name, email address, profile picture and technical identification data of the Google account. This processing is carried out to provide a simple and secure login based on Art. 6(1)(b) GDPR.
If users contact us via a contact form, we process the information entered in order to handle the request and possible follow-up questions. The legal basis is Art. 6(1)(b) GDPR where the request relates to a contract or pre-contractual measures, and otherwise Art. 6(1)(f) GDPR.
If users subscribe to our newsletter, we process the data required for this purpose, in particular the email address. The newsletter is sent through an internal LeonLab service; no external newsletter provider is used for this purpose.
Subscription takes place only with the user's consent. The legal basis is Art. 6(1)(a) GDPR. Users may unsubscribe from the newsletter at any time.
We use Google Analytics, a web analytics service provided by Google, to analyze the use of our website and improve our offering. In particular, technical usage data, device information, browser information, approximate location, usage behavior and cookie information may be processed.
Google Analytics is used only if users have given their consent through our cookie banner. The legal basis is Art. 6(1)(a) GDPR. Consent can be withdrawn at any time through the cookie settings.
We use necessary cookies and, where users consent, analytics cookies. Necessary cookies are required for the technical operation of the website and SaaS platform. Analytics cookies, in particular for Google Analytics, are set only after prior consent.
Users can change their cookie settings or withdraw consent at any time through our own cookie banner.
For paid services, we use Stripe as a payment service provider. Payment, billing and transaction data are processed to the extent necessary to process payments, issue invoices and comply with legal obligations.
The legal bases are Art. 6(1)(b) GDPR for contract performance and Art. 6(1)(c) GDPR for legal retention obligations.
LeonLab processes WordPress project data only to the extent necessary to provide the functions requested by the user. This may include website URLs, technical website information, plugin and theme data, analysis results, logs, and credentials, tokens or application passwords provided by the user.
Users can delete connected WordPress projects and related data at any time or disconnect the connection. After deletion, the corresponding data will be deleted unless statutory retention obligations or security interests prevent deletion.
To provide AI functions, we use Azure OpenAI by Microsoft. Content entered by users, prompts, project information, technical context data and system responses may be processed to the extent necessary to perform the requested functions.
LeonLab uses Azure OpenAI in particular for data protection and GDPR reasons. AI processing is provided through a European Azure region or EU Data Zone, so that AI data is processed within the European Union or the European Economic Area.
The processing is carried out to provide the SaaS and AI functions on the basis of Art. 6(1)(b) GDPR. Where Azure OpenAI is used as a service provider, the processing is based on corresponding contractual agreements with Microsoft.
We do not use content transmitted to Azure OpenAI for our own training purposes. Processing takes place only to the extent necessary to provide the functions requested by the user.
The processing of personal data is carried out on the basis of the GDPR. Depending on the processing activity, we rely in particular on the following legal bases:
To provide our website and SaaS platform, we use service providers, in particular OVHcloud for hosting, Google for login and analytics, Stripe for payment processing and Microsoft Azure OpenAI for AI functions. Azure OpenAI is used in a European Azure region or EU Data Zone to ensure processing within the EU or EEA.
We store personal data only for as long as necessary for the respective purposes or as required by statutory retention obligations.
Data subjects have the right, in accordance with the GDPR, to access, rectification, erasure, restriction of processing, data portability and objection to certain processing activities. Consent given may be withdrawn at any time with effect for the future.
To exercise these rights, users can contact us at [email protected] .
Data subjects have the right to lodge a complaint with a data protection supervisory authority if they believe that the processing of their personal data violates data protection law.
Note
This template is a technical and content basis for the website. For a legally secure final version, it should be reviewed by a legal professional if necessary.